Submitted URL: https://waaw.to/f/lQbgDcfHP0gT
Effective URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111...
Submission: On May 15 via manual from US — Scanned from DE

Summary

This website contacted 124 IPs in 11 countries across 102 domains to perform 500 HTTP transactions. The main IP is 2606:4700:3033::ac43:8aeb, located in United States and belongs to CLOUDFLARENET, US. The main domain is eqywj.katerionews.com.
TLS certificate: Issued by GTS CA 1P5 on April 25th 2023. Valid for: 3 months.
This is the only time eqywj.katerionews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
23 190.115.19.71 262254 (DDOS-GUAR...)
6 2606:4700::68... 13335 (CLOUDFLAR...)
33 2606:4700:303... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
2 205.185.216.10 20446 (STACKPATH...)
8 34.107.214.50 396982 (GOOGLE-CL...)
6 172.67.10.198 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
27 2a00:1450:400... 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
13 34.117.33.6 396982 (GOOGLE-CL...)
4 45.133.44.4 39572 (ADVANCEDH...)
9 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
8 52.222.208.154 16509 (AMAZON-02)
4 185.239.173.226 55081 (24SHELLS)
5 188.65.124.90 41690 (DAILYMOTI...)
1 45.133.44.3 39572 (ADVANCEDH...)
2 52.222.209.4 16509 (AMAZON-02)
12 34.250.48.151 16509 (AMAZON-02)
1 2 147.75.84.158 54825 (PACKET)
4 216.52.2.39 30282 (AS-INAPCD...)
4 2a02:2638:3::7 44788 (ASN-CRITE...)
5 51.38.120.206 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 185.94.180.124 35220 (SPOTX-AMS)
4 2606:4700:303... 13335 (CLOUDFLAR...)
26 2607:f8b0:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
27 2a00:1450:400... 15169 (GOOGLE)
1 69.16.175.42 20446 (STACKPATH...)
1 2001:4860:486... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 54.211.104.237 14618 (AMAZON-AES)
3 23.21.77.250 14618 (AMAZON-AES)
2 2 198.148.27.139 19189 (PULSEPOINT)
4 44.206.122.152 14618 (AMAZON-AES)
1 4 2.16.186.16 20940 (AKAMAI-ASN1)
2 3 34.98.64.218 396982 (GOOGLE-CL...)
2 2 35.214.153.92 15169 (GOOGLE)
4 6 3.75.62.37 16509 (AMAZON-02)
7 8 213.19.147.45 3356 (LEVEL3)
11 23.35.236.201 16625 (AKAMAI-AS)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
5 10 37.252.173.215 29990 (ASN-APPNEX)
4 4 23.201.255.110 16625 (AKAMAI-AS)
2 18.194.110.75 16509 (AMAZON-02)
4 8 18.159.144.147 16509 (AMAZON-02)
10 2a02:2638:3::3 44788 (ASN-CRITE...)
16 178.79.242.16 22822 (LLNW)
5 9 2a02:2638:3::c 44788 (ASN-CRITE...)
3 162.19.138.118 16276 (OVH)
1 18.66.112.30 16509 (AMAZON-02)
1 185.64.190.78 62713 (AS-PUBMATIC)
1 54.194.11.185 16509 (AMAZON-02)
1 7 185.86.138.154 201081 (SMARTADSE...)
2 10 185.80.39.216 27381 (CASALE-MEDIA)
4 23.56.202.187 16625 (AKAMAI-AS)
1 2600:9000:223... 16509 (AMAZON-02)
2 77.245.57.72 36057 (WEBAIR-IN...)
1 54.80.185.211 14618 (AMAZON-AES)
2 2 34.250.118.165 16509 (AMAZON-02)
2 2 2001:678:cb4:... 56396 (AMOBEE)
1 1 193.0.160.130 54312 (ROCKETFUEL)
1 69.166.1.12 27630 (AS-XFERNET)
1 1 54.235.234.56 14618 (AMAZON-AES)
2 52.59.66.197 16509 (AMAZON-02)
1 1 23.212.88.20 16625 (AKAMAI-AS)
1 162.19.138.82 16276 (OVH)
3 5 52.46.128.147 16509 (AMAZON-02)
3 52.223.40.198 16509 (AMAZON-02)
5 8 142.250.186.98 15169 (GOOGLE)
1 1 34.95.81.168 396982 (GOOGLE-CL...)
1 1 34.111.151.213 396982 (GOOGLE-CL...)
2 3 64.74.236.159 19024 (INTERNAP-...)
1 3 178.250.7.11 44788 (ASN-CRITE...)
1 15 34.247.205.196 16509 (AMAZON-02)
1 34.160.236.64 15169 (GOOGLE)
1 1 54.205.93.130 14618 (AMAZON-AES)
1 1 2.23.197.190 16625 (AKAMAI-AS)
3 5 70.42.32.95 22075 (AS-OUTBRAIN)
2 2 2a05:d018:d29... 16509 (AMAZON-02)
1 1 54.225.103.173 14618 (AMAZON-AES)
1 1 2603:c020:400... 31898 (ORACLE-BM...)
1 169.197.150.8 398989 (DEEPINTENT)
2 3 176.34.128.152 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 8.2.111.13 46636 (NATCOWEB)
1 1 185.29.132.241 30419 (MEDIAMATH...)
2 2 151.101.66.49 54113 (FASTLY)
1 1 124.146.215.49 2514 (INFOSPHER...)
1 80.77.87.162 46636 (NATCOWEB)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
1 8.43.72.98 26667 (RUBICONPR...)
3 188.65.124.59 41690 (DAILYMOTI...)
3 7 69.173.144.138 26667 (RUBICONPR...)
2 3 54.239.33.158 16509 (AMAZON-02)
4 4 69.173.144.165 26667 (RUBICONPR...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
4 185.64.189.221 62713 (AS-PUBMATIC)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 188.65.124.91 41690 (DAILYMOTI...)
1 35.186.253.211 15169 (GOOGLE)
2 37.157.3.28 198622 (ADFORM)
1 188.65.124.66 41690 (DAILYMOTI...)
1 2a00:1450:400... 15169 (GOOGLE)
2 188.65.126.210 41690 (DAILYMOTI...)
2 2606:4700:e4:... 13335 (CLOUDFLAR...)
2 2a04:4e42:600... 54113 (FASTLY)
1 3 2a02:6b8::1:119 208722 (GLOBAL_DC)
2 178.250.7.13 44788 (ASN-CRITE...)
1 23.35.236.188 16625 (AKAMAI-AS)
1 2600:9000:223... 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2a02:2638:d::7 44788 (ASN-CRITE...)
1 2a02:2638:3::12 44788 (ASN-CRITE...)
2 178.250.1.6 44788 (ASN-CRITE...)
1 178.250.1.9 44788 (ASN-CRITE...)
1 2a02:2638:3::1a 44788 (ASN-CRITE...)
2 2 52.30.242.179 16509 (AMAZON-02)
1 1 51.255.68.171 16276 (OVH)
1 2 141.226.228.48 200478 (TABOOLA-AS)
1 95.101.148.20 16625 (AKAMAI-AS)
1 104.102.35.84 16625 (AKAMAI-AS)
1 76.223.111.18 16509 (AMAZON-02)
1 185.255.84.152 200271 (IGUANE-)
1 2 52.49.215.81 16509 (AMAZON-02)
1 34.117.157.22 396982 (GOOGLE-CL...)
1 52.57.167.241 16509 (AMAZON-02)
1 185.64.190.80 62713 (AS-PUBMATIC)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 85.215.5.31 6786 (CRONON-BE...)
1 23.215.16.120 16625 (AKAMAI-AS)
1 54.76.13.171 16509 (AMAZON-02)
1 3.248.4.155 16509 (AMAZON-02)
1 3.138.71.54 ()
500 124
Apex Domain
Subdomains
Transfer
41 doubleclick.net
pubads.g.doubleclick.net — Cisco Umbrella Rank: 425
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
cm.g.doubleclick.net — Cisco Umbrella Rank: 234
213 KB
38 googlesyndication.com
a1fb36eb5e79c4c336a78c85999d0db3.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 107
tpc.googlesyndication.com — Cisco Umbrella Rank: 143
309 KB
33 gstatic.com
fonts.gstatic.com
csi.gstatic.com
www.gstatic.com
270 KB
33 katerionews.com
eqywj.katerionews.com
katerionews.com — Cisco Umbrella Rank: 567896
415 KB
32 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 50
ajax.googleapis.com — Cisco Umbrella Rank: 385
imasdk.googleapis.com — Cisco Umbrella Rank: 468
5 MB
26 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 733
gum.criteo.com — Cisco Umbrella Rank: 429
dis.criteo.com — Cisco Umbrella Rank: 674
mug.criteo.com — Cisco Umbrella Rank: 2429
ssp-sync.criteo.com — Cisco Umbrella Rank: 1062
ads.eu.criteo.com — Cisco Umbrella Rank: 8901
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10844
widget.nl3.eu.criteo.com — Cisco Umbrella Rank: 20950
43 KB
23 waaw.to
waaw.to — Cisco Umbrella Rank: 111195
208 KB
22 rubiconproject.com
video-ads.rubiconproject.com — Cisco Umbrella Rank: 7710
optimized-by.rubiconproject.com — Cisco Umbrella Rank: 5214
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1111
eus.rubiconproject.com — Cisco Umbrella Rank: 589
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1113
pixel.rubiconproject.com — Cisco Umbrella Rank: 352
token.rubiconproject.com — Cisco Umbrella Rank: 600
28 KB
18 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 310
aax.amazon-adsystem.com — Cisco Umbrella Rank: 406
s.amazon-adsystem.com — Cisco Umbrella Rank: 293
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1052
136 KB
17 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 514
vpaid.pubmatic.com — Cisco Umbrella Rank: 4784
image6.pubmatic.com — Cisco Umbrella Rank: 746
st.pubmatic.com — Cisco Umbrella Rank: 1141
simage2.pubmatic.com — Cisco Umbrella Rank: 707
153 KB
16 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1630
usersync.gumgum.com — Cisco Umbrella Rank: 1933
5 KB
16 dmcdn.net
static1.dmcdn.net — Cisco Umbrella Rank: 8202
vendorlist.dmcdn.net — Cisco Umbrella Rank: 12982
575 KB
13 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2251
public.servenobid.com — Cisco Umbrella Rank: 3980
8 KB
13 track-selectmedia.com
track-selectmedia.com — Cisco Umbrella Rank: 35238
616 B
11 criteo.net
static.criteo.net — Cisco Umbrella Rank: 664
csm.eu.criteo.net — Cisco Umbrella Rank: 8920
188 KB
11 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 440
ib.adnxs.com — Cisco Umbrella Rank: 232
acdn.adnxs.com — Cisco Umbrella Rank: 611
663 KB
10 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 463
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 575
dsum.casalemedia.com — Cisco Umbrella Rank: 1344
r.casalemedia.com — Cisco Umbrella Rank: 1403
8 KB
10 aniview.com
vast.aniview.com — Cisco Umbrella Rank: 6463
player.aniview.com — Cisco Umbrella Rank: 2220
gov.aniview.com — Cisco Umbrella Rank: 5322
track1.aniview.com — Cisco Umbrella Rank: 2203
sync.aniview.com — Cisco Umbrella Rank: 2263
131 KB
9 dailymotion.com
geo.dailymotion.com — Cisco Umbrella Rank: 7721
www.dailymotion.com — Cisco Umbrella Rank: 8623
speedtest.dailymotion.com — Cisco Umbrella Rank: 9609
dmxleo.dailymotion.com — Cisco Umbrella Rank: 8474
proxy-045.dc3.dailymotion.com — Cisco Umbrella Rank: 431630
200 KB
8 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 324
2 KB
8 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 301
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 448
2 KB
8 adipolo.com
player.aplhb.adipolo.com — Cisco Umbrella Rank: 77852
ghb.aplhb.adipolo.com — Cisco Umbrella Rank: 86457
127 KB
7 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 776
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 607
2 KB
7 serv-selectmedia.com
serv-selectmedia.com — Cisco Umbrella Rank: 36864
318 KB
7 google.com
adservice.google.com — Cisco Umbrella Rank: 83
www.google.com — Cisco Umbrella Rank: 2
3 KB
6 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 547
3 KB
6 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 639
ce.lijit.com — Cisco Umbrella Rank: 926
2 KB
6 smilewanted.com
tags.smilewanted.com — Cisco Umbrella Rank: 245646
prebid.smilewanted.com — Cisco Umbrella Rank: 6274 Failed
tags-videos.smilewanted.com — Cisco Umbrella Rank: 301436
19 KB
6 unpkg.com
unpkg.com — Cisco Umbrella Rank: 930
103 KB
5 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 765
1 KB
5 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 798
737 B
4 openx.net
u.openx.net — Cisco Umbrella Rank: 683
us-u.openx.net — Cisco Umbrella Rank: 472
rtb.openx.net — Cisco Umbrella Rank: 1307
1 KB
4 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 580
2 KB
4 google.de
adservice.google.de — Cisco Umbrella Rank: 7680
940 B
4 testingmetriksbre.ru
testingmetriksbre.ru — Cisco Umbrella Rank: 93506
4 KB
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3374
2 KB
3 dm-event.net
pebed.dm-event.net — Cisco Umbrella Rank: 8989
1 KB
3 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 681
1 KB
3 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 562
1 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 356
793 B
3 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 444
2 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 192
130 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 220
2 KB
2 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 991
sync-t1.taboola.com — Cisco Umbrella Rank: 1306
328 B
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 559
1 KB
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1651
24 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 379
89 KB
2 videocdnmetrika.com
videocdnmetrika.com — Cisco Umbrella Rank: 69545
2 KB
2 adform.net
cm.adform.net — Cisco Umbrella Rank: 1268
268 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 527
701 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 682
649 B
2 media.net
hbx.media.net — Cisco Umbrella Rank: 1279
contextual.media.net — Cisco Umbrella Rank: 635
1 KB
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 540
721 B
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1173
869 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 949
868 B
2 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1096
320 B
2 vidoomy.com
vid.vidoomy.com — Cisco Umbrella Rank: 2618
vpaid.vidoomy.com — Cisco Umbrella Rank: 3286
19 KB
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1003
608 B
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 573
1 KB
2 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 311
33 KB
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 983
416 B
2 greeter.me
jscdn.greeter.me — Cisco Umbrella Rank: 87442
16 KB
1 thebrighttag.com
s.thebrighttag.com
268 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 612
338 B
1 yieldmo.com
sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2256
38 B
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4156
400 B
1 twiago.com
a.twiago.com — Cisco Umbrella Rank: 28656
153 B
1 tremorhub.com
criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2413
400 B
1 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1315
885 B
1 ivitrack.com
matching.ivitrack.com — Cisco Umbrella Rank: 2701
274 B
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 938
235 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 389
140 B
1 teads.tv
criteo-sync.teads.tv — Cisco Umbrella Rank: 1959
172 B
1 nrich.ai
dsp.nrich.ai — Cisco Umbrella Rank: 3136
563 B
1 geoedge.be
wrappers.geoedge.be — Cisco Umbrella Rank: 26303
3 KB
1 youtube.com
www.youtube.com — Cisco Umbrella Rank: 85
1 googlevideo.com
rr1---sn-5hneknes.googlevideo.com — Cisco Umbrella Rank: 50755
2 MB
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 414
648 B
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1076
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1080
700 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 505
671 B
1 iqzone.com
cs.iqzone.com — Cisco Umbrella Rank: 3548
189 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1098
44 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1433
338 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 974
465 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 548
766 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 700
885 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1220
213 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1696
349 B
1 digitaleast.mobi
euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 31657
269 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1065
408 B
1 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1406
276 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 984
498 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 806
729 B
1 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 3235
329 B
1 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 4111
485 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1044
554 B
1 dns.google
dns.google — Cisco Umbrella Rank: 1161
527 B
1 commentsmodule.com
commentsmodule.com — Cisco Umbrella Rank: 77290
1 spotxchange.com
search.spotxchange.com — Cisco Umbrella Rank: 643
1 KB
1 adtelligent.com
player.adtelligent.com — Cisco Umbrella Rank: 7420
5 KB
1 adipolosolutions.com
player.adipolosolutions.com — Cisco Umbrella Rank: 886022
37 KB
500 102
Domain Requested by
30 katerionews.com eqywj.katerionews.com
27 pagead2.googlesyndication.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
imasdk.googleapis.com
eqywj.katerionews.com
tpc.googlesyndication.com
www.googletagservices.com
27 imasdk.googleapis.com tags.smilewanted.com
imasdk.googleapis.com
serv-selectmedia.com
geo.dailymotion.com
eqywj.katerionews.com
static1.dmcdn.net
26 csi.gstatic.com imasdk.googleapis.com
23 waaw.to waaw.to
eqywj.katerionews.com
unpkg.com
18 pubads.g.doubleclick.net tags.smilewanted.com
imasdk.googleapis.com
eqywj.katerionews.com
15 usersync.gumgum.com 1 redirects g2.gumgum.com
15 static1.dmcdn.net geo.dailymotion.com
static1.dmcdn.net
eqywj.katerionews.com
13 track-selectmedia.com eqywj.katerionews.com
serv-selectmedia.com
12 ads.servenobid.com player.aplhb.adipolo.com
public.servenobid.com
ssum-sec.casalemedia.com
ssbsync.smartadserver.com
g2.gumgum.com
10 static.criteo.net player.aplhb.adipolo.com
static.criteo.net
ads.eu.criteo.com
acdn.adnxs.com
10 tpc.googlesyndication.com eqywj.katerionews.com
imasdk.googleapis.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
9 gum.criteo.com 5 redirects player.aplhb.adipolo.com
static.criteo.net
waaw.to
9 securepubads.g.doubleclick.net jscdn.greeter.me
securepubads.g.doubleclick.net
waaw.to
www.googletagservices.com
8 cm.g.doubleclick.net 5 redirects g2.gumgum.com
eus.rubiconproject.com
8 x.bidswitch.net 4 redirects eqywj.katerionews.com
ads.eu.criteo.com
8 c.amazon-adsystem.com player.aplhb.adipolo.com
c.amazon-adsystem.com
serv-selectmedia.com
7 pixel.rubiconproject.com 3 redirects eus.rubiconproject.com
ads.eu.criteo.com
7 secure.adnxs.com 2 redirects player.aniview.com
ads.eu.criteo.com
7 ads.pubmatic.com player.aniview.com
public.servenobid.com
g2.gumgum.com
vpaid.pubmatic.com
7 serv-selectmedia.com player.adipolosolutions.com
serv-selectmedia.com
6 sync.1rx.io 6 redirects
6 ups.analytics.yahoo.com 4 redirects player.aniview.com
ads.eu.criteo.com
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
eqywj.katerionews.com
6 unpkg.com waaw.to
5 sync.outbrain.com 3 redirects g2.gumgum.com
ads.eu.criteo.com
5 s.amazon-adsystem.com 3 redirects ssum-sec.casalemedia.com
eus.rubiconproject.com
5 adservice.google.com imasdk.googleapis.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
5 onetag-sys.com player.aplhb.adipolo.com
player.aniview.com
public.servenobid.com
acdn.adnxs.com
5 fonts.gstatic.com fonts.googleapis.com
4 ssp-sync.criteo.com waaw.to
eqywj.katerionews.com
4 st.pubmatic.com eqywj.katerionews.com
4 token.rubiconproject.com 4 redirects
4 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
4 rtb-csync.smartadserver.com public.servenobid.com
ssbsync.smartadserver.com
ads.eu.criteo.com
4 eus.rubiconproject.com public.servenobid.com
eus.rubiconproject.com
g2.gumgum.com
4 ssum-sec.casalemedia.com 1 redirects public.servenobid.com
ssum-sec.casalemedia.com
g2.gumgum.com
4 vpaid.pubmatic.com player.aniview.com
4 ads.stickyadstv.com 1 redirects player.aniview.com
4 sync.aniview.com player.aniview.com
4 adservice.google.de imasdk.googleapis.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
4 testingmetriksbre.ru waaw.to
testingmetriksbre.ru
4 bidder.criteo.com player.aplhb.adipolo.com
acdn.adnxs.com
waaw.to
4 ap.lijit.com player.aplhb.adipolo.com
player.aniview.com
public.servenobid.com
acdn.adnxs.com
4 ghb.aplhb.adipolo.com player.aplhb.adipolo.com
4 player.aplhb.adipolo.com jscdn.greeter.me
player.aplhb.adipolo.com
4 fonts.googleapis.com eqywj.katerionews.com
tags.smilewanted.com
waaw.to
3 mc.yandex.ru 1 redirects videocdnmetrika.com
eqywj.katerionews.com
3 aax-eu.amazon-adsystem.com 2 redirects eus.rubiconproject.com
3 pebed.dm-event.net geo.dailymotion.com
static1.dmcdn.net
3 ad.360yield.com 2 redirects ads.eu.criteo.com
3 dis.criteo.com 1 redirects eqywj.katerionews.com
3 b1sync.zemanta.com 2 redirects ssbsync.smartadserver.com
3 match.adsrvr.org ssum-sec.casalemedia.com
g2.gumgum.com
eus.rubiconproject.com
3 ib.adnxs.com 3 redirects
3 ssbsync.smartadserver.com 1 redirects public.servenobid.com
ssum-sec.casalemedia.com
3 id5-sync.com player.aplhb.adipolo.com
ads.eu.criteo.com
3 track1.aniview.com eqywj.katerionews.com
player.aniview.com
3 geo.dailymotion.com tags.smilewanted.com
geo.dailymotion.com
3 www.googletagservices.com jscdn.greeter.me
securepubads.g.doubleclick.net
3 tags.smilewanted.com eqywj.katerionews.com
tags.smilewanted.com
3 eqywj.katerionews.com waaw.to
eqywj.katerionews.com
2 dpm.demdex.net 1 redirects
2 match.prod.bidr.io 2 redirects
2 cat.nl3.eu.criteo.com eqywj.katerionews.com
ads.eu.criteo.com
2 script.4dex.io acdn.adnxs.com
script.4dex.io
2 mug.criteo.com
2 cdn.jsdelivr.net videocdnmetrika.com
acdn.adnxs.com
2 videocdnmetrika.com testingmetriksbre.ru
videocdnmetrika.com
2 proxy-045.dc3.dailymotion.com static1.dmcdn.net
2 cm.adform.net eqywj.katerionews.com
ads.eu.criteo.com
2 www.gstatic.com static1.dmcdn.net
www.gstatic.com
2 www.dailymotion.com geo.dailymotion.com
static1.dmcdn.net
2 creativecdn.com 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 www.google.com tpc.googlesyndication.com
2 pr-bh.ybp.yahoo.com 2 redirects
2 us-u.openx.net 2 redirects
2 match.sharethrough.com public.servenobid.com
ads.eu.criteo.com
2 sync.targeting.unrulymedia.com 1 redirects ssbsync.smartadserver.com
2 ad.turn.com 2 redirects
2 ce.lijit.com 2 redirects
2 sync.adkernel.com public.servenobid.com
g2.gumgum.com
2 secure-assets.rubiconproject.com 2 redirects
2 optimized-by.rubiconproject.com eqywj.katerionews.com
2 video-ads.rubiconproject.com 2 redirects
2 csync.loopme.me 2 redirects
2 bh.contextweb.com 2 redirects
2 s0.2mdn.net imasdk.googleapis.com
2 prebid.a-mo.net 1 redirects player.aplhb.adipolo.com
2 aax.amazon-adsystem.com c.amazon-adsystem.com
2 prebid.smilewanted.com tags.smilewanted.com
2 jscdn.greeter.me eqywj.katerionews.com
1 s.thebrighttag.com
1 beacon.krxd.net
1 sync-criteo.ads.yieldmo.com ads.eu.criteo.com
1 ad.yieldlab.net ads.eu.criteo.com
1 a.twiago.com ads.eu.criteo.com
1 criteo-partners.tremorhub.com ads.eu.criteo.com
1 simage2.pubmatic.com ads.eu.criteo.com
1 exchange.mediavine.com ads.eu.criteo.com
1 matching.ivitrack.com ads.eu.criteo.com
1 r.casalemedia.com ads.eu.criteo.com
1 visitor.omnitagjs.com ads.eu.criteo.com
1 eb2.3lift.com ads.eu.criteo.com
1 criteo-sync.teads.tv ads.eu.criteo.com
1 sync-t1.taboola.com ads.eu.criteo.com
1 contextual.media.net ads.eu.criteo.com
1 sync.taboola.com 1 redirects
1 dsp.nrich.ai 1 redirects
1 csm.eu.criteo.net ads.eu.criteo.com
1 widget.nl3.eu.criteo.com ads.eu.criteo.com
1 ads.eu.criteo.com acdn.adnxs.com
1 wrappers.geoedge.be acdn.adnxs.com
1 acdn.adnxs.com securepubads.g.doubleclick.net
1 www.youtube.com eqywj.katerionews.com
1 dmxleo.dailymotion.com static1.dmcdn.net
1 rtb.openx.net eqywj.katerionews.com
1 speedtest.dailymotion.com static1.dmcdn.net
1 rr1---sn-5hneknes.googlevideo.com eqywj.katerionews.com
1 vpaid.vidoomy.com vid.vidoomy.com
1 vendorlist.dmcdn.net static1.dmcdn.net
1 px.ads.linkedin.com eus.rubiconproject.com
1 pixel-us-east.rubiconproject.com eus.rubiconproject.com
1 cs.admanmedia.com g2.gumgum.com
1 tg.socdm.com 1 redirects
1 sync.mathtag.com 1 redirects
1 cs.iqzone.com g2.gumgum.com
1 match.deepintent.com g2.gumgum.com
1 sync.technoratimedia.com 1 redirects
1 sync.ipredictive.com 1 redirects
1 stags.bluekai.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 odr.mookie1.com g2.gumgum.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 dmp.brand-display.com 1 redirects
1 euexchangesync.digitaleast.mobi 1 redirects
1 lb.eu-1-id5-sync.com player.aplhb.adipolo.com
1 hbx.media.net 1 redirects
1 ssp.disqus.com 1 redirects
1 sync.go.sonobi.com public.servenobid.com
1 p.rfihub.com 1 redirects
1 cs-server-s2s.yellowblue.io public.servenobid.com
1 cs-rtb.minutemedia-prebid.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 image6.pubmatic.com ads.pubmatic.com
1 public.servenobid.com player.aplhb.adipolo.com
1 vid.vidoomy.com player.aniview.com
1 u.openx.net player.aniview.com
1 gov.aniview.com player.aniview.com
1 player.aniview.com tpc.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 dns.google waaw.to
1 vast.aniview.com imasdk.googleapis.com
1 commentsmodule.com waaw.to
1 search.spotxchange.com imasdk.googleapis.com
1 a1fb36eb5e79c4c336a78c85999d0db3.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 player.adtelligent.com player.aplhb.adipolo.com
1 tags-videos.smilewanted.com tags.smilewanted.com
1 ajax.googleapis.com eqywj.katerionews.com
1 player.adipolosolutions.com eqywj.katerionews.com
500 161

This site contains links to these domains. Also see Links.

Domain
katerionews.com
wordpress.org
www.acmethemes.com
Subject Issuer Validity Valid
*.waaw.to
Sectigo ECC Domain Validation Secure Server CA
2023-03-26 -
2024-04-13
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-02 -
2024-05-01
a year crt.sh
katerionews.com
GTS CA 1P5
2023-04-25 -
2023-07-24
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
greeter.me
E1
2023-04-15 -
2023-07-14
3 months crt.sh
player.adipolosolutions.com
GTS CA 1D4
2023-03-22 -
2023-06-20
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
track-selectmedia.com
GTS CA 1D4
2023-04-30 -
2023-07-29
3 months crt.sh
player.aplhb.adipolo.com
R3
2023-03-21 -
2023-06-19
3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-02-28 -
2024-02-17
a year crt.sh
ghb.aplhb.adipolo.com
ZeroSSL ECC Domain Secure Site CA
2023-04-06 -
2023-07-05
3 months crt.sh
www.dailymotion.com
ZeroSSL ECC Domain Secure Site CA
2023-03-25 -
2023-06-23
3 months crt.sh
player.adtelligent.com
R3
2023-03-22 -
2023-06-20
3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01
2023-03-16 -
2024-03-08
a year crt.sh
ads.servenobid.com
Amazon RSA 2048 M01
2023-04-29 -
2024-05-27
a year crt.sh
*.a-mo.net
R3
2023-04-13 -
2023-07-12
3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2022-06-27 -
2023-06-05
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-05-12 -
2023-08-10
3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-12-28 -
2024-01-28
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
*.google.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018
2023-02-28 -
2024-03-28
a year crt.sh
testingmetriksbre.ru
GTS CA 1P5
2023-04-22 -
2023-07-21
3 months crt.sh
*.google.de
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
commentsmodule.com
GTS CA 1P5
2023-04-18 -
2023-07-17
3 months crt.sh
*.aniview.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1
2022-07-14 -
2023-08-14
a year crt.sh
serv-selectmedia.com
GTS CA 1D4
2023-05-14 -
2023-08-12
3 months crt.sh
dns.google
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1
2023-04-16 -
2024-04-16
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-02-21 -
2023-08-16
6 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1
2023-01-25 -
2024-01-24
a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA
2022-09-01 -
2023-10-02
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2023-03-23 -
2024-03-23
a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-03-24 -
2023-06-18
3 months crt.sh
*.dmcdn.net
ZeroSSL RSA Domain Secure Site CA
2023-03-13 -
2023-06-11
3 months crt.sh
*.id5-sync.com
R3
2023-04-18 -
2023-07-17
3 months crt.sh
*.servenobid.com
Amazon RSA 2048 M02
2023-02-21 -
2024-02-05
a year crt.sh
gumgum.com
Amazon RSA 2048 M01
2023-02-14 -
2023-10-05
8 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-01-21 -
2024-01-23
a year crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2
2022-12-13 -
2024-01-13
a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-03-07 -
2024-04-03
a year crt.sh
*.minutemedia-prebid.com
Amazon RSA 2048 M01
2023-05-01 -
2024-05-29
a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4
2023-01-03 -
2024-02-04
a year crt.sh
*.yellowblue.io
Amazon RSA 2048 M01
2023-03-24 -
2024-04-21
a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2
2022-12-06 -
2024-01-07
a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M02
2023-02-10 -
2023-08-12
6 months crt.sh
*.eu-1-id5-sync.com
R3
2023-04-18 -
2023-07-17
3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh
*.zemanta.com
DigiCert TLS RSA SHA256 2020 CA1
2022-08-16 -
2023-09-06
a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2
2022-11-30 -
2024-01-01
a year crt.sh
www.google.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
*.iqzone.com
Go Daddy Secure Certificate Authority - G2
2023-04-05 -
2024-05-06
a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02
2023-02-08 -
2024-02-15
a year crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2
2023-04-20 -
2024-05-21
a year crt.sh
*.dm-event.net
ZeroSSL RSA Domain Secure Site CA
2023-04-17 -
2023-07-16
3 months crt.sh
*.c.docs.google.com
GTS CA 1C3
2023-05-02 -
2023-07-11
2 months crt.sh
speedtest.dailymotion.com
ZeroSSL ECC Domain Secure Site CA
2023-04-12 -
2023-07-11
3 months crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2022-05-18 -
2023-06-16
a year crt.sh
dmxleo.dailymotion.com
ZeroSSL RSA Domain Secure Site CA
2023-04-27 -
2023-07-26
3 months crt.sh
*.dc3.dailymotion.com
ZeroSSL ECC Domain Secure Site CA
2023-04-13 -
2023-07-12
3 months crt.sh
*.videocdnmetrika.com
GTS CA 1P5
2023-04-04 -
2023-07-03
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4
2022-12-23 -
2024-01-24
a year crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018
2023-03-17 -
2023-08-27
5 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018
2022-10-21 -
2023-10-22
a year crt.sh
gw.geoedge.be
Amazon RSA 2048 M01
2023-02-21 -
2023-10-10
8 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3
2022-11-23 -
2023-11-22
a year crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-05-13 -
2023-08-10
3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-03-14 -
2023-06-09
3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-03-26 -
2023-06-29
3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1
2023-02-10 -
2024-02-18
a year crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-12-08 -
2023-12-31
a year crt.sh
teads.tv
R3
2023-05-11 -
2023-08-09
3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02
2023-04-13 -
2024-05-11
a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA
2022-06-21 -
2023-07-21
a year crt.sh
*.360yield.com
Amazon RSA 2048 M02
2023-02-10 -
2023-07-27
6 months crt.sh
itm.ivitrack.com
R3
2023-04-04 -
2023-07-03
3 months crt.sh
exchange.mediavine.com
Amazon RSA 2048 M01
2023-02-11 -
2023-08-04
6 months crt.sh
*.outbrain.com
Thawte RSA CA 2018
2022-11-06 -
2023-11-28
a year crt.sh
*.tremorhub.com
Amazon RSA 2048 M01
2023-02-22 -
2024-03-23
a year crt.sh
*.twiago.com
Sectigo RSA Domain Validation Secure Server CA
2022-11-28 -
2023-12-29
a year crt.sh
*.yieldlab.net
DigiCert TLS RSA SHA256 2020 CA1
2022-11-16 -
2023-11-15
a year crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01
2023-04-04 -
2024-05-02
a year crt.sh

This page contains 86 frames:

Primary Page: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Frame ID: 60F6B2D56B3D055A3F6B106953418C23
Requests: 124 HTTP requests in this frame

Frame: https://pubads.g.doubleclick.net/gampad/adx?iu=/275831643/pixel_dar_test&sz=1x1&t=sw_domain_name%3Dkaterionews_com_27f21a7&1684132456375
Frame ID: 587C756EE3DB6A00AAE882E9F2C72611
Requests: 1 HTTP requests in this frame

Frame: https://waaw.to/player/embed_player.php?vpn=1&vid=1
Frame ID: BA84D2C2FAB32305988ED6163D990146
Requests: 30 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.573.0_en.html
Frame ID: 6A1A92DA29309E2DB49361ACD44F41D7
Requests: 5 HTTP requests in this frame

Frame: https://a1fb36eb5e79c4c336a78c85999d0db3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E71270C1926C8DE0A978E25B6D51C105
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssnliTjxBBtC8C2St6dEH6PLupo4qv0KH6RtIYPOc6pobgFgVNdCBf-EgBW-8g7fqhPZulnq91W5mCy5XPe5kmADxJuGuW-BRWMdpMFO0In-ftgBS6VxD4Kde-S-fUcD66v9bNLuRuLrRRp69si2hQcEB-dF7Z_e_qDLVBzTPJ-0IE6rdW5wd98KIjkieX-QMVTHS5J-TdVezqJrU9ry68TFLxUCk-r5oizCUposVS7QxdVdnRLo7jzqhSEs9eB1vyRpQ5zLIy6xzEGNul2_yLnm7yrc_DzohXOqPSsR7kuyGP5komWfT7WTTPU9dB-cw6oXlHVspp7nMoAB_p4VckuarJetCOjFxdXxLmSNw&sai=AMfl-YSEnrIjSIPjUnn0hIv5svq4DD08PC6m7aJUJJIAfCLQrWLv6h-FeScuOCIbbga8aF6PPUPit-1rKnEY8ox3EMtNAfhA5vFvjEGaJpPZd9X2p-GY-GQnIJ7NfwIobwA&sig=Cg0ArKJSzPOf8VM6NflfEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: EE2CAF007FD15E2F7004C6E7DFA47C72
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3592985597631507&output=html&h=50&slotname=300x250&adk=2732107086&adf=816031635&pi=t.ma~as.300x250&w=320&lmt=1684132457&url=https%3A%2F%2Feqywj.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684132457768&bpp=13&bdt=257&idt=207&shv=r20230510&mjsv=m202305100101&ptt=5&saldr=sa&cookie=ID%3Dec0379141404ca4e%3AT%3D1684132457%3AS%3DALNI_MYTc3wVMq43MUQY60hBRzCWMXRVBw&gpic=UID%3D00000c15a859b47b%3AT%3D1684132457%3ART%3D1684132457%3AS%3DALNI_MZmx8bWl0OM1B6CUucaUW_qbJIgyA&correlator=5392965397098&frm=23&ife=4&pv=2&ga_vid=1290373860.1684132458&ga_sid=1684132458&ga_hid=809158557&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1065&ady=393&biw=1600&bih=1200&isw=320&ish=50&ifk=3621597835&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44773810%2C44759837%2C31074512%2C44788441%2C44789923&oid=2&pvsid=3300188462687036&uas=0&nvt=1&ref=https%3A%2F%2Fwaaw.to%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C320%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.51uj3vpmhwpm&fsb=1&dtd=222
Frame ID: 3CCD78F90CBB0C86CB6A84533857F321
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/loader21.html?https://player.aniview.com/script/6.1/AVmanager.js%3fAV_PUBLISHERID=5ef4bc022e79664d2b473869
Frame ID: 7866DC4F81A03CC7828833B9DABC4893
Requests: 21 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Frame ID: F899C93456560C5B3B4F1B6FE356A37B
Requests: 18 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: 75BF106DACF7D2FD75B30CD84D687EB3
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Frame ID: 414E514FDCEAC3E7F3F0CE2E007D7D7F
Requests: 3 HTTP requests in this frame

Frame: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js
Frame ID: 94EB7333C9FA2514E4F138FA99746247
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Frame ID: DBC9A40CC0959BD72E97A8AEAD6A0963
Requests: 3 HTTP requests in this frame

Frame: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js
Frame ID: 04893FB10DAEEBF9D11E2CD47B33CEA0
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Frame ID: 43B6C7BF4E27DD95514C86C3E97FF9D3
Requests: 3 HTTP requests in this frame

Frame: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js
Frame ID: AFEAAA0575B79F979BABC6233CEC22A0
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Frame ID: C67A1C9E396A8E86E7C4F8E080A461E5
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Frame ID: E6290E7E02717417084484C165254385
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Frame ID: C5607AB3BDB9FFE6A695C5C09CFF213F
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Frame ID: 6A02773B8082B48684D6B38EC2593E59
Requests: 13 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Frame ID: 2E324EA6338E00D8F0C5F7DB7391A88B
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Frame ID: EE0F52B1AE8354E4DF4D4427355D2896
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Frame ID: 6D4CF3F5C082F3490E54270B18B497B9
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Frame ID: EF403E7889A8E1B6C2716978173E2D6B
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Frame ID: 659D441DAD61CB143AFBCF44E3C969FC
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Frame ID: 7BFD81A34CE063E71D76526847A534E2
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Frame ID: 53E2AD44CCCD48CB6B5E15333F8FF289
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Frame ID: BFD86473AF1BAC9618CD95F8C136078B
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Frame ID: 57BC04334B959CBED5B66C949576AC38
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Frame ID: 7D17D73D680A7EF875819341B9AC387F
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Frame ID: BD103C704482CB974AF30B78D17751AE
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Frame ID: 22908590FE0A1A05D005797F7700E78F
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1684132458537-966106332148-001204-005-006940&biddername=10&pid=59c9148628a0612da3689288&key=BIlsswQhRzXn&ev=1&us_privacy=1---&pid=562704
Frame ID: 521C06395EB717D7B2632E8C51DD1688
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=22d5bab3aa3a62d283f1e7656691fbf7&_fw_gdpr=1&_fw_gdpr_consent=undefined
Frame ID: 01D1D13EE9F198BD901B0AC18A9D4A79
Requests: 1 HTTP requests in this frame

Frame: https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=1&_fw_gdpr_consent=undefined
Frame ID: ED8B80EF4CF7DA8C34BEF804EC832929
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=ec4c2ec9-18b8-454e-98be-3ee1e6bfea65&gdpr=1&gdpr_consent=undefined&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1684132458537-966106332148-001204-005-006940%26biddername%3D23%26key%3D
Frame ID: 8DFE2F81AD6B5482B590C7DFE696E058
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1684132458537-966106332148-001204-005-006940&biddername=56&pid=59c9148628a0612da3689288&key=d3a4721e-7984-4c0e-96f3-c849e4754319&gdpr_consent=undefined&gdpr=1
Frame ID: 14D7E70FC16C644CF747E0D187B8E390
Requests: 1 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=undefined
Frame ID: 6E7DB9E708FB61439AB6E18DCA126E52
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1684132458537-966106332148-001204-005-006940&biddername=200&key=OPTOUT
Frame ID: C31163E7D15B67ECDCB7733518D856CB
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=undefined&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1684132458537-966106332148-001204-005-006940%26biddername%3D18%26key%3D%24UID
Frame ID: DE7A68B6B6BA9F606A7CEFB7CCB8D8CA
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=undefined&us_privacy=1---
Frame ID: 48E967A858271F643B78A2522BEBA12A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=undefined&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1684132458537-966106332148-001204-005-006940%26biddername%3D1%26key%3D
Frame ID: 94FF125FFF82F66059A2E521BD8E78DA
Requests: 2 HTTP requests in this frame

Frame: https://vid.vidoomy.com/sync?gdpr=1&gdpr_consent=undefined&us_privacy=1---&redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1684132458537-966106332148-001204-005-006940%26biddername%3D133%26pid%3D59c9148628a0612da3689288%26key%3D%7B%7BVID%7D%7D
Frame ID: 5C63E0D9FFE1428AB11ED2D28580CE83
Requests: 5 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1684132456933
Frame ID: F41230A9B30B514E3F351ADEA07F4807
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 5F250D5590F5A94478768A2A44766F35
Requests: 13 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: A5641B3E8327C7217EEAA001E0F46C08
Requests: 15 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: CE8F1ABF86FE756A52ACCAC0A05F30B3
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 42B07C2A6026DB97A241A679BA2FB30B
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Frame ID: 6943DE34AFACA0617872E215ECD59115
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 7A6D78096EEBFABDDCE4CB580A1BF7A8
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: A01042E94C7B074AB9732B81FE8C5AC2
Requests: 1 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: B7662F63C8D1DDD7C854A4BC5991509B
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: 673FE688CFA499ADB76FE84F544C061B
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: BF70B99CF9B763B385A840D9E0E10E55
Requests: 1 HTTP requests in this frame

Frame: https://geo.dailymotion.com/player/xa2et.html?video=x80idv5&syndicationKey=273773&mute=true&ads_params=main
Frame ID: 48713ABE235654DBD9D5D90DA925EF6B
Requests: 29 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6F37393E4177C2B425EB35E6CF8421F0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DF2B049F5760D0AD5F54B57B4188EA32
Requests: 2 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Frame ID: 92F72A2487745B4315BAC301765A29C5
Requests: 1 HTTP requests in this frame

Frame: https://cs.iqzone.com/e9d4ff858b5e32317e843f5ed11b2659.gif?puid=e_25e8b37f-59b0-4390-af76-7cb7cbc85db8&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diqz
Frame ID: 6A01D706913CF815479B91D5138AE43B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: B689DDFF48A39BF9D7064E598B09D4C6
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 9973E84077458420EC2792854B790708
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=8c7c6461-d26e-4000-8ddf-5ebda9ff0433&gdpr=0&gdpr_consent=
Frame ID: 8912EA1D6013A6765B1F652911F98D85
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZGHSbQAKHGEBrQBS&gdpr=0&gdpr_consent=&_test=ZGHSbQAKHGEBrQBS
Frame ID: DA27B90FE1F029D16AED15B89F08B091
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8yNWU4YjM3Zi01OWIwLTQzOTAtYWY3Ni03Y2I3Y2JjODVkYjg=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 7537F71B7C730B7C03CC0E64D9D6C7C6
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZGHSbcCo8YQAABwDFE4AAAAA
Frame ID: 5E074639F87C99327E13921C71F24364
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=e_25e8b37f-59b0-4390-af76-7cb7cbc85db8&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Frame ID: 59BBD929CFF10E7937F3EE30DBBBDFC5
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158810&siteId=0&adId=2934480&vadFmt=3&vapi=2&vminl=1&vmaxl=120&vh=365&vw=650&placement=1&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&sec=1&gdpr=1&gdpr_consent=undefined&schain=1.0%2C1!smilewanted.com%2C4192%2C1%2C%2Cpurifydigital.com%2Cpurifydigital.com%2C&us_privacy=&kadpageurl=eqywj.katerionews.com&cbb=4132459097
Frame ID: A8F7F5A7BF76C4D06F1F24B0C0284AC1
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Frame ID: 13086CC892CD4CAB5EF5A46B35BAE6AB
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=CAlwCvVEjpTy5orMAo2m&pi=gumgum&tc=1
Frame ID: 6A09907FD448517D1262A40B2B21F963
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: AA8A6F22959DC6DA442505B274E0A24D
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 28E3827B9DCCDC2388C209C00F2C4B76
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: BB6AE57BE1B6FD85B0C5C009DFE4E65A
Requests: 2 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158810&siteId=0&adId=2934480&vadFmt=3&vapi=2&vminl=1&vmaxl=120&vh=365&vw=650&placement=1&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&sec=1&gdpr=1&gdpr_consent=undefined&schain=1.0%2C1!smilewanted.com%2C4192%2C1%2C%2Cpurifydigital.com%2Cpurifydigital.com%2C&us_privacy=&kadpageurl=eqywj.katerionews.com&cbb=4132461526
Frame ID: 4D74ACB6D00D031A58BEED35837AFA39
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: B21738608F9C85306B9AA21F5A4FD2C8
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Frame ID: 7AA6AAEF47A270D96782064CFDAAA6BB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: 81831FC379505D903AFB4F8602CADEE8
Requests: 3 HTTP requests in this frame

Frame: https://videocdnmetrika.com/f.php?sid=212040&rand=62541577
Frame ID: FDA903D2E03CBAA3778EEE20D049A40F
Requests: 7 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=eqywj.katerionews.com
Frame ID: BE0217FD3EDE47482FF649895C483C87
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E66EF1165004F9E6226E7332976587CE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EF023C9B3B6A95DA29CFCB93BED63B3A
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst6yEDUUBFmHDdSuJBcr2cRhEC6vj2LGUV_v_b8rKX3JlFTitYl9gf1RmEvUpSzi9Bmdf6WZqN_72wBjoctdK5Y5GVksipM_si4xT12KFJYEqnt9zdnJbsbGxcrXubfaHX24xFyCSgAkMDDt7_chwXGQ6lCrj8_PkE61nbpR321l1JlYSuSVWk3AdnwDz9u0gMNaHizFJbIkogqM_-cRM1dORXIoGy2fNUSFflofx6aCsy02iePv2zAn9p6AdjwIGabCjFwpamoidSt0ESWeQ9syFGnhRRg0GRfEQNcHzExpYKWEqImmErITafREGIjNQmk7Q6J0InMCfwmFw5P55lZA7zGKFemmBjyPnEW_YY&sai=AMfl-YR79YFe8tDsog-UZFhPRfO_-4P0ewX3pYeQf1Ofw1zKI8gaWLqpewlWkHI-98k5q_KVGhX6KHCX99oW5DRFNeWz5vILPgnpOFHqaOK2ExBdBgcoT7rXeTKSWsCoq7M&sig=Cg0ArKJSzEp6TzPOxd3xEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: A89DF31650DAA2ABB1F21CEA02B9BEAD
Requests: 18 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=eqywj.katerionews.com
Frame ID: 89178160B65D1BA3A771433B455B1979
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CYlkSPF0jqCnL3YUdj3%2Fs9DEsNmT3rgr08ridTeHhEq4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2gFWAbcleS0YYn8MLHHNtwWGFCevxDI6sVIw6zJZ134MKZaDldNsSbgzXEoJSo_vJ_4v6gZ-iiY30Q-wmbYHMrDz63RtBOHoQgi-y03Cjh7JsTOVIO5fIRjAvy_vEl23_fiaD_ETxNNah9Dg9j8thKFmmiXyw-m-7tNYw1mu4J8fVMVYetJDfkIlqhIHXK3XA7GHx6YIDpS0IrjODWlJASBCg9TcuhNoVFDzhoGYCtP_TYTiOyth8S2Dz_XE3TMEW7NA99wXtlhx0dbNdjSBoD3KOWTQnmi_fb3dvL0HFotv433clYIkq5RtfmyTyikbMIACGnxWNEOY5rkUTLLh7kje-2LbI_QGBKTDHXjPETsnAhZR_uykHnQo8RYpVk0uaOF9V9gbxf3LaMv_GS8eEfTxvddsHT3ZmQjnmju98r2OvxkwWlxKxw9GlelKGilRAx0IqZZ9eL18SJSuBxkfo0Yw-fpfZZA7kgXO2HOtLNHsOp9zdDEVtqxDd2HHbvlc0QwMZ85kixsW75wPq1h1FUgb-RAzqI68G2SVnsXmEaNgnG39_nL2a0bsOtpQdoMI28kdhnL3YzhgXQIUkDWmDHw
Frame ID: 475A4ECA5311FD9B3B5EB054567FC3BD
Requests: 10 HTTP requests in this frame

Frame: https://cat.nl3.eu.criteo.com/tpd?dd=i14kCl9aNVVNbnF4VG9zRFI4JTJGYm9jSGRYU0pybWJRbmg0eUtybmdDMSUyRnF1NjZxZXVuNnJzMVklMkZVdUdGaFlzcVc1SnJsUyUyRjMyZnRpVFhtcXpsdW9QU2d0R3RjN1FvbXVabVlaaXZ4TTBGOEdDQ0FkeEVXenpuQSUyQnpzM3ZtUXhrWERXSUsyaVltTVFGcDRDd1duWnBlZ0VTU0ZXR0o1dHBYU1BGenBuaVNIZllKek44YVdHZmNscmNuaEQzQllJeSUyRkxTRFBid0hhMlExb3lnalIwSk11bUlsTzZxdzN4Q1ZKR3VWUWRMeDBBUTVqa2NVZmhkTk83QThMM1MyTFFXYXp2MDRjdFNTbXJ6RWw2UHB4TUIyUlZHQjVJaVcwOUNOYjhUbkJobWYlMkJTU2pqRk9VOTZWQTVYUDZUY0lOUWZtdlFiZ0kwZ0I4eVFUakppcEt3ZExWMHJaNmxMMkQ1RUxDJTJCY3hOV1p2cEc2SDcwVG1jcTh2Q3Z5aVVHOFhTakF1enMlMkZOVmQlMkY0bFpndXFZJTJGRFBwZ25UVkdmNTNlalglMkZFeTZESjNtOUc3NkZMOSUyRnBaWkElM0Q
Frame ID: 741E7CCC492CAACEE3B848CE50CDD7A3
Requests: 1 HTTP requests in this frame

Frame: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=198666&cb=6461d2718edf655af10fb14c688900a2&r=https%3a%2f%2feqywj.katerionews.com%2f&crossorigin=false
Frame ID: 945ECE2FBBDFD50AA785CA9EF2708D57
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-sQJZfixjaKR31hxSLgOEzwjOCcbUY0HtRHu5Tw&expires=30
Frame ID: 291C21374AC62620642B529A50019A2F
Requests: 28 HTTP requests in this frame

Screenshot

Page Title

Katerio News – Latest breaking news

Page URL History Show full URLs

  1. https://waaw.to/f/lQbgDcfHP0gT Page URL
  2. https://waaw.to/watch_video.php?v=Tkh2MFRYTlFvMHhCN091R0JRNFZIUVJnVlhtT0w0MzBsYjdqWXQvQ2doaU... Page URL
  3. https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f4508897... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont

Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

500
Requests

89 %
HTTPS

31 %
IPv6

102
Domains

161
Subdomains

124
IPs

11
Countries

11695 kB
Transfer

31557 kB
Size

116
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://waaw.to/f/lQbgDcfHP0gT Page URL
  2. https://waaw.to/watch_video.php?v=Tkh2MFRYTlFvMHhCN091R0JRNFZIUVJnVlhtT0w0MzBsYjdqWXQvQ2doaUNaZ3Z1YTdDblljUWJTMVRnQzVjaw%3D%3D Page URL
  3. https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 153
  • https://bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1684132458537-966106332148-001204-005-006940%26biddername%3D10%26pid%3D59c9148628a0612da3689288%26key%3D%25%25VGUID%25%25 HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1684132458537-966106332148-001204-005-006940&biddername=10&pid=59c9148628a0612da3689288&key=BIlsswQhRzXn&ev=1&us_privacy=1---&pid=562704
Request Chain 154
  • https://ads.stickyadstv.com/user-matching?id=3655&_fw_gdpr=1&_fw_gdpr_consent=undefined HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=22d5bab3aa3a62d283f1e7656691fbf7&_fw_gdpr=1&_fw_gdpr_consent=undefined
Request Chain 157
  • https://csync.loopme.me/?pubid=11455&gdpr=1&gdpr_consent=undefined&redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1684132458537-966106332148-001204-005-006940%26biddername%3D56%26pid%3D59c9148628a0612da3689288%26key%3D%7Bdevice_id%7D HTTP 307
  • https://sync.aniview.com/cookiesyncendpoint?auid=1684132458537-966106332148-001204-005-006940&biddername=56&pid=59c9148628a0612da3689288&key=d3a4721e-7984-4c0e-96f3-c849e4754319&gdpr_consent=undefined&gdpr=1
Request Chain 159
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=undefined&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1684132458537-966106332148-001204-005-006940%26biddername%3D200%26key%3D%5BRX_UUID%5D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1684132458537-966106332148-001204-005-006940&biddername=200&key=OPTOUT
Request Chain 165
  • https://video-ads.rubiconproject.com/video/19814/243946/1858894/201/vast.xml?tg_c.language=fr&p_aso.video.maxduration=120&gdpr=1&gdpr_consent=undefined HTTP 307
  • https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=19814&site_id=243946&zone_id=1858894&size_id=201&tg_c.language=fr&p_aso.video.maxduration=120&gdpr=1&gdpr_consent=&p_aso.video.api=2&p_aso.video.mimes=application%2Fjavascript%2Cvideo%2Fmp4&tk_vpaid=1&cb=65693738.714649
Request Chain 202
  • https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Request Chain 203
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 208
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=7062505060153592632
Request Chain 209
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=GpfKARZHWOPaTxP6RkGCnPoY
Request Chain 211
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1684132460880 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=396011368 HTTP 302
  • https://sync.1rx.io/usersync/turn/8201070212447686353?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-faa4deea-7eb5-424d-b4ce-bd89ac87ac9a-003?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-faa4deea-7eb5-424d-b4ce-bd89ac87ac9a-003 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-faa4deea-7eb5-424d-b4ce-bd89ac87ac9a-003
Request Chain 212
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5124322326444370326
Request Chain 214
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=ba596a21-f2cf-4506-b936-f44005f70ce3&gdpr=0&gdpr_consent=&us_privacy=1YN-
Request Chain 215
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-CPALOV9E2uHOmrppWzfXortDSn3pxreeBpDNYhs-~A
Request Chain 216
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://ads.servenobid.com/sync?pid=346&uid=ua-51b3b8b4-c9e4-3476-94aa-9949837be7a5
Request Chain 217
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58632/occ?verify=true HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-CPALOV9E2uHOmrppWzfXortDSn3pxreeBpDNYhs-~A
Request Chain 219
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Request Chain 226
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZGHSbN7sFlbIJxRK63vT8QAAFD8AAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZGHSbN7sFlbIJxRK63vT8QAAFD8AAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 228
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZGHSbN7sFlbIJxRK63vT8QAAFD8AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPX7sRWEFWPIxGygEVr3LLI&google_cver=1
Request Chain 229
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZGHSbN7sFlbIJxRK63vT8QAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEI8cd6sAp7oHLIEpX6JSn7s&google_cver=1
Request Chain 230
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=a7a49c74-3d0a-4d5a-8aaa-26bb9d9ced15
Request Chain 232
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=d3a4721e-7984-4c0e-96f3-c849e4754319&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 233
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=38a5f184-94f7-c6b8-2393bdea
Request Chain 252
  • https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent= HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=628847490 HTTP 302
  • https://sync.1rx.io/usersync/turn/8201070212447686353?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-faa4deea-7eb5-424d-b4ce-bd89ac87ac9a-003
Request Chain 254
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=7062505060153592632&gdpr=0&gdpr_consent=
Request Chain 255
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=f284b9b8-f563-48be-83f6-e03a83c2b56a&gdpr=0&gdpr_consent=
Request Chain 256
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=7062505060153592632
Request Chain 257
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_25e8b37f-59b0-4390-af76-7cb7cbc85db8&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_25e8b37f-59b0-4390-af76-7cb7cbc85db8&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=e5064afa-f659-44cc-9f43-67174998427f&ssp=gumgum2&gdpr=0&gdpr_consent=
Request Chain 258
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-9b39b16f-72b6-5a09-7ee3-43059088ebc4$ip$185.213.155.146
Request Chain 259
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_25e8b37f-59b0-4390-af76-7cb7cbc85db8&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=SuLxhhGJAjRzb0rmI-7i&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2U3VJR4GQ2CHJJAWUUT2MIYHE3KJFU3WSJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2U3VJR4GQ2CHJJAWUUT2MIYHE3KJFU3WSJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=SuLxhhGJAjRzb0rmI-7i&us_privacy=1---
Request Chain 260
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=V3FeiccmDZhM&ev=1&pid=558355
Request Chain 261
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28PdqUvEqN9Ygc_8vKpFwk1IfOasuFUE56VzStODC7VIOLW0zSXV5ner-MDQ40jisf%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28PdqUvEqN9Ygc_8vKpFwk1IfOasuFUE56VzStODC7VIOLW0zSXV5ner-MDQ40jisf%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_25e8b37f-59b0-4390-af76-7cb7cbc85db8&obuid=ENC(PdqUvEqN9Ygc_8vKpFwk1IfOasuFUE56VzStODC7VIOLW0zSXV5ner-MDQ40jisf) HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=PdqUvEqN9Ygc_8vKpFwk1IfOasuFUE56VzStODC7VIOLW0zSXV5ner-MDQ40jisf&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=appnexus&uid=7062505060153592632&obUid=PdqUvEqN9Ygc_8vKpFwk1IfOasuFUE56VzStODC7VIOLW0zSXV5ner-MDQ40jisf&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform
Request Chain 262
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=6d7915d7-afbb-4ad5-8e64-c8461f95a9f9
Request Chain 263
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-04_F8HJE2peM6TpX0ux.WtGPhHd_vWRq.Ys4~A
Request Chain 264
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=1fe4df1f-79e7-424d-843e-a98874fd718b
Request Chain 265
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
  • https://usersync.gumgum.com/usersync?b=snc&i=GDPR
Request Chain 267
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=60214c66-21ed-45a3-a225-dbd78e0721fd
Request Chain 268
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=1350542721399933549
Request Chain 278
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=8c7c6461-d26e-4000-8ddf-5ebda9ff0433&gdpr=0&gdpr_consent=
Request Chain 279
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZGHSbQAKHGEBrQBS HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZGHSbQAKHGEBrQBS&gdpr=0&gdpr_consent=&_test=ZGHSbQAKHGEBrQBS
Request Chain 281
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZGHSbcCo8YQAABwDFE4AAAAA
Request Chain 288
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=CAlwCvVEjpTy5orMAo2m&pi=gumgum&tc=1
Request Chain 289
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 316
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=gSSH3gcvSVyiYg7KdndoKA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=gSSH3gcvSVyiYg7KdndoKA
Request Chain 318
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECVEfFn968Hh7Sz39UT-qlQ&google_cver=1
Request Chain 319
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=XqJuXoo4TC2lhqGeY30jzQ&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=XqJuXoo4TC2lhqGeY30jzQ
Request Chain 320
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/l0dTPyFY7L7GRyuaaAbYbQ?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-OASIXZ9E2oJmlmBWe02GwCeipqNBsKA_LdniMQ--~A
Request Chain 321
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHOGZFF0-6-K7O6
Request Chain 322
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEhPR1pGRjAtNi1LN082 HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBpLbRHSSG96QWCcMZ93NYY&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhPR1pGRjAtNi1LN082&google_push=
Request Chain 323
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzVlNGQ3MDIzZTg0OTE5N2RhNjk3YjdhNjU2YzYxZTdlNGMyOWM3ZQ
Request Chain 343
  • https://video-ads.rubiconproject.com/video/19814/243946/1858894/201/vast.xml?tg_c.language=fr&p_aso.video.maxduration=120&gdpr=1&gdpr_consent=undefined HTTP 307
  • https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=19814&site_id=243946&zone_id=1858894&size_id=201&tg_c.language=fr&p_aso.video.maxduration=120&gdpr=1&gdpr_consent=&p_aso.video.api=2&p_aso.video.mimes=application%2Fjavascript%2Cvideo%2Fmp4&tk_vpaid=1&cb=65693738.714649
Request Chain 420
  • https://mc.yandex.ru/watch/90175160?wmode=7&page-url=https%3A%2F%2Fvideocdnmetrika.com%2Ff.php%3Fsid%3D212040%26rand%3D62541577&page-ref=https%3A%2F%2Ftestingmetriksbre.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73idgcr0qjmn%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1031%3Acn%3A1%3Adp%3A0%3Als%3A135783218577%3Ahid%3A236826711%3Az%3A0%3Ai%3A20230515063422%3Aet%3A1684132463%3Ac%3A1%3Arn%3A786198912%3Arqn%3A1%3Au%3A168413246333813388%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A15%2C18%2C62%2C1%2C0%2C0%2C%2C24%2C0%2C%2C%2C%2C121%3Aco%3A0%3Acpf%3A1%3Ans%3A1684132462438%3Arqnl%3A1%3Ast%3A1684132463%3At%3A&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
  • https://mc.yandex.ru/watch/90175160/1?wmode=7&page-url=https%3A%2F%2Fvideocdnmetrika.com%2Ff.php%3Fsid%3D212040%26rand%3D62541577&page-ref=https%3A%2F%2Ftestingmetriksbre.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73idgcr0qjmn%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1031%3Acn%3A1%3Adp%3A0%3Als%3A135783218577%3Ahid%3A236826711%3Az%3A0%3Ai%3A20230515063422%3Aet%3A1684132463%3Ac%3A1%3Arn%3A786198912%3Arqn%3A1%3Au%3A168413246333813388%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A15%2C18%2C62%2C1%2C0%2C0%2C%2C24%2C0%2C%2C%2C%2C121%3Aco%3A0%3Acpf%3A1%3Ans%3A1684132462438%3Arqnl%3A1%3Ast%3A1684132463%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Request Chain 424
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=katerionews.com&sn=ChromeSyncframe&so=0&topUrl=eqywj.katerionews.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=y61QfHwvenQzOXE1WUc5YzArOUd5R3h5TCtjdTZ1QUhaVGwrZEpXMEs5TlYzVmxoL3oyNHExL1QwaGNvWVl4NmhDWjlvZm1Rc21JRUlVaytnM3NDQ1poT0o3d0VYMGRYWGN0TVNaaDViUWZWeHhXdjlJY3AxMmRZbDRYRVJmWFlFT2E2UG9XVzFVWEYwVXZEdVVSSHlzcnBBL0loUytyQ1VLRE9SekhUWTR1Y3h5M1dQOWVpTEMxZW1uWEFsRXNUaEszc2Z3NXBOTnp2Q3J3Z1Y4aTBCVmM1Y3F6cGJLamFxTnptS0lxaHFORXF4N3ZlcERqNnUwM2JnalV4eDE1QUpNa1FMeko0ZGdScjdFV0kzNnppWlcxM2lWdz09fA&cppv=2
Request Chain 449
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=katerionews.com&sn=ChromeSyncframe&so=3&topUrl=eqywj.katerionews.com&bundle=44uHDF9DSjNnZSUyQjYzR0x5T2dkTVYyU3FEVWtYd1VhS0dBRFYwWSUyRnklMkZmY21OTWNHeFR1d3RIdkhqUmNSdGJQJTJCVDRGSHVEZlJYWSUyQlVRSUpFSER5RXU1THBrMFhDdUdJNnZXZFRvQVpiT3pZOGdVMUt1TGpxS0JlNCUyRlBOJTJCTjZWbHlkTTFoaEVLZyUyQk91QUZUUjdveWVQSzlla3FRJTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=PyGJSHxTTHZNMTF4OVlDeUZyQVhDR1FpS0tUVjI2TnJjZDZIampJSkh4M0tvUHZGdUh6b0pXYzMyRVA3WTJ3bjdydCtDR2E5MTNiY3NmU0NvZFREY0c1OGE3WTdDajlYYzJKbzZyZ1hMOGhFOEJ0b0FYbWRCcWxUNFFWMEFmT2hlQlQyWTNpUHJTeFVpMXhpanFrUDQ1Y2UwMExacHJReER1ak43UC9HVVJObDVMNy9sWHFSb0h2ZVRuaERZaW1RdVlOVndyNFpQMlRpU2Ftbi8va3lkNWFKZnNtQTMxNHNYQ0N6aHlkdE9jc3grLzZPeWsrK2pUbTBuemJBcHB6ZDg2TVJOUThVVlM5bGRxTVpxWnRNa2RJa29tV1lJWU5UT1dNSXBLV0VLajhjeitVWT18&cppv=2
Request Chain 466
  • https://match.prod.bidr.io/cookie-sync/cri?r=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dZkfRMl96cUJzSVByUkYydEFQUngzZ090Ym02R2l3bWFQeUpDTkJJYTZYdUpRR0M4JTNE%26u%3d%24%7bUSER_ID%7d&gdpr=&consent=&us_privacy= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/cri?r=https%3A%2F%2Fssp-sync.criteo.com%2Fuser-sync%2Fmatch%3Fp%3DZkfRMl96cUJzSVByUkYydEFQUngzZ090Ym02R2l3bWFQeUpDTkJJYTZYdUpRR0M4JTNE%26u%3D%24%7BUSER_ID%7D&gdpr=&consent=&us_privacy=&_bee_ppp=1 HTTP 303
  • https://ssp-sync.criteo.com/user-sync/match?p=ZkfRMl96cUJzSVByUkYydEFQUngzZ090Ym02R2l3bWFQeUpDTkJJYTZYdUpRR0M4JTNE&u=AAD_GE7Iw6UAACAnIEAm2Q
Request Chain 467
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=nErFZ19WajllRENNNXJLdnJQRDQ1cjdKJTJCWjNjd2NRblhaSHhXcEEyUHo5blk5b0klM0Q&gdpr=&gdpr_consent=&us_privacy=&cr_user_id=k-sQJZfixjaKR31hxSLgOEzwjOCcbUY0HtRHu5Tw HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=criteo&bsw_custom_parameter=e5064afa-f659-44cc-9f43-67174998427f&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=06b33fa9-49c5-4eed-9bf5-e2e39b957b79&expires=1&user_group=5&ssp=criteo&bsw_param=e5064afa-f659-44cc-9f43-67174998427f&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=nErFZ19WajllRENNNXJLdnJQRDQ1cjdKJTJCWjNjd2NRblhaSHhXcEEyUHo5blk5b0klM0Q&u=e5064afa-f659-44cc-9f43-67174998427f
Request Chain 468
  • https://sync.taboola.com/sg/criteoscod/1/cm?redirect=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dM5yKcl9vWVUlMkI2JTJCRVphSFZTQWZxTWklMkZHeHhtYXB2SmVtYjY1bmg4eVpodzZqYmpvJTNE%26u%3d%3cTUID%3e&gdpr=&consent=&ccpa= HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=M5yKcl9vWVUlMkI2JTJCRVphSFZTQWZxTWklMkZHeHhtYXB2SmVtYjY1bmg4eVpodzZqYmpvJTNE&u=3ec48869-a3f4-41cb-9c0b-381a0880f266-tuctb5b57f1
Request Chain 471
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-m4VIrixjaKR31hxSLgOEzwjOCcZeA9e81Do1YQ&google_cm&google_hm=ay1tNFZJcml4amFLUjMxaHhTTGdPRXp3ak9DY1plQTllODFEbzFZUQ HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-m4VIrixjaKR31hxSLgOEzwjOCcZeA9e81Do1YQ&google_gid=CAESEJC8iZFKP8FbCZiWiEsgGww&google_cver=1&google_ula=913071,0
Request Chain 472
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7062505060153592632
Request Chain 485
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=nxlCssJyZLBoR4ixkEX4zKbMzTGW77b9 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=nxlCssJyZLBoR4ixkEX4zKbMzTGW77b9
Request Chain 497
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=tTIqTmfV7jJ8WylCo5vJFCkJ2O9wVA7a
Request Chain 498
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=Oiy-4gLMC1AVNs8R1HX7aIW6FriYQVv7

500 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
lQbgDcfHP0gT
waaw.to/f/
14 KB
5 KB
Document
General
Full URL
https://waaw.to/f/lQbgDcfHP0gT
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
Google Frontend /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, stale-if-error=30, max-age=30
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 15 May 2023 06:34:15 GMT
expires
Mon, 15 May 2023 06:35:15 GMT
server
Google Frontend
vary
Accept-Encoding
x-cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-cache-status-inferno
MISS
x-content-type-options
nosniff
x-inferno-limit-req
PASSED
x-inferno-location
player
x-origin-location
player
x-robots-tag
'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
x-xss-protection
1; mode=block;
watch_video.php
waaw.to/
14 KB
5 KB
Document
General
Full URL
https://waaw.to/watch_video.php?v=Tkh2MFRYTlFvMHhCN091R0JRNFZIUVJnVlhtT0w0MzBsYjdqWXQvQ2doaUNaZ3Z1YTdDblljUWJTMVRnQzVjaw%3D%3D
Requested by
Host: waaw.to
URL: https://waaw.to/f/lQbgDcfHP0gT
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
Google Frontend /
Resource Hash
9cee03cab156eb46062ee87ba8cc14f0e04d34c86bc40474c93cca78ab05085a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

Referer
https://waaw.to/f/lQbgDcfHP0gT
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, stale-if-error=30, max-age=30
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 15 May 2023 06:34:15 GMT
expires
Mon, 15 May 2023 06:35:15 GMT
server
Google Frontend
vary
Accept-Encoding
x-cache-status-inferno
MISS
x-content-type-options
nosniff
x-inferno-limit-req
PASSED
x-inferno-location
player
x-origin-location
player
x-robots-tag
'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
x-xss-protection
1; mode=block;
main.css
waaw.to/styles/cbv2new/theme/
82 KB
21 KB
Stylesheet
General
Full URL
https://waaw.to/styles/cbv2new/theme/main.css?232
Requested by
Host: waaw.to
URL: https://waaw.to/watch_video.php?v=Tkh2MFRYTlFvMHhCN091R0JRNFZIUVJnVlhtT0w0MzBsYjdqWXQvQ2doaUNaZ3Z1YTdDblljUWJTMVRnQzVjaw%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
Google Frontend /
Resource Hash
1f8696a278ea0b75f3f71619645651d9af13ac3959f18f888464f3b805534ba4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://waaw.to/watch_video.php?v=Tkh2MFRYTlFvMHhCN091R0JRNFZIUVJnVlhtT0w0MzBsYjdqWXQvQ2doaUNaZ3Z1YTdDblljUWJTMVRnQzVjaw%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
cache
date
Mon, 15 May 2023 06:34:15 GMT
content-encoding
gzip
x-cache-status-inferno-s
HIT
last-modified
Sat, 26 Mar 2022 09:09:58 GMT
server
Google Frontend
etag
W/"623ed866-148e9"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
x-inferno-location
static
accessing-static
1
jquery-eu-cookie-law-popup.css
waaw.to/styles/global/
2 KB
1006 B
Stylesheet
General
Full URL
https://waaw.to/styles/global/jquery-eu-cookie-law-popup.css
Requested by
Host: waaw.to
URL: https://waaw.to/watch_video.php?v=Tkh2MFRYTlFvMHhCN091R0JRNFZIUVJnVlhtT0w0MzBsYjdqWXQvQ2doaUNaZ3Z1YTdDblljUWJTMVRnQzVjaw%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
Google Frontend /
Resource Hash
2581ed2d4bc43877fbd2f16ea5da6db6a3e798f40f79facf61d93d9ced68fb19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://waaw.to/watch_video.php?v=Tkh2MFRYTlFvMHhCN091R0JRNFZIUVJnVlhtT0w0MzBsYjdqWXQvQ2doaUNaZ3Z1YTdDblljUWJTMVRnQzVjaw%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
cache
date
Mon, 15 May 2023 06:34:15 GMT
content-encoding
gzip
x-cache-status-inferno-s
HIT
last-modified
Sat, 11 Mar 2017 18:53:53 GMT
server
Google Frontend
etag
W/"58c447c1-79f"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
x-inferno-location
static
accessing-static
1
view_channel.css
waaw.to/styles/cbv2new/theme/
2 KB
1 KB
Stylesheet
General
Full URL
https://waaw.to/styles/cbv2new/theme/view_channel.css
Requested by
Host: waaw.to
URL: https://waaw.to/watch_video.php?v=Tkh2MFRYTlFvMHhCN091R0JRNFZIUVJnVlhtT0w0MzBsYjdqWXQvQ2doaUNaZ3Z1YTdDblljUWJTMVRnQzVjaw%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
Google Frontend /
Resource Hash
17997f1a091040fd4917dc1acffc708b66ac2caede39a2619b03d5cab4801166

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://waaw.to/watch_video.php?v=Tkh2MFRYTlFvMHhCN091R0JRNFZIUVJnVlhtT0w0MzBsYjdqWXQvQ2doaUNaZ3Z1YTdDblljUWJTMVRnQzVjaw%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
cache
date
Mon, 15 May 2023 06:34:15 GMT
content-encoding
gzip
x-cache-status-inferno-s
HIT
last-modified
Tue, 19 Feb 2013 18:42:58 GMT
server
Google Frontend
etag
W/"5123c7b2-93b"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
x-inferno-location
static
accessing-static
1
rating.css
waaw.to/styles/cbv2new/theme/
4 KB
2 KB
Stylesheet
General
Full URL
https://waaw.to/styles/cbv2new/theme/rating.css
Requested by
Host: waaw.to
URL: https://waaw.to/watch_video.php?v=Tkh2MFRYTlFvMHhCN091R0JRNFZIUVJnVlhtT0w0MzBsYjdqWXQvQ2doaUNaZ3Z1YTdDblljUWJTMVRnQzVjaw%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
Google Frontend /
Resource Hash
b7e64e5f08381aeefcf26852adc8e4212a37783f7161b0f9e229d7a46ccfd75c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://waaw.to/watch_video.php?v=Tkh2MFRYTlFvMHhCN091R0JRNFZIUVJnVlhtT0w0MzBsYjdqWXQvQ2doaUNaZ3Z1YTdDblljUWJTMVRnQzVjaw%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
cache
date
Mon, 15 May 2023 06:34:15 GMT
content-encoding
gzip
x-cache-status-inferno-s
HIT
last-modified
Sat, 07 Sep 2013 15:43:21 GMT
server
Google Frontend
etag
W/"522b4999-fbe"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
x-inferno-location
static
accessing-static
1
jquery.min.js
unpkg.com/jquery@2.2.4/dist/
84 KB
31 KB
Script
General
Full URL
https://unpkg.com/jquery@2.2.4/dist/jquery.min.js
Requested by
Host: waaw.to
URL: https://waaw.to/watch_video.php?v=Tkh2MFRYTlFvMHhCN091R0JRNFZIUVJnVlhtT0w0MzBsYjdqWXQvQ2doaUNaZ3Z1YTdDblljUWJTMVRnQzVjaw%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://waaw.to/
Origin
https://waaw.to
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:16 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
8909516
last-modified
Fri, 20 May 2016 17:24:42 GMT
fly-request-id
01GR5H2Y819A0SKJQ1MNKQXVV8-fra
server
cloudflare
etag
W/"14e4a-abtp4lyn1e8JNTF1hOYVPz/ZqIw"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7c795aa9e80f3a9e-FRA
Primary Request /
eqywj.katerionews.com/hot-news/
71 KB
11 KB
Document
General
Full URL
https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Requested by
Host: waaw.to
URL: https://waaw.to/watch_video.php?v=Tkh2MFRYTlFvMHhCN091R0JRNFZIUVJnVlhtT0w0MzBsYjdqWXQvQ2doaUNaZ3Z1YTdDblljUWJTMVRnQzVjaw%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ca967a334cf8ed383014265fb71072c274c27e42caafceb3da90477ba1a4a7f

Request headers

Referer
https://waaw.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
7c795aaa6e9c5c7a-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 15 May 2023 06:34:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ahjbQH7od1OGqJjerLSyT9lOkDGRt1MKSj1uha9rcptcgzQsrCI9NRs0lkPXxUmyQgx78tsu%2FPQEgkLxsiAFQCFo0IxE8%2BLYVK9qh7QHO7bys9ijDZukhDc9ENVZom5LCMr%2FUgMlV97t79HIJ61b3V22qYM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
style.min.css
katerionews.com/wp-includes/css/dist/block-library/
95 KB
13 KB
Stylesheet
General
Full URL
https://katerionews.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:16 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 27 Apr 2023 19:41:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1103326
etag
W/"644acfea-17ced"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vMWONwMFi5fmHKx5P4KtkV2GyPGgPbyOJBxTzXkWnTsBm%2F2uhBZzUqO7fTB9mjttu%2BH8V5UiiesTYCCzO%2Bdz%2FWsYiIMMyUsBF3nusAmxpfswepYkAVbFVi01oSF5RoU00gNYCH31hyGE0nxIHjg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
7c795aab6f6e5c7a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jun 2023 12:05:30 GMT
classic-themes.min.css
katerionews.com/wp-includes/css/
291 B
481 B
Stylesheet
General
Full URL
https://katerionews.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:16 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 27 Apr 2023 19:41:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1103326
etag
W/"644acfea-123"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fch%2FYdvO28JUVNWGngbZiIwH1h4L1h2PneBHNUki6tVNWvuMU1HTFSCDpg9P35N5nUwwUbIp%2Br9uaU69qMKje6TLgJcKI4s3QaeuD4jJdDVOMA72mkEkZJ9cN5mtdsIO%2BcDoa7mNdwDPYGHnM2s%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
7c795aab6f695c7a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jun 2023 12:05:30 GMT
wpautoterms.css
katerionews.com/wp-content/plugins/auto-terms-of-service-and-privacy-policy/css/
547 B
518 B
Stylesheet
General
Full URL
https://katerionews.com/wp-content/plugins/auto-terms-of-service-and-privacy-policy/css/wpautoterms.css?ver=6.1.1
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2721cb3be7704be75a403489d609671fab74269a881ca8b62f1b47f118c02a76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:16 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 19 Jan 2023 11:35:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1103326
etag
W/"63c92b0f-223"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SvFwZYHZ%2F5QvJ6KezVM%2F1WOxUYyUNsZLppsy2%2FHpPFRmVANPcoanrf5pLv65Jnhupl09Ljt8YYAc92hJ9mGyar%2BTMobaW%2BtHVMj6Ap1QZPBaHVqjrh%2B49AqU%2BK9S050m%2BzXwTjWtImQP%2BFNYSv0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
7c795aab6f6c5c7a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jun 2023 12:05:30 GMT
styles.css
katerionews.com/wp-content/plugins/contact-form-7/includes/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://katerionews.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.2
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:16 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 27 Apr 2023 19:41:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1103396
etag
W/"644acfcd-b2b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=crw%2Bbsqwj018RLJCeHZd78q15oePuJvlNzivLQon539uzHWwXIKwgOn%2FoTvqfQrE0l%2B6caRnid%2FHRGuldKQmRekdbP%2F7vYIFqy%2FLTUPB2%2BN0tJ430WYQd2qqfyQjEJBZwJl9SrlTM9lw2akTCJg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
7c795aab6f705c7a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jun 2023 12:04:20 GMT
style-frontend-pro.1.20.2.css
katerionews.com/wp-content/plugins/social-pug/assets/dist/
0
313 B
Stylesheet
General
Full URL
https://katerionews.com/wp-content/plugins/social-pug/assets/dist/style-frontend-pro.1.20.2.css?ver=1.20.2
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:16 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1103326
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
last-modified
Tue, 21 Mar 2023 20:25:18 GMT
server
cloudflare
etag
"641a12ae-0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Di9uqg8fH4NcvbmJNMXJK8Agf%2BHdRqneEQ%2FKJQtb6kGnFKCQwfq85X64fi1lsf%2BBOLsAVpPO2mxLTlok4dqZhRnEbH8MZcTsbdU9%2B5hrJLhve%2BuZUvwhKkb9m2JyL%2F93RXx3hUZVNzXNChrknno%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7c795aab6f6f5c7a-FRA
expires
Thu, 01 Jun 2023 12:05:30 GMT
jquery.bxslider.min.css
katerionews.com/wp-content/themes/supermag/assets/library/bxslider/css/
2 KB
952 B
Stylesheet
General
Full URL
https://katerionews.com/wp-content/themes/supermag/assets/library/bxslider/css/jquery.bxslider.min.css?ver=4.2.5
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
392d77cffdff39dc3f1a1b0f8f75dc53a84b0329bdb9d43908ead698ed004e9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:16 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 05 Feb 2022 11:34:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1103326
etag
W/"61fe60e2-8a4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=03o8vVBlgLfX6QNltH52Q6sYI%2F%2FCRkgfQvMvH5BFR4IpwM7Ezi8yGWAlVbl2PyVOmv0ra28MB7PkkNtSGjcmXRfuGkNJkGdKzgv2QXdpD5EvFKPaVxNS2az33NQfvYKWLDE38herGe1oaZRz89Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
7c795aab6f6a5c7a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jun 2023 12:05:30 GMT
css
fonts.googleapis.com/
14 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A600%2C400%7CRoboto%3A300italic%2C400%2C500%2C700&ver=1.0.1
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
20b608e9acc2503aa48a61182c4ccac4b95be292e5df01776dc1b61012e30c8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 15 May 2023 06:34:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 15 May 2023 06:01:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 May 2023 06:34:16 GMT
font-awesome.min.css
eqywj.katerionews.com/wp-content/themes/supermag/assets/library/Font-Awesome/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://eqywj.katerionews.com/wp-content/themes/supermag/assets/library/Font-Awesome/css/font-awesome.min.css?ver=4.7.0
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:16 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 05 Feb 2022 11:34:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
105938
etag
W/"61fe60e2-791c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=neVJO6UmJiEQma%2B5mu%2B27cBlfgjf2gpDVD8ZdLkqWz%2FXP8rCDjsSmYGhpdIva4jujfd4tyt7KAj1xfVz8MvLsQCSyb0SgXlejwlRnY4ZjbHHNzTxBu7WOtMy%2BuR33xUsfI%2B3eNlxBCQLaKP%2F37%2FZkaCXez0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
7c795aab5f625c7a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 13 Jun 2023 01:08:38 GMT
style.css
katerionews.com/wp-content/themes/supermag/
48 KB
11 KB
Stylesheet
General
Full URL
https://katerionews.com/wp-content/themes/supermag/style.css?ver=1.4.9
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ffcaf1952587ab361109eaa43bfc5d1cb964cc5f639f5487eef6101daafaff4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:16 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 05 Feb 2022 11:34:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1103326
etag
W/"61fe60e2-c043"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6e2RenipF1m50cCsozlSvbSfPUV6IQ3CfY49zRqSeZP2gtoS8il7J3%2BTrAhudHpk0nxdPeKjXtd5pLmLuxa5rTmPOIH2gL44TDYx9dwHTetXPeZieRFBeeZs9aPpnNAbd35d4wZD7kVxl%2BkuMVg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
7c795aab6f6b5c7a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jun 2023 12:05:30 GMT
gutenberg-front.css
katerionews.com/wp-content/themes/supermag/acmethemes/gutenberg/
1 KB
697 B
Stylesheet
General
Full URL
https://katerionews.com/wp-content/themes/supermag/acmethemes/gutenberg/gutenberg-front.css?ver=1.0
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2f759732212e67ffa0b6e9b3a2107d4e4b37adfc249f02d5247013a1533283a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:16 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 05 Feb 2022 11:34:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1103326
etag
W/"61fe60e2-47f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AH%2Bf%2BQyUCY1jclndJj7KGz78Nn6DLqZ1kSB7s6%2F%2BI1UPAflPfJhCmouC9%2Bhq3gKmqEHe54m7vrAnaR%2B5BoPfoNZDkjFwFZLcU3aHpC1JMH1b3zJj%2BRqiXK1fooykY6EZ2sGiDXrUGop7Sho4rzg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
7c795aab6f675c7a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jun 2023 12:05:30 GMT
jquery.min.js
katerionews.com/wp-includes/js/jquery/
88 KB
32 KB
Script
General
Full URL
https://katerionews.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:16 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 27 Apr 2023 19:41:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1103326
etag
W/"644acfea-15ed7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EEyE0j6l0kNVk%2BOdy4hQGyEz%2FWY4jgXDTNge7FgTPdRJI%2B2lx2FFcgRdV%2FTJFxBl%2Fw5Rhiy0DgqaisblDglnq5OWmyN210P5noeLGizqeTOWIrg0AAuUHhC1HrmBVxsmQlfazo5b3W7ikrweGbM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7c795aab6f795c7a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jun 2023 12:05:30 GMT
jquery-migrate.min.js
katerionews.com/wp-includes/js/jquery/
13 KB
5 KB
Script
General
Full URL
https://katerionews.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:16 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 27 Apr 2023 19:41:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1103326
etag
W/"644acfea-3470"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NMlCgYz8SqCM1awr6bCJ%2Fj7cJ0IlO51jIvmLJtNPFQ%2Bi9ZhT3aWR7KksZZ3nAiZqf4%2BqWr3rFWwYQIUMo%2F978kkQf%2BiGDiqe6ghMTRWYobXDk5LpLVklK4NRI86GqCf6qJXWloLXpKP5JF1bEPY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7c795aab6f7a5c7a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jun 2023 12:05:30 GMT
regenerator-runtime.min.js
katerionews.com/wp-includes/js/dist/vendor/
6 KB
3 KB
Script
General
Full URL
https://katerionews.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:16 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 27 Apr 2023 19:41:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1103326
etag
W/"644acfea-19cf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OwvV1FCaL6A7YmyRDzoek11Y4dbfFzm57qJlE9s2wP0q0xT%2Fy300MnvWLO%2FKcnq%2Fgqbw0aNcKJrkNQW%2BlKY%2FAiA6s6eH7%2Fyh76vgfV4f2xAU5KMg1QUPJrd74XL%2BL%2BzByTaQg%2BfA3S5FL%2BYfYzE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7c795aab6f745c7a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jun 2023 12:05:30 GMT
wp-polyfill.min.js
katerionews.com/wp-includes/js/dist/vendor/
17 KB
7 KB
Script
General
Full URL
https://katerionews.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:16 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 20 Sep 2022 15:43:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1103326
etag
W/"6329dfa1-459f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IzwWtR0QY2vPNR4Xhkc1N5xv7NechCV6NyI8P02DUNdCm4fFS%2FSrDEh33rC0vcPpG%2B0jcBcR%2BAmtE7UV2w6UkKv%2B%2Bm7gMQcYHsq6LpnGevy8eE1ArSR2XQH1yUenYjQtU1kp88GIkeZsD0SbvoQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7c795aab6f735c7a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jun 2023 12:05:30 GMT
dom-ready.min.js
katerionews.com/wp-includes/js/dist/
498 B
624 B
Script
General
Full URL
https://katerionews.com/wp-includes/js/dist/dom-ready.min.js?ver=392bdd43726760d1f3ca
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
166c7c3bb5f76f977a9f2a5490589b3466374eb2b3f064802e56f08bad71fbf0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:16 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 11 Apr 2022 12:04:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1103326
etag
W/"6254194e-1f2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qYaN%2Bi81ezgeMBsaR2eMh6LNKg4%2FDbItbz%2Buui2g8JmK3uupt1puriVIJKT4Qz5Ov4dIQHaU%2B8JTxN2qbLZju%2BuSv6WaOvLQrqXGhQSeq9gxlFPJY%2B4N1JQqDAE01t5BvdkwjwVf7bbV%2FZDmOsI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7c795aab6f785c7a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jun 2023 12:05:30 GMT
base.js
katerionews.com/wp-content/plugins/auto-terms-of-service-and-privacy-policy/js/
720 B
573 B
Script
General
Full URL
https://katerionews.com/wp-content/plugins/auto-terms-of-service-and-privacy-policy/js/base.js?ver=2.5.0
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f58e30ab562e4d580aa3af24b123c2c296906742de518a749215e13d6bd2f0db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:16 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 19 Jan 2023 11:35:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1103326
etag
W/"63c92b0f-2d0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MSvlHJ0WLMmdv%2B%2F2027oJZHavJZ2ZpgTEWRJipXnLAigqJyNyxKWC4Z%2B8qi0ywqFSfmPn1JvoX3x5C%2FSZ0Ngzsb1gk8tli0t7vbMmToqmf3MljEe8Kg0Ar8QZiUiujnzf72RC1EVn6JHrBHGjFg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7c795aab6f755c7a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jun 2023 12:05:30 GMT
notbot.js
katerionews.com/wp-content/plugins/wp-simple-firewall/resources/js/shield/
5 KB
2 KB
Script
General
Full URL
https://katerionews.com/wp-content/plugins/wp-simple-firewall/resources/js/shield/notbot.js?ver=16.1.14&mtime=1674128137
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4865394c997ec6daa7530ce6d4e6c21e149a09d8d7058f0ffcc7a7771e36a6e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:16 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 27 Apr 2023 19:41:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1103326
etag
W/"644acfd6-14cc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MnrVQ8d0mCMm%2FBHgI8j2kYMIHEHbSifc3f%2FklhWofdZjO7F9u73aA18AOF4Pi%2FWIFWYV7UgtL1xeazV0wqioqmFuL2vgvOnEYp3ODI2WoZytBwdeYrWmLQ87aOMiBX8Z9klx3VBsV35GqBmSduU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7c795aab6f715c7a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jun 2023 12:05:30 GMT
loginbot.js
katerionews.com/wp-content/plugins/wp-simple-firewall/resources/js/shield/
3 KB
1 KB
Script
General
Full URL
https://katerionews.com/wp-content/plugins/wp-simple-firewall/resources/js/shield/loginbot.js?ver=16.1.14&mtime=1674128137
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
474776eb17d0e4ca038f4994076ede6f4017ecdf91eff0d3d074c3b7bb6a5a97

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:16 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 27 Apr 2023 19:41:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1103326
etag
W/"644acfd6-c9f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YUABeONt1MemgG7VB8PXsrPvcQ3wjEtZDZ%2B29UzEgVL3NhjnW6ljMyMbHSWe8mJpYRt32xJbQ53rcutVAxAjyCCMIYuGyBvFMzd0iVC91MxrdF9cbNbF8FnWzAs0zQLkGjmOoFwNGLg%2BJmYJW6c%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7c795aab6f775c7a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jun 2023 12:05:30 GMT
katerionews.comhead.js
jscdn.greeter.me/
8 KB
8 KB
Script
General
Full URL
https://jscdn.greeter.me/katerionews.comhead.js
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
226d63070977daaa2f82aad016a0207efaecfe2b818a4373b4675a0e1b5d0345
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Thu, 27 Apr 2023 08:24:42 GMT
x-amz-request-id
tx000000000000077ddd724-006461cc1e-97671145-fra1b
etag
"aac2da2ccc3948c99a291016a946d45c"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1684132456.dop251.am5.t,1684132456.cds204.am5.hn,1684132456.cds316.am5.c
content-type
text/javascript
cache-control
max-age=1990
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
8319
katerionews.comdynamic.js
jscdn.greeter.me/
8 KB
8 KB
Script
General
Full URL
https://jscdn.greeter.me/katerionews.comdynamic.js
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
531278a3ace8dcd7e7c86086a174d4779bd1c1042e51798e6801aad0cb96f766
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Thu, 27 Apr 2023 08:24:37 GMT
x-amz-request-id
tx000000000000077dd40bf-006461cbe4-97671145-fra1b
etag
"601d8420986f3b5983088b1cbf6643fe"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1684132456.dop251.am5.t,1684132456.cds204.am5.hn,1684132456.cds244.am5.c
content-type
text/javascript
cache-control
max-age=1932
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
7915
tag_5f40f04e-17fa-49cf-ae12-28a8f5bc005c.js
player.adipolosolutions.com/cdn/tags/
37 KB
37 KB
Script
General
Full URL
https://player.adipolosolutions.com/cdn/tags/tag_5f40f04e-17fa-49cf-ae12-28a8f5bc005c.js
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3c5eaeadeae2ed0bb83f2c5afa942cf6a48c5f6736e55bc85b65dfd99fe8e846

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 05:38:38 GMT
age
3338
x-guploader-uploadid
ADPycds3n8X9IzVxM7O95hE_tkSh0POJ-KpwZLIPSsqKzTMntVq8-OttVV1RUaUlEYdpxeaWkhQhNP5DCXE4Fc9i6S9cCQ
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37619
last-modified
Wed, 10 May 2023 19:02:57 GMT
server
UploadServer
etag
"70a49420ce464d0851f17c84ce6f7200"
x-goog-generation
1683745377074533
x-goog-hash
crc32c=G97Etw==, md5=cKSUIM5GTQhR8XyEzm9yAA==
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
37619
accept-ranges
bytes
content-type
text/javascript;charset=UTF-8
katerionews_com_27f21a7
tags.smilewanted.com/formats/corner-video/
14 KB
5 KB
Script
General
Full URL
https://tags.smilewanted.com/formats/corner-video/katerionews_com_27f21a7
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4424acd23ea2142e2b60075703aa8a3df1ef3aee192807e3da9ffb3f3d9e7fda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:16 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 15 May 2023 05:07:55 GMT
server
cloudflare
age
5181
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
cf-ray
7c795aab8c192c00-FRA
cropped-kn-1.png
katerionews.com/wp-content/uploads/2023/01/
10 KB
10 KB
Image
General
Full URL
https://katerionews.com/wp-content/uploads/2023/01/cropped-kn-1.png
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:8aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3278dc214a7ce0f416b7cdcf436537508aa95be0b953bf98c9272fdac2fc9d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:16 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1103215
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10027
last-modified
Thu, 19 Jan 2023 11:37:44 GMT
server
cloudflare
etag
"63c92b88-272b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qG14HRm8iCbEB4tANiK8uo6LFgPyB1IN6gtYBK3525ITQBftIWSUVv1RgE5g5wuy%2F5CUTuxyOZYsl1vqvsSeZHgNJKTJZyb3Cf4StW4XiIelrwNy6UqZJgSof%2BbIN0hfWZAxnMVcoTjza0jIL%2Fs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7c795aac5d639100-FRA
expires
Thu, 01 Jun 2023 12:07:21 GMT
style.css
katerionews.com/wp-content/plugins//automatic-video-posts/public/assets/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://katerionews.com/wp-content/plugins//automatic-video-posts/public/assets/css/style.css?ver=5.2.7
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:8aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f7bafa8c851ebd19002c6800701bad1729c46307ec72ef33ef8d6be928a8753

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:16 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 12:36:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1103215
etag
W/"615700d5-620"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c5VKfcSeNy45EKzdlhWhq4iO0D7z8j7n67q9DJDlWc0ujxhrglEHLbwkLr2cODn2XB%2FyhFIZGYObrTX17p42b6ok12GVNRcavm3hBt7NPoa6arYjPJ0F%2B7%2FzbPZ%2F2guu7nUe8t2FydsqC9MRyPs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
7c795aabacda9100-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jun 2023 12:07:21 GMT
index.js
katerionews.com/wp-content/plugins/contact-form-7/includes/swv/js/
10 KB
3 KB
Script
General
Full URL
https://katerionews.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.2
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:8aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:16 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 27 Apr 2023 19:41:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1103215
etag
W/"644acfcd-2801"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6gg9H9gOaHbOals%2FoKqTLFwVdbi7KZnYQMkhOTDJtexbGmfu4TGjmCN%2BcKAvw3MWk4ighI23QXIuUSB%2FRIsr%2BgKK2O4VHaY2S2V9OhkNGmBmOl8Enh14n7O3L0qkLfHEtk5TuPy6HmrlXqVphEw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7c795aabccea9100-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jun 2023 12:07:21 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.4/
82 KB
83 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:36 GMT
x-content-type-options
nosniff
age
36040
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
84380
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 13 May 2024 20:33:36 GMT
index.js
katerionews.com/wp-content/plugins/contact-form-7/includes/js/
13 KB
5 KB
Script
General
Full URL
https://katerionews.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:8aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:16 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 27 Apr 2023 19:41:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1103305
etag
W/"644acfcd-328f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c0AyCf1RfoNS9ne2WN%2B3l6mKliU59DnkMKjoI0TrQQllF3xTiDbFFSP8c05CqYRkkdcsf6jQPW7BU559wIPHw65SB6IhkdMyf9G9J8Oh9Y6O7GEQmO65BVcF%2BSBavuo9iemaJL%2BPRNM9ygMNvrY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7c795aac3d539100-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jun 2023 12:05:51 GMT
jquery.bxslider.js
katerionews.com/wp-content/themes/supermag/assets/library/bxslider/js/
66 KB
15 KB
Script
General
Full URL
https://katerionews.com/wp-content/themes/supermag/assets/library/bxslider/js/jquery.bxslider.js?ver=4.2.5.1.2
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:8aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5836e342b13c5e478c0587befc676af479166eefb14a1887f73783f2716cc31f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:16 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 05 Feb 2022 11:34:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1103215
etag
W/"61fe60e2-1061b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QA1YL9iaBaW53eeUkL%2BJ507GFTD0LHouyqtaCgTi0dKCiB5oRGCrrkaMzllnZmgvz0dxPcLpmEdW33lHLKglacFYkbm2103Q7OetZLpGCI79%2B5A9Rtfcbk9CsLw7YEKIVHZJD3V22K3LP9sKoYA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7c795aac4d5e9100-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jun 2023 12:07:21 GMT
theia-sticky-sidebar.min.js
katerionews.com/wp-content/themes/supermag/assets/library/theia-sticky-sidebar/
5 KB
2 KB
Script
General
Full URL
https://katerionews.com/wp-content/themes/supermag/assets/library/theia-sticky-sidebar/theia-sticky-sidebar.min.js?ver=1.7.0
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:8aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb242b5f299cd08ee579ad1b46e13cb235bb595dd10b03fab7dfadfc61103be6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:16 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 05 Feb 2022 11:34:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1103215
etag
W/"61fe60e2-1537"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wQjXG%2FMlbKydl8xhz3%2B5EiSBozyABtK1gtYgp73xVHxgG2wfGzgEAPNQfVcIUT9EiUrW0q%2FYX5Na4GgSkQT0kU3tz5XJc0rgL0QLlpSz3Fnnnwb9DFb4P93%2FHwdgqjDm7WsP4AkFvpW5aVR9vtE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7c795aac5d609100-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jun 2023 12:07:21 GMT
supermag-custom.js
katerionews.com/wp-content/themes/supermag/assets/js/
19 KB
5 KB
Script
General
Full URL
https://katerionews.com/wp-content/themes/supermag/assets/js/supermag-custom.js?ver=1.4.0
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:8aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7724e3d047bd094825f7e457996cb1f75a8fae6f99b38ae8a68baa65d667ed6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:16 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 05 Feb 2022 11:34:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1103215
etag
W/"61fe60e2-4a73"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KPteoa5kNG%2BeehcyD0flbmdnh6d%2F419ub4jHUnqlZJeYG6%2BB3KtTQFjSxHxSMOShchCMMcZKyeLIzr5q%2FYcpZTck8w1dTXVKbGFFTBs%2FyWpMBgBqhnn%2BLCMXIYxHwc7D9S3NmsWVKgvyeV53XTo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7c795aac5d619100-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jun 2023 12:07:21 GMT
scripts.js
katerionews.com/wp-content/plugins//automatic-video-posts/public/assets/js/
2 KB
1 KB
Script
General
Full URL
https://katerionews.com/wp-content/plugins//automatic-video-posts/public/assets/js/scripts.js?ver=1.0
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:8aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3c474724239d651fa1cc6b85d69083ea4eb92237083e319ec4f29650bb94c13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:16 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 12:36:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1103215
etag
W/"615700d5-6df"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s9Mm%2F5s1kUqdHJPFk6bX%2BZCOdoxi6Dzt2wA22V7TTY3KOS9uy79yvjT6odBf7xLf3boYB9VYJqjvZ95QLU7Ij3baCk4tNQi5xRy8JLnpviwfgm%2BTmHmEglJQkpkqlunGE0WZ3tysJsZ1JfKyZHQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7c795aac5d629100-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jun 2023 12:07:21 GMT
style.css
tags.smilewanted.com/formats/config_formats/corner-video/katerionews_com_27f21a7/
5 KB
1 KB
Stylesheet
General
Full URL
https://tags.smilewanted.com/formats/config_formats/corner-video/katerionews_com_27f21a7/style.css
Requested by
Host: tags.smilewanted.com
URL: https://tags.smilewanted.com/formats/corner-video/katerionews_com_27f21a7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc407b6b3fbd5020ef439472c3adb6aab02e76066e1aa040d2f47ea6a5c4e77a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:16 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 15 May 2023 06:10:07 GMT
server
cloudflare
age
1449
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
cache-control
max-age=86400
cf-ray
7c795aac5d122c00-FRA
ima3.js
imasdk.googleapis.com/js/sdkloader/
359 KB
120 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: tags.smilewanted.com
URL: https://tags.smilewanted.com/formats/corner-video/katerionews_com_27f21a7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8158ef9b95cd261be4d1ae9495472c1ce8e470c43d1a782367ae24d0d5aac39a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122506
x-xss-protection
0
expires
Mon, 15 May 2023 06:34:16 GMT
adx
pubads.g.doubleclick.net/gampad/ Frame 587C
0
570 B
Document
General
Full URL
https://pubads.g.doubleclick.net/gampad/adx?iu=/275831643/pixel_dar_test&sz=1x1&t=sw_domain_name%3Dkaterionews_com_27f21a7&1684132456375
Requested by
Host: tags.smilewanted.com
URL: https://tags.smilewanted.com/formats/corner-video/katerionews_com_27f21a7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eqywj.katerionews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 15 May 2023 06:34:16 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
google-creative-id
-2
google-lineitem-id
-2
google-mediationgroup-id
-2
google-mediationtag-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
adcall.php
prebid.smilewanted.com/track/analytics/
0
0

memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/
47 KB
48 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A600%2C400%7CRoboto%3A300italic%2C400%2C500%2C700&ver=1.0.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://eqywj.katerionews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 00:21:44 GMT
x-content-type-options
nosniff
age
195152
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 May 2024 00:21:44 GMT
NjlqR1A5RWZXcmpJc2tqaEp3S094dz09
waaw.to/e/ Frame BA84
140 KB
40 KB
Document
General
Full URL
https://waaw.to/e/NjlqR1A5RWZXcmpJc2tqaEp3S094dz09?http_referer=https%3A%2F%2Fwaaw.to%2Ff%2FlQbgDcfHP0gT&embed_from=embed_from
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
Google Frontend /
Resource Hash
06c28a97e6d5b7ad0e007763bea847ae2867c1ef5a426d04bc6a07caf54ea1f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

Referer
https://eqywj.katerionews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 15 May 2023 06:34:17 GMT
link
<//waaw.to>; rel=preconnect; crossorigin, <//global.stun.twilio.com>; rel=dns-prefetch; crossorigin, <//counter.yadro.ru>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//stun2.l.google.com>; rel=dns-prefetch; crossorigin, <//unpkg.com>; rel=preconnect; crossorigin, <//mc.yandex.ru>; rel=preconnect; crossorigin, <//cdn.jsdelivr.net>; rel=preconnect; crossorigin, <//signal.netu.tv>; rel=dns-prefetch; crossorigin,<//wss.commentsmodule.com>; rel=dns-prefetch; crossorigin, <//www.gstatic.com>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin,<//a.labadena.com>; rel=preconnect; crossorigin, <//deliver.vkcdnservice.com>; rel=preconnect; crossorigin,<//vkcdnservice.appspot.com.storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin, <//www.recaptcha.net>; rel=preconnect; crossorigin, <//cdnjs.cloudflare.com>; rel=preconnect; crossorigin
p3p
policyref="http://www.example.com/w3c/p3p.xml", CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR"
pragma
no-cache
server
Google Frontend
vary
Accept-Encoding
x-cache-status-inferno
MISS
x-content-type-options
nosniff
x-inferno-limit-req
PASSED
x-inferno-location
player
x-origin-location
player
x-robots-tag
'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
x-xss-protection
1; mode=block;
css
fonts.googleapis.com/
2 KB
643 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: tags.smilewanted.com
URL: https://tags.smilewanted.com/formats/config_formats/corner-video/katerionews_com_27f21a7/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tags.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 15 May 2023 06:34:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 15 May 2023 05:14:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 May 2023 06:34:16 GMT
icon
fonts.googleapis.com/
569 B
439 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: tags.smilewanted.com
URL: https://tags.smilewanted.com/formats/config_formats/corner-video/katerionews_com_27f21a7/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tags.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 15 May 2023 06:34:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 15 May 2023 06:34:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 May 2023 06:34:16 GMT
fontawesome-webfont.woff2
eqywj.katerionews.com/wp-content/themes/supermag/assets/library/Font-Awesome/fonts/
75 KB
76 KB
Font
General
Full URL
https://eqywj.katerionews.com/wp-content/themes/supermag/assets/library/Font-Awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/wp-content/themes/supermag/assets/library/Font-Awesome/css/font-awesome.min.css?ver=4.7.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:8aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://eqywj.katerionews.com/wp-content/themes/supermag/assets/library/Font-Awesome/css/font-awesome.min.css?ver=4.7.0
Origin
https://eqywj.katerionews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:16 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
95288
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
last-modified
Sat, 05 Feb 2022 11:34:58 GMT
server
cloudflare
etag
"61fe60e2-12d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eBxZF5Vx9n88n6ITwWBnmZ3T8kPmfgIQ0aETIKV2ZlmvjgEDj2rYlSQqXGduCVLEIwyVu3qjOaFnk0PZdf5boBpCKTtLsIKy3Qh9Ph9dXUaVkdSj4ayUQfrIhDTKEIiCQjuBoHAM6YrrpJGykLQGTUx3LWs%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7c795aac7d819100-FRA
expires
Tue, 13 Jun 2023 04:06:08 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A600%2C400%7CRoboto%3A300italic%2C400%2C500%2C700&ver=1.0.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://eqywj.katerionews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 02:06:17 GMT
x-content-type-options
nosniff
age
275279
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 May 2024 02:06:17 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A600%2C400%7CRoboto%3A300italic%2C400%2C500%2C700&ver=1.0.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://eqywj.katerionews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 21:03:36 GMT
x-content-type-options
nosniff
age
120640
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 May 2024 21:03:36 GMT
u4L21JI5AqA-649x365.jpg
katerionews.com/wp-content/uploads/2023/01/
24 KB
24 KB
Image
General
Full URL
https://katerionews.com/wp-content/uploads/2023/01/u4L21JI5AqA-649x365.jpg
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:8aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d88a09aa109b7bac1e729cd73e9272423b7e43d3c5af2fa3716c512f2f51d91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:16 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1103160
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
24574
last-modified
Tue, 24 Jan 2023 11:32:23 GMT
server
cloudflare
etag
"63cfc1c7-5ffe"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FOHuwy1MbMKzK1mKHzRqxvEm0Wi2dMEaOmOmkrLFjjaHNvL%2FTSMV6Zwa1wFw5nFlvvvQdlIxkxqUkVXW4m6i54msse%2BUub4aTD24aJtrL9C5%2F1mNuw6JyR%2Fd6AcibRuCfVAG7FEPjoFx27L%2FAUA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7c795aac8d899100-FRA
expires
Thu, 01 Jun 2023 12:08:16 GMT
sKAIdZf8A_g-649x365.jpg
katerionews.com/wp-content/uploads/2023/01/
39 KB
39 KB
Image
General
Full URL
https://katerionews.com/wp-content/uploads/2023/01/sKAIdZf8A_g-649x365.jpg
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:8aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc0db0297d1c3aebb37d57589a3a4173d57037d784a5e53435e6af47b226b3a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:16 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1103304
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
39622
last-modified
Tue, 24 Jan 2023 11:32:22 GMT
server
cloudflare
etag
"63cfc1c6-9ac6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n7lxHELXG9Hp5ybtOFInCTejnzFyb9MZ4lzns8lqSITqn6jeXTkUBf4KCVgi129DsStlXb64Oksbpf1F1PgJ7uysYI0Djm7jruL4XLT9uFfBBiKO7fHyWiJ2%2F1BXzSoS6T2JmMR7ZAyN2YXsPlo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7c795aac8d8a9100-FRA
expires
Thu, 01 Jun 2023 12:05:52 GMT
7q-j87W5XgA.jpg
katerionews.com/wp-content/uploads/2023/01/
31 KB
31 KB
Image
General
Full URL
https://katerionews.com/wp-content/uploads/2023/01/7q-j87W5XgA.jpg
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:8aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b3d371d468b3c78f4f75bb0395c0335eba859ecb6c9a66c0b4a6f8002f5a1c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:16 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1103411
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
31242
last-modified
Tue, 24 Jan 2023 11:32:19 GMT
server
cloudflare
etag
"63cfc1c3-7a0a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n5wQl95o9vj%2FUwhIpNVvnpiUvzlLCNBfzna5iUWumqSHqkbu81gXKP0l5VC%2BKkxH%2FEBtSm7GuVyU6hBQFbz5VlBUm6vHJlnlPb8SXiWPtlktpsF4P3ZI66UQG7DwwmTcw6doHoABaez0h%2F6rG6s%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7c795aac8d8b9100-FRA
expires
Thu, 01 Jun 2023 12:04:05 GMT
B0Jiu7ujCpE.jpg
katerionews.com/wp-content/uploads/2023/01/
36 KB
37 KB
Image
General
Full URL
https://katerionews.com/wp-content/uploads/2023/01/B0Jiu7ujCpE.jpg
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:8aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5624a88713c68344740b801d8dab70d5daf32d5c1636fa151197dd69839b7be3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:16 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1103411
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36989
last-modified
Mon, 23 Jan 2023 23:32:17 GMT
server
cloudflare
etag
"63cf1901-907d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5oZ2AHDrCQoBzs1FsTAM4ewktr0EAGnyjGyJlxDWM%2BwYt8RoIxZla4bBOXr8%2F3VJrxN8ps8wjIcXQTtj4PK9TFnMdlPAzInzv8TS2RmEY4A4L967nxmWJx5n%2FX0BTmcs%2FjGTxRjNqiMn4op%2B5jA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7c795aac8d8c9100-FRA
expires
Thu, 01 Jun 2023 12:04:05 GMT
MYuX_kCy1Jk-649x365.jpg
katerionews.com/wp-content/uploads/2023/01/
34 KB
35 KB
Image
General
Full URL
https://katerionews.com/wp-content/uploads/2023/01/MYuX_kCy1Jk-649x365.jpg
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:8aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
032f68a2c878b1ddcf04bc6aee774a8ea165de501cf2e37b2a701ff7e01f6870

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:16 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1103160
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
34869
last-modified
Mon, 23 Jan 2023 23:32:19 GMT
server
cloudflare
etag
"63cf1903-8835"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3WZq5G7chQgRdM5X8qJJIHd44rDqX%2FLV2Ger2WaxyrrejPSvSFfdBIxCwi4UwZvjLXkhDgwXGGIheG5qI7bjfStKYb4%2B66qtpfNUVHHRGXOUiQiw3g5olDTzPRfCZkqD3BP1zkl3mYsY1JWvDQU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7c795aac8d8e9100-FRA
expires
Thu, 01 Jun 2023 12:08:16 GMT
TRsDnG7NXDs-649x365.jpg
katerionews.com/wp-content/uploads/2023/01/
33 KB
33 KB
Image
General
Full URL
https://katerionews.com/wp-content/uploads/2023/01/TRsDnG7NXDs-649x365.jpg
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:8aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5c27d0d4f88d0ad490f3a92e9d7c387987952eb7e713d150208a4af31a45ac5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:16 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1103160
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33706
last-modified
Mon, 23 Jan 2023 23:32:20 GMT
server
cloudflare
etag
"63cf1904-83aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CHQvOYCQibUfWRbNpKTblsWuUxgovR1dEk%2FA11Hurme68fAqN%2FERpcmcdgZNyysJ3k8tEMbGjU%2FWV5h0BxOmFTmppIHE6tft2qP90tsE2wCH3vduP0qEtCn4aUlizuwc4IFhFsgwT6IhRj0dhug%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7c795aac8d909100-FRA
expires
Thu, 01 Jun 2023 12:08:16 GMT
/
track-selectmedia.com/trackv4/
0
418 B
Image
General
Full URL
https://track-selectmedia.com/trackv4/?&d5=eqywj.katerionews.com&d3=413cb585-3a5f-47af-b38f-bfa872f9a666&d25=fee06c3e-0c86-4f3a-ae7d-b4a40c03835b&d23=tag_5f40f04e-17fa-49cf-ae12-28a8f5bc005c&d24=e1da33b2-5df6-46fc-a1b0-e9494976c808&d2=1684132456&e=0&cb=1684132456455
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:16 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
allowedmethods
GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials
true
allowedheaders
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb_741094_17335.js
player.aplhb.adipolo.com/prebidlink/467814/
915 B
759 B
Script
General
Full URL
https://player.aplhb.adipolo.com/prebidlink/467814/hb_741094_17335.js
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/katerionews.comhead.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
824b856ba4cfec276cdc77b2f33fb95a5fe9082b982b697f463f7b46ffbbbb23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:16 GMT
content-encoding
gzip
last-modified
Sun, 14 May 2023 20:47:03 GMT
server
nginx
etag
W/"646148c7-393"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
expires
Mon, 15 May 2023 07:34:16 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
75 KB
25 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/katerionews.comhead.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
851f07728f20f097bea1cd996b80ea9448e4a695b5d16503ba445f77f8ed5560
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25242
x-xss-protection
0
server
cafe
etag
267 / 19492 / 31074558 / config-hash: 12209807291441061903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 15 May 2023 06:34:16 GMT
wrapper_hb_741094_17335.js
player.aplhb.adipolo.com/prebidlink/467814/
2 KB
1 KB
Script
General
Full URL
https://player.aplhb.adipolo.com/prebidlink/467814/wrapper_hb_741094_17335.js
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/katerionews.comhead.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
6d5f9ebd2914b0131567c5cd6b16f2c7cf21694e8d9be800c8436b6bad12db53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:16 GMT
content-encoding
gzip
last-modified
Sun, 14 May 2023 20:47:03 GMT
server
nginx
etag
W/"646148c7-6fa"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
expires
Mon, 15 May 2023 07:34:16 GMT
gpt.js
www.googletagservices.com/tag/js/
74 KB
25 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/katerionews.comhead.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
975021afa1047e3ff95663bec51055dcccb9fb3b542dafac4293fb2e0eb1897d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25234
x-xss-protection
0
server
cafe
etag
449 / 19492 / m202305090101 / config-hash: 12209807291441061903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 15 May 2023 06:34:16 GMT
hbp_master_741094_17335.js
player.aplhb.adipolo.com/prebidlink/467814/
294 KB
93 KB
Script
General
Full URL
https://player.aplhb.adipolo.com/prebidlink/467814/hbp_master_741094_17335.js
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467814/hb_741094_17335.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
788e83f577fb6cab6cbea678a8fa56ec24dcf960108971fa2f6d7f61bcd414c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:16 GMT
content-encoding
gzip
last-modified
Mon, 17 Apr 2023 11:11:26 GMT
server
nginx
etag
W/"643d295e-498f9"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
expires
Mon, 15 May 2023 07:34:16 GMT
hbw_master_741094_17335.js
player.aplhb.adipolo.com/prebidlink/x467814/
93 KB
32 KB
Script
General
Full URL
https://player.aplhb.adipolo.com/prebidlink/x467814/hbw_master_741094_17335.js
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467814/wrapper_hb_741094_17335.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
67033b6a599c714d8f8890117430cd49030ad32a2906005b2248532163f10e1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:16 GMT
content-encoding
gzip
last-modified
Sun, 14 May 2023 20:47:03 GMT
server
nginx
etag
W/"646148c7-17458"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
expires
Mon, 15 May 2023 07:34:16 GMT
apstag.js
c.amazon-adsystem.com/aax2/
230 KB
57 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/x467814/hbw_master_741094_17335.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bf5de2a37e1b850ca9cc3b1a55bccd36def2be3524d0c5acb67b61f26aac8a96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 05:36:46 GMT
content-encoding
gzip
via
1.1 8197d89da72990bb606996d5e7c73ab6.cloudfront.net (CloudFront), 1.1 920a6dce56a0ee957dbaa3bf4429f8fe.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 21:23:07 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1, FRA56-P3
age
3451
x-amz-server-side-encryption
AES256
etag
W/"e6af4658ab1a6fdde1f0066b27d5372e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
q2-KGFquFZt_SOxw5VL3Ck5FSPJmTb7624feR73XZauZqVyyKyxR3w==
/
ghb.aplhb.adipolo.com/geo/
149 B
426 B
XHR
General
Full URL
https://ghb.aplhb.adipolo.com/geo/
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/x467814/hbw_master_741094_17335.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.173.226 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
dc3e5b363ee720089ba447abefefc3354882a3c290c187e19c221cce88dc6754

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Mon, 15 May 2023 06:34:16 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://eqywj.katerionews.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
149
tracking
ghb.aplhb.adipolo.com/adunit/
43 B
440 B
XHR
General
Full URL
https://ghb.aplhb.adipolo.com/adunit/tracking?event=11&type=0&client_id=741094&site_id=17335&full_page_url=https%3A%2F%2Feqywj.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4&adid=ogzc7r.kb&features=81952&vpbv=N143&tte=155&lifecycle_tte=597
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/x467814/hbw_master_741094_17335.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.173.226 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Mon, 15 May 2023 06:34:16 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://eqywj.katerionews.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
xa2et.js
geo.dailymotion.com/libs/player/
35 KB
14 KB
Script
General
Full URL
https://geo.dailymotion.com/libs/player/xa2et.js
Requested by
Host: tags.smilewanted.com
URL: https://tags.smilewanted.com/formats/corner-video/katerionews_com_27f21a7
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.90 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
fp.dc3.dailymotion.com
Software
DMS/1.0.42 /
Resource Hash
c84610f1791a022a8fba661dab5ef6adb6d2305f704d5a88dc28fae6b29ae49b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31708800; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Security-Policy
upgrade-insecure-requests
Content-Encoding
gzip
Referrer-Policy
strict-origin-when-cross-origin
Date
Mon, 15 May 2023 06:34:16 GMT
Server
DMS/1.0.42
Strict-Transport-Security
max-age=31708800; includeSubDomains; preload
Expect-Ct
max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Content-Security-Policy-Report-Only
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Vary
X-DM-SSL, Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
no-cache, no-store
Server-Timing
total;dur=20, dc;desc="dc3"
Timing-Allow-Origin
*
Content-Length
13091
config
c.amazon-adsystem.com/cdn/prod/
0
315 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Feqywj.katerionews.com&pubid=00ed17ab-4189-4639-9d5e-15acd40affde
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:15:19 GMT
via
1.1 920a6dce56a0ee957dbaa3bf4429f8fe.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
age
1136
x-cache
Hit from cloudfront
access-control-allow-origin
https://eqywj.katerionews.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
Nz2eyIBynn8l4NITIrcy86rUvSj_kDznz0DVxfRKvr5rxvnW6sW1Kw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
yHpogsakS7iCluwAmUa6Y9ccBYm32d5h
content-encoding
gzip
via
1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
date
Mon, 15 May 2023 04:51:30 GMT
x-amz-cf-pop
FRA56-P3
age
19977
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 11 May 2023 21:16:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
pl5cft2oMIMPCEDX7tQYOajPWadYjB-_3dxGz6uuFpaqhiGV43Tizg==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/
406 KB
125 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1724b4bef54c6783a92933aad501fd9fe01ceb5225301c744ff0883030e72f00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:54:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
34772
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128048
x-xss-protection
0
server
cafe
etag
352811828592807000
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 13 May 2024 20:54:44 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
2 KB
559 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=eqywj.katerionews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e20317c5f13ccae4cade19399ac549a443cfef0263c520832c6d491b0dc4117
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
534
x-xss-protection
0
expires
Mon, 15 May 2023 06:34:16 GMT
infos_corner_video.php
tags-videos.smilewanted.com/
3 KB
1 KB
Script
General
Full URL
https://tags-videos.smilewanted.com/infos_corner_video.php?domaine=katerionews_com_27f21a7&device=desktop&url=https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4&path=/hot-news/&consent_string=undefined&is_fb=false
Requested by
Host: tags.smilewanted.com
URL: https://tags.smilewanted.com/formats/corner-video/katerionews_com_27f21a7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d230b0c420f85b1a5024fc55cb97b64f5a4919a19f20f9fca856fe5972bada0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:16 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7c795aaef8852c00-FRA
content-type
application/javascript
config.json
player.adtelligent.com/exchange_rates/313490/
11 KB
5 KB
XHR
General
Full URL
https://player.adtelligent.com/exchange_rates/313490/config.json?cb=https%3A%2F%2Feqywj.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467814/hbp_master_741094_17335.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
a5bb06f7aad58dfb341479a6b2e90feb35288b9f7b4c0b31cfce85c8bd2b4966

Request headers

Referer
https://eqywj.katerionews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

expires
Wed, 17 May 2023 06:34:16 GMT
date
Mon, 15 May 2023 06:34:16 GMT
content-encoding
gzip
last-modified
Sat, 13 May 2023 12:04:16 GMT
server
nginx
etag
W/"645f7cc0-2a82"
content-type
application/json
access-control-allow-origin
https://eqywj.katerionews.com
cache-control
max-age=172800
x-proxy-cache
HIT
bid
aax.amazon-adsystem.com/e/dtb/
23 B
466 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Feqywj.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4&pr=https%3A%2F%2Fwaaw.to%2F&pid=6UaJVEuMtYSoZ&cb=0&ws=1600x1200&v=23.505.1627&t=1900&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-8176806-4%22%2C%22s%22%3A%5B%22300x250%22%2C%22320x50%22%2C%22320x100%22%5D%2C%22sn%22%3A%22%2F21939239661%2C22893780809%2Fapl%2Faplmcm%2Frich%2Fadx22893379435%22%7D%5D&sg=%7B%22ortb2%22%3A%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22browsers%22%3A%5B%5D%7D%7D%7D%7D&schain=1.0%2C1!adipolo.com%2C22893780809%2C1%2C%2C%2C&pubid=00ed17ab-4189-4639-9d5e-15acd40affde&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-4.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:17 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 d9523e44e96d2539081596bb1d268d44.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
4G0GKM390P3SA8ACQEV7
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://eqywj.katerionews.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
BBiumMf3Lo4qDgLnVFqTEauWciH1BDQy__B0CM11SCi5cSJDGRw7Ig==
adreq
ads.servenobid.com/
405 B
559 B
XHR
General
Full URL
https://ads.servenobid.com/adreq?cb=70
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467814/hbp_master_741094_17335.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.48.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-48-151.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
80d3da84d93b3bca156a7a356f3a739edd4a6a15cdcfd60c8d058f4322d6e526

Request headers

Referer
https://eqywj.katerionews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 15 May 2023 06:34:16 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://eqywj.katerionews.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
c
prebid.a-mo.net/a/
0
280 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467814/hbp_master_741094_17335.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eqywj.katerionews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://eqywj.katerionews.com
date
Mon, 15 May 2023 06:34:16 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
bid
ap.lijit.com/rtb/
24 B
408 B
XHR
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.37.0
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467814/hbp_master_741094_17335.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
2937afada54f23175669f7f8c41801f0de537707dad7d309b31d61a1f5559d8b

Request headers

Referer
https://eqywj.katerionews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 15 May 2023 06:34:16 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://eqywj.katerionews.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
cdb
bidder.criteo.com/
18 B
319 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.37.0&cb=81356763532&lsavail=0
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467814/hbp_master_741094_17335.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://eqywj.katerionews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 15 May 2023 06:34:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://eqywj.katerionews.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
prebid-request
onetag-sys.com/
15 B
369 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467814/hbp_master_741094_17335.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://eqywj.katerionews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://eqywj.katerionews.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
cdb
bidder.criteo.com/
18 B
318 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.37.0&cb=37789518778&lsavail=0
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467814/hbp_master_741094_17335.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://eqywj.katerionews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 15 May 2023 06:34:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://eqywj.katerionews.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
script.js
tags.smilewanted.com/formats/config_formats/corner-video-ima/katerionews_com_27f21a7/
68 KB
11 KB
Script
General
Full URL
https://tags.smilewanted.com/formats/config_formats/corner-video-ima/katerionews_com_27f21a7/script.js
Requested by
Host: tags.smilewanted.com
URL: https://tags.smilewanted.com/formats/corner-video/katerionews_com_27f21a7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
525fc0f0bbae2989ae5c6c462203965b22f0a6aab3805038c4050f6e0000201c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:16 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7c795aafa9322c00-FRA
content-type
application/javascript; charset=utf-8
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/
125 KB
126 KB
Font
General
Full URL
https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://eqywj.katerionews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 12:25:59 GMT
x-content-type-options
nosniff
age
151697
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 19:51:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 May 2024 12:25:59 GMT
bridge3.573.0_en.html
imasdk.googleapis.com/js/core/ Frame 6A1A
707 KB
226 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.573.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d874ba7d932f73df5bc8501b80fdc1afeef566768248b7f06e392571f562b8ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eqywj.katerionews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
179218
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
231088
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 13 May 2023 04:47:18 GMT
expires
Sun, 12 May 2024 04:47:18 GMT
last-modified
Sat, 13 May 2023 04:42:04 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/
44 KB
17 KB
Script
General
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 May 2023 06:34:17 GMT
integrator.js
adservice.google.com/adsid/
107 B
456 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=eqywj.katerionews.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
23 KB
11 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=230824176954640&correlator=1626036061915344&eid=31074535%2C31074540%2C31074558&output=ldjh&gdfp_req=1&vrg=202305110101&ptt=17&impl=fifs&iu_parts=21939239661%3A22893780809%2Capl%2Caplmcm%2Crich%2Cadx22893379435&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250%7C320x50%7C320x100&ifi=1&adks=778162663&didk=2675907386&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26amznbid%3D1%26amznp%3D1%26excl_cat%3DPREPOST&eri=1&cust_params=amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1684132457015&lmt=1684132457&dlt=1684132456199&idt=657&adxs=589&adys=25&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Feqywj.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4&ref=https%3A%2F%2Fwaaw.to%2F&frm=20&vis=1&psz=795x0&msz=795x0&fws=0&ohw=0&ga_vid=1957477600.1684132457&ga_sid=1684132457&ga_hid=42405692&ga_fc=false&cbidsp=CtgDCAEyB3Y3LjM3LjASEgoFbm9iaWRSBW5vYmlkEGggAhIOCgNhbXhSA2FteBA4IAISDgoDYW14UgNhbXgQOCACEhIKBXNvdnJuUgVzb3ZybhA5IAISEgoFc292cm5SBXNvdnJuEDkgAhISCgVzb3ZyblIFc292cm4QOSACEhIKBXNvdnJuUgVzb3ZybhA5IAISEgoFc292cm5SBXNvdnJuEDkgAhI6ChVjcml0ZW9fbmF0aXZlX2FkaXBvbG9SBmNyaXRlb1IVY3JpdGVvX25hdGl2ZV9hZGlwb2xvED4gAhIUCgZvbmV0YWdSBm9uZXRhZxAeIAISFAoGY3JpdGVvUgZjcml0ZW8QUyACEhQKBmNyaXRlb1IGY3JpdGVvEFMgAhIUCgZjcml0ZW9SBmNyaXRlbxBTIAISFAoGY3JpdGVvUgZjcml0ZW8QUyACEhQKBmNyaXRlb1IGY3JpdGVvEFMgAhIUCgZjcml0ZW9SBmNyaXRlbxBTIAISFAoGY3JpdGVvUgZjcml0ZW8QUyACEhQKBmNyaXRlb1IGY3JpdGVvEFMgAhgCIiRiMmFhZjY4NC05MjQyLTQwODItOWY5ZC03YWEzN2E4YTRhMTAqBAgDIABKAEDQDw..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d5cc76ca75c8dfd1f7de9fc1c14086ad4bded8ecdc82a091a890636a63f25c82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:17 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11124
x-xss-protection
0
google-lineitem-id
6288361622
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138430878158
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://eqywj.katerionews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a1fb36eb5e79c4c336a78c85999d0db3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E712
6 KB
3 KB
Document
General
Full URL
https://a1fb36eb5e79c4c336a78c85999d0db3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eqywj.katerionews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 15 May 2023 06:34:17 GMT
expires
Tue, 14 May 2024 06:34:17 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
271231
search.spotxchange.com/vast/2.00/ Frame 6A1A
67 B
1 KB
XHR
General
Full URL
https://search.spotxchange.com/vast/2.00/271231?VPAID=JS&content_page_url=https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4&cb=1684132456983&VMaxd=120&custom_skin=1&player_width=640&player_height=480&custom[vd]=0&schain=1.0,1!smilewanted.com,4192,1,,purifydigital.com,purifydigital.com,
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.573.0_en.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Mon, 15 May 2023 06:34:17 GMT
X-SpotX-Timing-SpotMarket-Primary
0.014776
X-SpotX-Timing-Transform
0.000274
Content-Encoding
gzip
X-SpotX-Timing-SpotMarket
0.106586
X-SpotX-Timing-Page-Require
0.000563
X-fe
103
Connection
keep-alive
X-SpotX-Timing-Page-Misc
0.003785
X-SpotX-Timing-Page-Cookie
0.000032
Content-Length
79
X-SpotX-Timing-Page
0.112499
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000392
Last-Modified
Mon, 15 May 2023 06:34:17 GMT
Server
nginx
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://imasdk.googleapis.com
X-SpotX-Timing-Page-Exception
0.000001
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-URI
0.000009
X-SpotX-Timing-SpotMarket-Secondary
0.091810
X-SpotX-Timing-Page-Mux
0.000857
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
websocket_ip.min.js
waaw.to/js/ Frame BA84
5 KB
2 KB
Script
General
Full URL
https://waaw.to/js/websocket_ip.min.js
Requested by
Host: waaw.to
URL: https://waaw.to/e/NjlqR1A5RWZXcmpJc2tqaEp3S094dz09?http_referer=https%3A%2F%2Fwaaw.to%2Ff%2FlQbgDcfHP0gT&embed_from=embed_from
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
Google Frontend /
Resource Hash
419b600e2a3d2523ed458633a946a9a07fcf046077f0ea79f3e435f154f04ee7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://waaw.to/e/NjlqR1A5RWZXcmpJc2tqaEp3S094dz09?http_referer=https%3A%2F%2Fwaaw.to%2Ff%2FlQbgDcfHP0gT&embed_from=embed_from
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
cache
date
Mon, 15 May 2023 06:34:17 GMT
content-encoding
gzip
x-cache-status-inferno-s
HIT
last-modified
Fri, 20 Jan 2023 13:44:36 GMT
server
Google Frontend
etag
W/"63ca9ac4-121c"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
x-inferno-location
static
accessing-static
1
netu.php
testingmetriksbre.ru/ Frame BA84
1 KB
1 KB
Script
General
Full URL
https://testingmetriksbre.ru/netu.php
Requested by
Host: waaw.to
URL: https://waaw.to/e/NjlqR1A5RWZXcmpJc2tqaEp3S094dz09?http_referer=https%3A%2F%2Fwaaw.to%2Ff%2FlQbgDcfHP0gT&embed_from=embed_from
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:aa2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash
fd45bb46808611318ab74c39100ef0aa9aa78e5ad508e6219d0ec8d4d52f2a46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://waaw.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:17 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.1.33
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fqJ9QZB9zEN1t9mVuMHoUikE45ON6Gg6Tp%2Frd7xTbB8dLrsTBaPRAc%2B7qwNG0Sgdjx86Bdy6IlRMLgYcXL8hH%2F1VcX2X4sOiCITxbOF8FHL0MJssEa4aSSjXHQf8zvqQsFIx1RXCTH97gteOag5tRYl8zw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
7c795ab1d93418b3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
embed_player.3.css
waaw.to/styles/global/ Frame BA84
6 KB
2 KB
Stylesheet
General
Full URL
https://waaw.to/styles/global/embed_player.3.css?130
Requested by
Host: waaw.to
URL: https://waaw.to/e/NjlqR1A5RWZXcmpJc2tqaEp3S094dz09?http_referer=https%3A%2F%2Fwaaw.to%2Ff%2FlQbgDcfHP0gT&embed_from=embed_from
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
Google Frontend /
Resource Hash
e2f1967bd0ff37182a4c0d4af0ae9cb04cdcbd189cec906bc2e2d9e0a36209e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://waaw.to/e/NjlqR1A5RWZXcmpJc2tqaEp3S094dz09?http_referer=https%3A%2F%2Fwaaw.to%2Ff%2FlQbgDcfHP0gT&embed_from=embed_from
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
cache
date
Mon, 15 May 2023 06:34:17 GMT
content-encoding
gzip
x-cache-status-inferno-s
HIT
last-modified
Wed, 09 Dec 2020 22:16:37 GMT
server
Google Frontend
etag
W/"5fd14cc5-1701"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
x-inferno-location
static
accessing-static
1
modernizr.js
waaw.to/js/video.jquery_plugs/ Frame BA84
1 KB
980 B
Script
General
Full URL
https://waaw.to/js/video.jquery_plugs/modernizr.js?12
Requested by
Host: waaw.to
URL: https://waaw.to/e/NjlqR1A5RWZXcmpJc2tqaEp3S094dz09?http_referer=https%3A%2F%2Fwaaw.to%2Ff%2FlQbgDcfHP0gT&embed_from=embed_from
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
Google Frontend /
Resource Hash
458cc3be215bef898d5e6a41e25f0c022e6d5d5e61add13f13c01898bb53b9bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://waaw.to/e/NjlqR1A5RWZXcmpJc2tqaEp3S094dz09?http_referer=https%3A%2F%2Fwaaw.to%2Ff%2FlQbgDcfHP0gT&embed_from=embed_from
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
cache
date
Mon, 15 May 2023 06:34:17 GMT
content-encoding
gzip
x-cache-status-inferno-s
HIT
last-modified
Sun, 03 Jun 2018 17:19:35 GMT
server
Google Frontend
etag
W/"5b142327-4cb"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
x-inferno-location
static
accessing-static
1
progressbar.min.js
unpkg.com/progressbar.js@1.1.0/dist/ Frame BA84
29 KB
9 KB
Script
General
Full URL
https://unpkg.com/progressbar.js@1.1.0/dist/progressbar.min.js
Requested by
Host: waaw.to
URL: https://waaw.to/e/NjlqR1A5RWZXcmpJc2tqaEp3S094dz09?http_referer=https%3A%2F%2Fwaaw.to%2Ff%2FlQbgDcfHP0gT&embed_from=embed_from
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73cdea3ea0691f9ac4150be0c937dc2ee7eaa10205168a84e41ef5c9e05784b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://waaw.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:17 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1529482
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GZ1F7QK7XZSJY1YG22G73CEA-fra
server
cloudflare
etag
W/"7315-VGu3QlAvqjb4wruVTC8CgYdmBAQ"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7c795ab21e883a74-FRA
jquery.min.js
unpkg.com/jquery@2.2.4/dist/ Frame BA84
84 KB
30 KB
Script
General
Full URL
https://unpkg.com/jquery@2.2.4/dist/jquery.min.js
Requested by
Host: waaw.to
URL: https://waaw.to/e/NjlqR1A5RWZXcmpJc2tqaEp3S094dz09?http_referer=https%3A%2F%2Fwaaw.to%2Ff%2FlQbgDcfHP0gT&embed_from=embed_from
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://waaw.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:17 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
8909518
last-modified
Fri, 20 May 2016 17:24:42 GMT
fly-request-id
01GR5H2Y819A0SKJQ1MNKQXVV8-fra
server
cloudflare
etag
W/"14e4a-abtp4lyn1e8JNTF1hOYVPz/ZqIw"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7c795ab24eae3a74-FRA
jquery.cookie.js
unpkg.com/jquery.cookie@1.4.1/ Frame BA84
3 KB
1 KB
Script
General
Full URL
https://unpkg.com/jquery.cookie@1.4.1/jquery.cookie.js
Requested by
Host: waaw.to
URL: https://waaw.to/e/NjlqR1A5RWZXcmpJc2tqaEp3S094dz09?http_referer=https%3A%2F%2Fwaaw.to%2Ff%2FlQbgDcfHP0gT&embed_from=embed_from
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://waaw.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:17 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
8909517
last-modified
Sun, 27 Apr 2014 20:04:54 GMT
fly-request-id
01GR5H2YCAFMF3D1MX4HZT5RNC-fra
server
cloudflare
etag
W/"c31-MeG8xM+AWiwv7iH0je0eWY9koqg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7c795ab28f013a74-FRA
csi
csi.gstatic.com/ Frame 6A1A
0
234 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lhogzcmb&c=5392965397098&slotId=2696482698549&eee=missing-element&bi=missing-id&vast_v=2.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.573.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400f:804::2003 Boulder, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:17 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
error.php
prebid.smilewanted.com/track/analytics/
0
335 B
Ping
General
Full URL
https://prebid.smilewanted.com/track/analytics/error.php?id_site=22469&id_format=24&id_device=1&code_partner=smilewanted&error_json=%7B%22type%22%3A%22adLoadError%22%2C%22errorMessage%22%3A%22The%20VAST%20response%20document%20is%20empty.%22%2C%22errorCode%22%3A1009%7D&config_json=%7B%22site_id%22%3A22469%2C%22device_id%22%3A1%2C%22domaine%22%3A%22katerionews_com_27f21a7%22%2C%22format%22%3A%22corner-video%22%2C%22format_stats%22%3A%22corner_video%22%2C%22diff_jw%22%3Atrue%2C%22capping_type%22%3A%22jour%22%2C%22contenu%22%3Atrue%2C%22contenu_type%22%3A%22hosted_sw%22%2C%22close%22%3Atrue%2C%22close_type%22%3A%22percent%22%2C%22close_val%22%3A90%2C%22sound_hover%22%3Afalse%2C%22tags_vast%22%3A%5B%22https%3A%2F%2Fsearch.spotxchange.com%2Fvast%2F2.00%2F271231%3FVPAID%3DJS%26content_page_url%3Dhttps%3A%2F%2Feqywj.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4%26cb%3D__timestamp__%26VMaxd%3D120%26custom_skin%3D1%26player_width%3D640%26player_height%3D480%26custom%5Bvd%5D%3D0%26schain%3D1.0%2C1!smilewanted.com%2C4192%2C1%2C%2Cpurifydigital.com%2Cpurifydigital.com%2C%22%2C%22https%3A%2F%2Fvast.aniview.com%2Fapi%2Fadserver61%2Fvast%2F%3FAV_PUBLISHERID%3D5ef4bc022e79664d2b473869%26AV_CHANNELID%3D5fd512d6c22e4d461a608c85%26logo%3Dfalse%26vastretry%3D3%26AV_URL%3Dhttps%3A%2F%2Feqywj.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4%26cb%3D__timestamp__%26AV_GDPR%3D1%26AV_CONSENT%3Dundefined%26AV_CUSTOM1%3D594147%26AV_CUSTOM2%3D1819404%26AV_CUSTOM3%3D0%26AV_CUSTOM4%3D0%26AV_CUSTOM5%3D0%26AV_CUSTOM6%3D0%26AV_CUSTOM7%3D271231%26AV_CUSTOM8%3D0%26AV_CUSTOM9%3Dinstream_sans_algo%26AV_CUSTOM10%3D1.0%252C1%2521smilewanted.com%252C4192%252C1%252C%252Cpurifydigital.com%252Cpurifydigital.com%252C%22%5D%2C%22dm_nb_video%22%3A1%2C%22nb_dm_videos%22%3A3%2C%22passback%22%3A%22%22%2C%22capping_num%22%3A0%2C%22dm_videos_ids%22%3A%5B%22x80idv5%22%2C%22x86t4da%22%2C%22x7yinbp%22%2C%22x7wj119%22%2C%22x81iuq0%22%2C%22x85sfe6%22%2C%22x7y4j2k%22%2C%22x84026m%22%2C%22x7xly5v%22%2C%22x7zjhqt%22%5D%2C%22timeout_jw%22%3A10%2C%22timeout_dm%22%3A3000%2C%22timeout_pb%22%3A12000%2C%22contenu_src%22%3A%22https%3A%2F%2Fstatic.smilewanted.com%2Fvideo%2F2019%2F04%2F05%2F4470.mp4%22%2C%22r%22%3Atrue%2C%22nb_i_d%22%3A2%2C%22nb_m_c%22%3A3%2C%22c_c%22%3Afalse%2C%22config_hb%22%3A%5B%5D%7D
Requested by
Host: tags.smilewanted.com
URL: https://tags.smilewanted.com/formats/config_formats/corner-video-ima/katerionews_com_27f21a7/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eqywj.katerionews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundary7Dn5VXaXT4S2UGBV

Response headers

date
Mon, 15 May 2023 06:34:17 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://eqywj.katerionews.com, https://eqywj.katerionews.com
access-control-allow-credentials
true, true
cf-ray
7c795ab2bc762c00-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With, Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
integrator.js
adservice.google.de/adsid/
107 B
531 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=eqywj.katerionews.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=eqywj.katerionews.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
d_check.js
waaw.to/js/ Frame BA84
3 KB
1 KB
Script
General
Full URL
https://waaw.to/js/d_check.js?34
Requested by
Host: waaw.to
URL: https://waaw.to/e/NjlqR1A5RWZXcmpJc2tqaEp3S094dz09?http_referer=https%3A%2F%2Fwaaw.to%2Ff%2FlQbgDcfHP0gT&embed_from=embed_from
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
Google Frontend /
Resource Hash
2a750a5c4cd53d770d99cfd648aab9587e12c2fe9e2f6d0a52b699d2e88e5615

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://waaw.to/e/NjlqR1A5RWZXcmpJc2tqaEp3S094dz09?http_referer=https%3A%2F%2Fwaaw.to%2Ff%2FlQbgDcfHP0gT&embed_from=embed_from
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
cache
date
Mon, 15 May 2023 06:34:17 GMT
content-encoding
gzip
x-cache-status-inferno-s
HIT
last-modified
Thu, 27 Feb 2020 14:57:53 GMT
server
Google Frontend
etag
W/"5e57d8f1-d8a"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
x-inferno-location
static
accessing-static
1
js.load.1.js
commentsmodule.com/js/ Frame BA84
5 KB
0
Fetch
General
Full URL
https://commentsmodule.com/js/js.load.1.js?4487228859782182
Requested by
Host: waaw.to
URL: https://waaw.to/e/NjlqR1A5RWZXcmpJc2tqaEp3S094dz09?http_referer=https%3A%2F%2Fwaaw.to%2Ff%2FlQbgDcfHP0gT&embed_from=embed_from
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://waaw.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:17 GMT
content-encoding
br
referrer-policy
same-origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KKHlLNTqxtL8aYBr4T43l27AdaqOnFLT23e4Tpix8ZKcTIkqBEv7tuvI%2FxjtnAeANUGBT6W%2BN1a%2FANiE4aemk9bRe9KQij%2B%2BYNZkcN1%2FCeVMBcS0j07Y6WRyYKYNxf8CNtlEdcxp8L4x6xOr%2FbISW6M%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7c795ab31cfa9b55-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:01 GMT
embed.211.js
waaw.to/js/ Frame BA84
167 KB
46 KB
Script
General
Full URL
https://waaw.to/js/embed.211.js?736
Requested by
Host: waaw.to
URL: https://waaw.to/e/NjlqR1A5RWZXcmpJc2tqaEp3S094dz09?http_referer=https%3A%2F%2Fwaaw.to%2Ff%2FlQbgDcfHP0gT&embed_from=embed_from
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
Google Frontend /
Resource Hash
1d85956e60f098d0e36bd9c3e3457ea595d083561c95edf8ddffb37a577dcb55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://waaw.to/e/NjlqR1A5RWZXcmpJc2tqaEp3S094dz09?http_referer=https%3A%2F%2Fwaaw.to%2Ff%2FlQbgDcfHP0gT&embed_from=embed_from
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
cache
date
Mon, 15 May 2023 06:34:17 GMT
content-encoding
gzip
x-cache-status-inferno-s
HIT
last-modified
Sat, 29 Apr 2023 15:48:32 GMT
server
Google Frontend
etag
W/"644d3c50-29c06"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
x-inferno-location
static
accessing-static
1
popunder.js
waaw.to/ad/api/ Frame BA84
0
0

embed_player.php
waaw.to/player/ Frame BA84
0
0

embed_player.php
waaw.to/player/ Frame BA84
50 KB
17 KB
Document
General
Full URL
https://waaw.to/player/embed_player.php?vpn=1&vid=1
Requested by
Host: waaw.to
URL: https://waaw.to/e/NjlqR1A5RWZXcmpJc2tqaEp3S094dz09?http_referer=https%3A%2F%2Fwaaw.to%2Ff%2FlQbgDcfHP0gT&embed_from=embed_from
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
Google Frontend /
Resource Hash
4eab2eff2d1b563fef614caf4ea8054c48bf0d435a6e0a4c93281af5345f61ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

Referer
https://waaw.to/e/NjlqR1A5RWZXcmpJc2tqaEp3S094dz09?http_referer=https%3A%2F%2Fwaaw.to%2Ff%2FlQbgDcfHP0gT&embed_from=embed_from
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 15 May 2023 06:34:18 GMT
link
<//waaw.to>; rel=preconnect; crossorigin, <//global.stun.twilio.com>; rel=dns-prefetch; crossorigin, <//counter.yadro.ru>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//stun2.l.google.com>; rel=dns-prefetch; crossorigin, <//unpkg.com>; rel=preconnect; crossorigin, <//mc.yandex.ru>; rel=preconnect; crossorigin, <//cdn.jsdelivr.net>; rel=preconnect; crossorigin, <//signal.netu.tv>; rel=dns-prefetch; crossorigin,<//wss.commentsmodule.com>; rel=dns-prefetch; crossorigin, <//www.gstatic.com>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin,<//a.labadena.com>; rel=preconnect; crossorigin, <//deliver.vkcdnservice.com>; rel=preconnect; crossorigin,<//vkcdnservice.appspot.com.storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin, <//www.recaptcha.net>; rel=preconnect; crossorigin, <//cdnjs.cloudflare.com>; rel=preconnect; crossorigin
p3p
policyref="http://www.example.com/w3c/p3p.xml", CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR"
pragma
no-cache
server
Google Frontend
vary
Accept-Encoding
x-cache-status-inferno
MISS
x-content-type-options
nosniff
x-inferno-limit-req
PASSED
x-inferno-location
player
x-origin-location
player
x-robots-tag
'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
x-xss-protection
1; mode=block;
view
securepubads.g.doubleclick.net/pcs/ Frame EE2C
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssnliTjxBBtC8C2St6dEH6PLupo4qv0KH6RtIYPOc6pobgFgVNdCBf-EgBW-8g7fqhPZulnq91W5mCy5XPe5kmADxJuGuW-BRWMdpMFO0In-ftgBS6VxD4Kde-S-fUcD66v9bNLuRuLrRRp69si2hQcEB-dF7Z_e_qDLVBzTPJ-0IE6rdW5wd98KIjkieX-QMVTHS5J-TdVezqJrU9ry68TFLxUCk-r5oizCUposVS7QxdVdnRLo7jzqhSEs9eB1vyRpQ5zLIy6xzEGNul2_yLnm7yrc_DzohXOqPSsR7kuyGP5komWfT7WTTPU9dB-cw6oXlHVspp7nMoAB_p4VckuarJetCOjFxdXxLmSNw&sai=AMfl-YSEnrIjSIPjUnn0hIv5svq4DD08PC6m7aJUJJIAfCLQrWLv6h-FeScuOCIbbga8aF6PPUPit-1rKnEY8ox3EMtNAfhA5vFvjEGaJpPZd9X2p-GY-GQnIJ7NfwIobwA&sig=Cg0ArKJSzPOf8VM6NflfEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: waaw.to
URL: https://waaw.to/f/lQbgDcfHP0gT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame EE2C
91 KB
32 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
da668ad11dd15f5219fb90f60691312ca692c398ca9d69dc3d8a0b77f83e7c90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32661
x-xss-protection
0
server
cafe
etag
2691228514938068554
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 15 May 2023 06:34:17 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EE2C
169 KB
53 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 15 May 2023 06:34:17 GMT
/
vast.aniview.com/api/adserver61/vast/ Frame 6A1A
2 KB
2 KB
XHR
General
Full URL
https://vast.aniview.com/api/adserver61/vast/?AV_PUBLISHERID=5ef4bc022e79664d2b473869&AV_CHANNELID=5fd512d6c22e4d461a608c85&logo=false&vastretry=3&AV_URL=https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4&cb=1684132457396&AV_GDPR=1&AV_CONSENT=undefined&AV_CUSTOM1=594147&AV_CUSTOM2=1819404&AV_CUSTOM3=0&AV_CUSTOM4=0&AV_CUSTOM5=0&AV_CUSTOM6=0&AV_CUSTOM7=271231&AV_CUSTOM8=0&AV_CUSTOM9=instream_sans_algo&AV_CUSTOM10=1.0%2C1%21smilewanted.com%2C4192%2C1%2C%2Cpurifydigital.com%2Cpurifydigital.com%2C
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.573.0_en.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
1c6a02c929c61e2cbc3b7ed13d56ba53cd3508d986c42853f432e2b9b67492e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Mon, 15 May 2023 06:34:18 GMT
Content-Encoding
gzip
X-Bamboo-C-SkFe
1
X-Bamboo-C-S
BYPASS
X-Bamboo-C-SkSt
1
Transfer-Encoding
chunked
X-Bamboo-WL-Track
track1.aniview.com
Connection
Keep-Alive
X-Bamboo-WL-Player
https://player.aniview.com
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type
text/xml
Access-Control-Allow-Origin
https://imasdk.googleapis.com
X-Bamboo-WL-Serve
gov.aniview.com
Access-Control-Max-Age
1728000
Access-Control-Allow-Credentials
true
X-HW
1684132457.dop015.am5.t,1684132457.cds012.am5.shn,1684132457.dop015.am5.t,1684132457.cds299.am5.sc,1684132458.cds299.am5.p
Access-Control-Allow-Headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
style.css
serv-selectmedia.com/cdn/player/
1 KB
1 KB
Stylesheet
General
Full URL
https://serv-selectmedia.com/cdn/player/style.css
Requested by
Host: player.adipolosolutions.com
URL: https://player.adipolosolutions.com/cdn/tags/tag_5f40f04e-17fa-49cf-ae12-28a8f5bc005c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
4672b37f99a355152ea5257ba3187597fb9a12fb33a06492131461f469f5dd09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 11:46:47 GMT
content-encoding
gzip
age
67650
x-guploader-uploadid
ADPycdtTI1_l4D7TN6bKV2eJ7Ko3PU2JEVRg2UGbeU-i9XlIVhxXS-yIFnkubVsh7mWL-tj9TtxYJE89nFQAG4ki9cYeFuJPWhHm
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
571
last-modified
Mon, 15 Aug 2022 09:39:19 GMT
server
UploadServer
etag
"3a8d6c993f0a7e34ae07f8e86c31e632"
vary
Accept-Encoding
x-goog-generation
1660556359399621
x-goog-hash
crc32c=GiK3YQ==, md5=Oo1smT8KfjSuB/jobDHmMg==
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
571
accept-ranges
bytes
content-type
text/css
selectmedia-player.umd.js
serv-selectmedia.com/cdn/player/
140 KB
42 KB
Script
General
Full URL
https://serv-selectmedia.com/cdn/player/selectmedia-player.umd.js
Requested by
Host: player.adipolosolutions.com
URL: https://player.adipolosolutions.com/cdn/tags/tag_5f40f04e-17fa-49cf-ae12-28a8f5bc005c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3af9d7b861c124a7438694ae9a96c58d9ae88785afbd66b44ffc2789bf6a849c

Request headers

Referer
https://eqywj.katerionews.com/
Origin
https://eqywj.katerionews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 11:46:36 GMT
content-encoding
gzip
age
67661
x-guploader-uploadid
ADPycduZ_P6JXlmahXJcR2bt1Vk8E3H4Mlh1UZAuORI9_WgiqB7_3ORzA8jqV88lqNDLgm9yL67ZNn7cErNu_r7kdhaucsVwJ3ZZ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42776
last-modified
Sun, 14 May 2023 11:43:52 GMT
server
UploadServer
etag
"13bb1ea372d6c130fea0dffa74cd9ec1"
vary
Accept-Encoding
x-goog-generation
1684064632208168
x-goog-hash
crc32c=YMIb2Q==, md5=E7seo3LWwTD+oN/6dM2ewQ==
access-control-allow-origin
*
access-control-expose-headers
Accept, Authorization, Content-Length, Content-Range, Content-Type, Date, Origin, Range, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=3600
x-goog-stored-content-length
42776
accept-ranges
bytes
content-type
application/javascript
resolve
dns.google/ Frame BA84
333 B
527 B
Fetch
General
Full URL
https://dns.google/resolve?name=146.155.213.185.in-addr.arpa&type=PTR&cd=true
Requested by
Host: waaw.to
URL: https://waaw.to/e/NjlqR1A5RWZXcmpJc2tqaEp3S094dz09?http_referer=https%3A%2F%2Fwaaw.to%2Ff%2FlQbgDcfHP0gT&embed_from=embed_from
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4860::8888 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
dbc793cdac7a8b2818b7e7be3ffb60f3824caecde7e8ea271c800e2d14f60021
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://waaw.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 15 May 2023 06:34:17 GMT
x-content-type-options
nosniff
content-encoding
gzip
server
HTTP server (unknown)
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
232
x-xss-protection
0
expires
Mon, 15 May 2023 06:34:17 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305100101/ Frame EE2C
357 KB
120 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3592985597631507&plah=eqywj.katerionews.com&bust=31074512
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18e9ccbc67754abad217ae76d948206f225b8ce9baf6687ce64f1844e9fd10ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122864
x-xss-protection
0
server
cafe
etag
12005156169992654762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 15 May 2023 06:34:17 GMT
truncated
/ Frame EE2C
210 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa14289548c31945ef9ba83d88314ebe10e3de6e1e619fc20033c99efd60be58

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
2539698496735950919
tpc.googlesyndication.com/simgad/
23 KB
24 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/2539698496735950919
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eba8f958f96c2043d58e7ac7b785d69c2388905b6178f0382dcb5dc9c80dd98b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 16:21:03 GMT
x-content-type-options
nosniff
age
137594
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23825
x-xss-protection
0
last-modified
Tue, 15 Feb 2022 11:07:28 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 12 May 2024 16:21:03 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/
360 KB
120 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/selectmedia-player.umd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f826765655e6a3e039bda8ec43370f2c9247a931e3e33129175e48ca0690b1e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122883
x-xss-protection
0
expires
Mon, 15 May 2023 06:34:17 GMT
/
track-selectmedia.com/trackv4/
0
45 B
Image
General
Full URL
https://track-selectmedia.com/trackv4/?&d3=413cb585-3a5f-47af-b38f-bfa872f9a666&d4=e1da33b2-5df6-46fc-a1b0-e9494976c808&d2=1684132457&d5=katerionews.com&d28=1332&d33=20&d34=-1&d35=1&d36=1&d37=1&d38=1&d40=20&d26=600x338&d27=-1&cb=1684132457849-8135202b-1fb9-4fb2-a7f7-cf27a26d6a53&e=47
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:17 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
allowedmethods
GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials
true
allowedheaders
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cookie.js
partner.googleadservices.com/gampad/ Frame EE2C
219 B
554 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=eqywj.katerionews.com&callback=_gfp_s_&client=ca-pub-3592985597631507&cookie=ID%3Dec0379141404ca4e%3AT%3D1684132457%3AS%3DALNI_MYTc3wVMq43MUQY60hBRzCWMXRVBw&gpic=UID%3D00000c15a859b47b%3AT%3D1684132457%3ART%3D1684132457%3AS%3DALNI_MZmx8bWl0OM1B6CUucaUW_qbJIgyA
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3592985597631507&plah=eqywj.katerionews.com&bust=31074512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e89034b59683eade7e285ec3d5369f1c9c94931485443d02e8dc5909157b004
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
203
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame EE2C
107 B
165 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=eqywj.katerionews.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3592985597631507&plah=eqywj.katerionews.com&bust=31074512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame EE2C
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=eqywj.katerionews.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3592985597631507&plah=eqywj.katerionews.com&bust=31074512
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3CCD
603 B
401 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3592985597631507&output=html&h=50&slotname=300x250&adk=2732107086&adf=816031635&pi=t.ma~as.300x250&w=320&lmt=1684132457&url=https%3A%2F%2Feqywj.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684132457768&bpp=13&bdt=257&idt=207&shv=r20230510&mjsv=m202305100101&ptt=5&saldr=sa&cookie=ID%3Dec0379141404ca4e%3AT%3D1684132457%3AS%3DALNI_MYTc3wVMq43MUQY60hBRzCWMXRVBw&gpic=UID%3D00000c15a859b47b%3AT%3D1684132457%3ART%3D1684132457%3AS%3DALNI_MZmx8bWl0OM1B6CUucaUW_qbJIgyA&correlator=5392965397098&frm=23&ife=4&pv=2&ga_vid=1290373860.1684132458&ga_sid=1684132458&ga_hid=809158557&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1065&ady=393&biw=1600&bih=1200&isw=320&ish=50&ifk=3621597835&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44773810%2C44759837%2C31074512%2C44788441%2C44789923&oid=2&pvsid=3300188462687036&uas=0&nvt=1&ref=https%3A%2F%2Fwaaw.to%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C320%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.51uj3vpmhwpm&fsb=1&dtd=222
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3592985597631507&plah=eqywj.katerionews.com&bust=31074512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eqywj.katerionews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 15 May 2023 06:34:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
multitracking
ghb.aplhb.adipolo.com/adunit/
0
232 B
XHR
General
Full URL
https://ghb.aplhb.adipolo.com/adunit/multitracking
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/x467814/hbw_master_741094_17335.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.173.226 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eqywj.katerionews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://eqywj.katerionews.com
Date
Mon, 15 May 2023 06:34:17 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
csi
csi.gstatic.com/ Frame 6A1A
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lhogzcts&c=5392965397098&slotId=2696482698549&ghmsh_eids=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&vmfc=1&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.573.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400f:804::2003 Boulder, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:18 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
loader21.html
tpc.googlesyndication.com/pagead/js/ Frame 7866
52 KB
18 KB
Document
General
Full URL
https://tpc.googlesyndication.com/pagead/js/loader21.html?https://player.aniview.com/script/6.1/AVmanager.js%3fAV_PUBLISHERID=5ef4bc022e79664d2b473869
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.573.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
789c309db6cd9d6d31cbe19ae0adf1ceb07fc8b4f485f45bf3e444dd0de457ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
58331
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
18189
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 May 2023 14:22:07 GMT
etag
7287664291636797308
expires
Mon, 15 May 2023 14:22:07 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AVmanager.js
player.aniview.com/script/6.1/ Frame 7866
463 KB
125 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5ef4bc022e79664d2b473869
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/loader21.html?https://player.aniview.com/script/6.1/AVmanager.js%3fAV_PUBLISHERID=5ef4bc022e79664d2b473869
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
4845a5b19380a0700abe45089b8ff749e993af40683d817c4717bcc193d421e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:18 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdtd0Q_lJrtDqXKBwnNPsLWxpDMVIr8YP4_YtZ02idAlmT8uw4p4wRsOF7zuIKeg6_kdJ7v28uAwYs3IwLRcqqjHTU-6mCCu
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
126736
last-modified
Sun, 14 May 2023 05:54:50 GMT
server
UploadServer
etag
"81e72f709d69f31b3a7c63676b897415"
vary
Accept-Encoding
x-goog-generation
1684043689997029
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=BDnEnA==, md5=gecvcJ1p8xs6fGNna4l0FQ==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
126736
accept-ranges
bytes
expires
Mon, 15 May 2023 06:44:18 GMT
/
gov.aniview.com/api/adserver/tag/ Frame 7866
11 KB
3 KB
XHR
General
Full URL
https://gov.aniview.com/api/adserver/tag/?AV_URL=https%3A%2F%2Feqywj.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a62&AV_GDPR=1&AV_CONSENT=undefined&AV_CUSTOM1=594147&AV_CUSTOM2=1819404&AV_CUSTOM3=0&AV_CUSTOM4=0&AV_CUSTOM5=0&AV_CUSTOM6=0&AV_CUSTOM7=271231&AV_CUSTOM8=0&AV_CUSTOM9=instream_sans_algo&AV_CUSTOM10=1.0%2C1!smilewanted.com%2C4192%2C1%2C%2Cpurifydigital.com%2Cpurifydigital.com%2C&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=5ef4bc022e79664d2b473869&AV_CHANNELID=5fd512d6c22e4d461a608c85&tgt=1&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=[AVC_ABT]&pce=1&npx=1&AV_DETDOMAIN=eqywj.katerionews.com&d36=6.2.98&responsive=1&sver=4&avtoken=458221&omv=1.0.1&clsid=5700370f-9883-414d-92b1-022d23244324&rando=65&AV_WIDTH=480&AV_HEIGHT=270&AV_DNT=0&cb=1684132458224&wfc=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5ef4bc022e79664d2b473869
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.104.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-104-237.compute-1.amazonaws.com
Software
/
Resource Hash
eb101c955280ac21b258db80a9b214cf1e717231cf72937a6b769999fead41a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:18 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://tpc.googlesyndication.com
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Wed, 03 May 2023 16:47:38 GMT
track
track1.aniview.com/ Frame 7866
0
98 B
Image
General
Full URL
https://track1.aniview.com/track?r=eqywj.katerionews.com&sn=&ic=0&tgt=1&app=&wi=480&he=270&test=&d36=6.2.98&apppkg=&proto=https&clsid=5700370f-9883-414d-92b1-022d23244324&rando=65&pid=5ef4bc022e79664d2b473869&cid=5fd512d6c22e4d461a608c85&stagid=&stplid=&e=inventory&vi=0&cb=1684132458223
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.77.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-21-77-250.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:18 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
prebid.js
serv-selectmedia.com/cdn/player/prebid/7_30_v2/
434 KB
138 KB
Fetch
General
Full URL
https://serv-selectmedia.com/cdn/player/prebid/7_30_v2/prebid.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/selectmedia-player.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7b6f1dccfc0e8dda865993cb2078daea1d74b19c7d74b06155fc43a6481b1dc3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 11:47:08 GMT
content-encoding
gzip
age
67630
x-guploader-uploadid
ADPycdsMujCKy5t0PzVDEQu9WIG3oNNw0dlcC9vHyb2mavw3oPDi5fl3SfYoviBSpmmSX0REmMdaQS2N1sRqp1pYyI6ofa5fZ-kt
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141028
last-modified
Mon, 17 Apr 2023 13:18:18 GMT
server
UploadServer
etag
"5750ca4d2dd5455120ea44ea3f8ec887"
vary
Accept-Encoding
x-goog-generation
1681737498441683
x-goog-hash
crc32c=Fc2c2w==, md5=V1DKTS3VRVEg6kTqP47Ihw==
access-control-allow-origin
*
access-control-expose-headers
Accept, Authorization, Content-Length, Content-Range, Content-Type, Date, Origin, Range, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=3600
x-goog-stored-content-length
141028
accept-ranges
bytes
content-type
application/javascript
bridge3.572.0_en.html
imasdk.googleapis.com/js/core/ Frame F899
707 KB
226 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b144069da3f1709d073fdb3895992e36a79a45b9f8db3a8bc3f52b54bc86115a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
313962
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
231061
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 11 May 2023 15:21:36 GMT
expires
Fri, 10 May 2024 15:21:36 GMT
last-modified
Thu, 04 May 2023 18:03:20 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
apstag.js
c.amazon-adsystem.com/aax2/ Frame 75BF
230 KB
57 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/selectmedia-player.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bf5de2a37e1b850ca9cc3b1a55bccd36def2be3524d0c5acb67b61f26aac8a96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 05:36:46 GMT
content-encoding
gzip
via
1.1 8197d89da72990bb606996d5e7c73ab6.cloudfront.net (CloudFront), 1.1 920a6dce56a0ee957dbaa3bf4429f8fe.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 21:23:07 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1, FRA56-P3
age
3453
x-amz-server-side-encryption
AES256
etag
W/"e6af4658ab1a6fdde1f0066b27d5372e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
Mz1qPrmsIvpEI-V7yX03sfq1lqG_0k30U3sr8dyxMAC5gIZ-9nrdnQ==
bridge3.572.0_en.html
imasdk.googleapis.com/js/core/ Frame 414E
707 KB
226 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b144069da3f1709d073fdb3895992e36a79a45b9f8db3a8bc3f52b54bc86115a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
313962
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
231061
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 11 May 2023 15:21:36 GMT
expires
Fri, 10 May 2024 15:21:36 GMT
last-modified
Thu, 04 May 2023 18:03:20 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
selectAmazon.js
serv-selectmedia.com/cdn/player/amz/ Frame 94EB
177 KB
44 KB
Script
General
Full URL
https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/selectmedia-player.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6952d75a2aaa80c38068102af0b81541c127ce80a62b183f9a6d4197a4c2e31f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 11:46:39 GMT
content-encoding
gzip
age
67659
x-guploader-uploadid
ADPycduaft1-Q5j6mnyTT3N4kdt47PF9n4M_IbeLpdpFrFxPJPl_pNPzJQvrArKUgaGl4Az5jUYweoiOzCFXEas_z-lqUQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44378
last-modified
Wed, 02 Nov 2022 06:57:53 GMT
server
UploadServer
etag
"5903e8ba730613f669c63fe70c11da79"
vary
Accept-Encoding
x-goog-generation
1667372273714744
x-goog-hash
crc32c=QTZXcA==, md5=WQPounMGE/Zpxj/nDBHaeQ==
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
44378
accept-ranges
bytes
content-type
application/javascript
bridge3.572.0_en.html
imasdk.googleapis.com/js/core/ Frame DBC9
707 KB
226 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b144069da3f1709d073fdb3895992e36a79a45b9f8db3a8bc3f52b54bc86115a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
313962
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
231061
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 11 May 2023 15:21:36 GMT
expires
Fri, 10 May 2024 15:21:36 GMT
last-modified
Thu, 04 May 2023 18:03:20 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
selectAmazon.js
serv-selectmedia.com/cdn/player/amz/ Frame 0489
177 KB
43 KB
Script
General
Full URL
https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/selectmedia-player.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6952d75a2aaa80c38068102af0b81541c127ce80a62b183f9a6d4197a4c2e31f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 11:46:39 GMT
content-encoding
gzip
age
67659
x-guploader-uploadid
ADPycduaft1-Q5j6mnyTT3N4kdt47PF9n4M_IbeLpdpFrFxPJPl_pNPzJQvrArKUgaGl4Az5jUYweoiOzCFXEas_z-lqUQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44378
last-modified
Wed, 02 Nov 2022 06:57:53 GMT
server
UploadServer
etag
"5903e8ba730613f669c63fe70c11da79"
vary
Accept-Encoding
x-goog-generation
1667372273714744
x-goog-hash
crc32c=QTZXcA==, md5=WQPounMGE/Zpxj/nDBHaeQ==
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
44378
accept-ranges
bytes
content-type
application/javascript
bridge3.572.0_en.html
imasdk.googleapis.com/js/core/ Frame 43B6
707 KB
226 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b144069da3f1709d073fdb3895992e36a79a45b9f8db3a8bc3f52b54bc86115a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
313962
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
231061
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 11 May 2023 15:21:36 GMT
expires
Fri, 10 May 2024 15:21:36 GMT
last-modified
Thu, 04 May 2023 18:03:20 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
selectAmazon.js
serv-selectmedia.com/cdn/player/amz/ Frame AFEA
177 KB
43 KB
Script
General
Full URL
https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/selectmedia-player.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6952d75a2aaa80c38068102af0b81541c127ce80a62b183f9a6d4197a4c2e31f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 11:46:39 GMT
content-encoding
gzip
age
67659
x-guploader-uploadid
ADPycduaft1-Q5j6mnyTT3N4kdt47PF9n4M_IbeLpdpFrFxPJPl_pNPzJQvrArKUgaGl4Az5jUYweoiOzCFXEas_z-lqUQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44378
last-modified
Wed, 02 Nov 2022 06:57:53 GMT
server
UploadServer
etag
"5903e8ba730613f669c63fe70c11da79"
vary
Accept-Encoding
x-goog-generation
1667372273714744
x-goog-hash
crc32c=QTZXcA==, md5=WQPounMGE/Zpxj/nDBHaeQ==
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
44378
accept-ranges
bytes
content-type
application/javascript
bridge3.572.0_en.html
imasdk.googleapis.com/js/core/ Frame C67A
707 KB
226 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b144069da3f1709d073fdb3895992e36a79a45b9f8db3a8bc3f52b54bc86115a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
313962
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
231061
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 11 May 2023 15:21:36 GMT
expires
Fri, 10 May 2024 15:21:36 GMT
last-modified
Thu, 04 May 2023 18:03:20 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.572.0_en.html
imasdk.googleapis.com/js/core/ Frame E629
707 KB
226 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b144069da3f1709d073fdb3895992e36a79a45b9f8db3a8bc3f52b54bc86115a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
313962
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
231061
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 11 May 2023 15:21:36 GMT
expires
Fri, 10 May 2024 15:21:36 GMT
last-modified
Thu, 04 May 2023 18:03:20 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.572.0_en.html
imasdk.googleapis.com/js/core/ Frame C560
707 KB
226 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b144069da3f1709d073fdb3895992e36a79a45b9f8db3a8bc3f52b54bc86115a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
313962
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
231061
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 11 May 2023 15:21:36 GMT
expires
Fri, 10 May 2024 15:21:36 GMT
last-modified
Thu, 04 May 2023 18:03:20 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.572.0_en.html
imasdk.googleapis.com/js/core/ Frame 6A02
707 KB
226 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b144069da3f1709d073fdb3895992e36a79a45b9f8db3a8bc3f52b54bc86115a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
313962
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
231061
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 11 May 2023 15:21:36 GMT
expires
Fri, 10 May 2024 15:21:36 GMT
last-modified
Thu, 04 May 2023 18:03:20 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.572.0_en.html
imasdk.googleapis.com/js/core/ Frame 2E32
707 KB
226 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b144069da3f1709d073fdb3895992e36a79a45b9f8db3a8bc3f52b54bc86115a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
313962
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
231061
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 11 May 2023 15:21:36 GMT
expires
Fri, 10 May 2024 15:21:36 GMT
last-modified
Thu, 04 May 2023 18:03:20 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.572.0_en.html
imasdk.googleapis.com/js/core/ Frame EE0F
707 KB
226 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b144069da3f1709d073fdb3895992e36a79a45b9f8db3a8bc3f52b54bc86115a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
313962
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
231061
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 11 May 2023 15:21:36 GMT
expires
Fri, 10 May 2024 15:21:36 GMT
last-modified
Thu, 04 May 2023 18:03:20 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.572.0_en.html
imasdk.googleapis.com/js/core/ Frame 6D4C
707 KB
226 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b144069da3f1709d073fdb3895992e36a79a45b9f8db3a8bc3f52b54bc86115a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
313962
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
231061
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 11 May 2023 15:21:36 GMT
expires
Fri, 10 May 2024 15:21:36 GMT
last-modified
Thu, 04 May 2023 18:03:20 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.572.0_en.html
imasdk.googleapis.com/js/core/ Frame EF40
707 KB
226 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b144069da3f1709d073fdb3895992e36a79a45b9f8db3a8bc3f52b54bc86115a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
313962
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
231061
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 11 May 2023 15:21:36 GMT
expires
Fri, 10 May 2024 15:21:36 GMT
last-modified
Thu, 04 May 2023 18:03:20 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.572.0_en.html
imasdk.googleapis.com/js/core/ Frame 659D
707 KB
226 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b144069da3f1709d073fdb3895992e36a79a45b9f8db3a8bc3f52b54bc86115a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
313962
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
231061
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 11 May 2023 15:21:36 GMT
expires
Fri, 10 May 2024 15:21:36 GMT
last-modified
Thu, 04 May 2023 18:03:20 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.572.0_en.html
imasdk.googleapis.com/js/core/ Frame 7BFD
707 KB
226 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b144069da3f1709d073fdb3895992e36a79a45b9f8db3a8bc3f52b54bc86115a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
313962
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
231061
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 11 May 2023 15:21:36 GMT
expires
Fri, 10 May 2024 15:21:36 GMT
last-modified
Thu, 04 May 2023 18:03:20 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.572.0_en.html
imasdk.googleapis.com/js/core/ Frame 53E2
707 KB
226 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b144069da3f1709d073fdb3895992e36a79a45b9f8db3a8bc3f52b54bc86115a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
313962
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
231061
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 11 May 2023 15:21:36 GMT
expires
Fri, 10 May 2024 15:21:36 GMT
last-modified
Thu, 04 May 2023 18:03:20 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.572.0_en.html
imasdk.googleapis.com/js/core/ Frame BFD8
707 KB
226 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b144069da3f1709d073fdb3895992e36a79a45b9f8db3a8bc3f52b54bc86115a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
313962
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
231061
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 11 May 2023 15:21:36 GMT
expires
Fri, 10 May 2024 15:21:36 GMT
last-modified
Thu, 04 May 2023 18:03:20 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.572.0_en.html
imasdk.googleapis.com/js/core/ Frame 57BC
707 KB
226 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b144069da3f1709d073fdb3895992e36a79a45b9f8db3a8bc3f52b54bc86115a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
313962
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
231061
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 11 May 2023 15:21:36 GMT
expires
Fri, 10 May 2024 15:21:36 GMT
last-modified
Thu, 04 May 2023 18:03:20 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.572.0_en.html
imasdk.googleapis.com/js/core/ Frame 7D17
707 KB
226 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b144069da3f1709d073fdb3895992e36a79a45b9f8db3a8bc3f52b54bc86115a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
313962
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
231061
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 11 May 2023 15:21:36 GMT
expires
Fri, 10 May 2024 15:21:36 GMT
last-modified
Thu, 04 May 2023 18:03:20 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.572.0_en.html
imasdk.googleapis.com/js/core/ Frame BD10
707 KB
226 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b144069da3f1709d073fdb3895992e36a79a45b9f8db3a8bc3f52b54bc86115a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
313962
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
231061
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 11 May 2023 15:21:36 GMT
expires
Fri, 10 May 2024 15:21:36 GMT
last-modified
Thu, 04 May 2023 18:03:20 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.572.0_en.html
imasdk.googleapis.com/js/core/ Frame 2290
707 KB
226 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b144069da3f1709d073fdb3895992e36a79a45b9f8db3a8bc3f52b54bc86115a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
313962
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
231061
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 11 May 2023 15:21:36 GMT
expires
Fri, 10 May 2024 15:21:36 GMT
last-modified
Thu, 04 May 2023 18:03:20 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
serv-selectmedia.com/serving_v3/
63 KB
6 KB
Fetch
General
Full URL
https://serv-selectmedia.com/serving_v3/?channelid=e1da33b2-5df6-46fc-a1b0-e9494976c808&height=338&publisherid=413cb585-3a5f-47af-b38f-bfa872f9a666&tagid=tag_5f40f04e-17fa-49cf-ae12-28a8f5bc005c&templateid=fee06c3e-0c86-4f3a-ae7d-b4a40c03835b&width=600&domain=eqywj.katerionews.com&hostname=katerionews.com&url=katerionews.com&cb=1684132458529-4bf7bb32-9a3a-43ec-9de4-98d67904e02e&is_desktop=1
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/selectmedia-player.umd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
/
Resource Hash
937c3f261c7776b7264c9a0fcd2b2ffa585905cf783c130b6aa909cb33ce4bd8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:18 GMT
content-encoding
gzip
via
1.1 google
allowedmethods
GET , POST , PUT , DELETE , OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma
no-cache
x-accel-expires
0
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials
true
allowedheaders
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
expires
Thu, 01 Jan 1970 00:00:00 UTC
websocket_ip.min.js
waaw.to/js/ Frame BA84
5 KB
2 KB
Script
General
Full URL
https://waaw.to/js/websocket_ip.min.js
Requested by
Host: waaw.to
URL: https://waaw.to/player/embed_player.php?vpn=1&vid=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
Google Frontend /
Resource Hash
419b600e2a3d2523ed458633a946a9a07fcf046077f0ea79f3e435f154f04ee7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://waaw.to/player/embed_player.php?vpn=1&vid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
cache
date
Mon, 15 May 2023 06:34:18 GMT
content-encoding
gzip
x-cache-status-inferno-s
HIT
last-modified
Fri, 20 Jan 2023 13:44:36 GMT
server
Google Frontend
etag
W/"63ca9ac4-121c"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
x-inferno-location
static
accessing-static
1
cookiesyncendpoint
sync.aniview.com/ Frame 521C
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1684132458537-966106332148-001204-005-006940%26biddername%3D10%2...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1684132458537-966106332148-001204-005-006940&biddername=10&pid=59c9148628a0612da3689288&key=BIlsswQhRzXn&ev=1&us_privacy=1---&pid=562704
0
37 B
Document
General
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1684132458537-966106332148-001204-005-006940&biddername=10&pid=59c9148628a0612da3689288&key=BIlsswQhRzXn&ev=1&us_privacy=1---&pid=562704
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5ef4bc022e79664d2b473869
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.122.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-122-152.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tpc.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Mon, 15 May 2023 06:34:19 GMT

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
de-DE
cw-server
bh-deployment-b9f9f4b7f-rh69j
expires
-1
location
https://sync.aniview.com/cookiesyncendpoint?auid=1684132458537-966106332148-001204-005-006940&biddername=10&pid=59c9148628a0612da3689288&key=BIlsswQhRzXn&ev=1&us_privacy=1---&pid=562704
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000
cookiesyncendpoint
sync.aniview.com/ Frame 01D1
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3655&_fw_gdpr=1&_fw_gdpr_consent=undefined
  • https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=22d5bab3aa3a62d283f1e7656691fbf7&_fw_gdpr=1&_fw_gdpr_consent=undefined
0
37 B
Document
General
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=22d5bab3aa3a62d283f1e7656691fbf7&_fw_gdpr=1&_fw_gdpr_consent=undefined
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5ef4bc022e79664d2b473869
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.122.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-122-152.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tpc.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Mon, 15 May 2023 06:34:19 GMT

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Mon, 15 May 2023 06:34:19 GMT
Expires
Mon, 15 May 2023 06:34:19 GMT
Location
https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=22d5bab3aa3a62d283f1e7656691fbf7&_fw_gdpr=1&_fw_gdpr_consent=undefined
Pragma
no-cache
Server
nginx
x-sticky-vk
1684132459148070-416
auto-user-sync
ads.stickyadstv.com/ Frame ED8B
43 B
577 B
Document
General
Full URL
https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=1&_fw_gdpr_consent=undefined
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5ef4bc022e79664d2b473869
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-16.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://tpc.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 15 May 2023 06:34:19 GMT
Expires
Mon, 15 May 2023 06:34:19 GMT
Pragma
no-cache
Server
nginx
x-sticky-vk
1684132459200024-331
cm
u.openx.net/w/1.0/ Frame 8DFE
43 B
304 B
Document
General
Full URL
https://u.openx.net/w/1.0/cm?id=ec4c2ec9-18b8-454e-98be-3ee1e6bfea65&gdpr=1&gdpr_consent=undefined&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1684132458537-966106332148-001204-005-006940%26biddername%3D23%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5ef4bc022e79664d2b473869
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda

Request headers

Referer
https://tpc.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-length
56
content-type
text/html
date
Mon, 15 May 2023 06:34:19 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
cookiesyncendpoint
sync.aniview.com/ Frame 14D7
Redirect Chain
  • https://csync.loopme.me/?pubid=11455&gdpr=1&gdpr_consent=undefined&redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1684132458537-966106332148-001204-005-006940%26biddername%3D...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1684132458537-966106332148-001204-005-006940&biddername=56&pid=59c9148628a0612da3689288&key=d3a4721e-7984-4c0e-96f3-c849e4754319&gdpr_consent=undefi...
0
37 B
Document
General
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1684132458537-966106332148-001204-005-006940&biddername=56&pid=59c9148628a0612da3689288&key=d3a4721e-7984-4c0e-96f3-c849e4754319&gdpr_consent=undefined&gdpr=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5ef4bc022e79664d2b473869
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.122.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-122-152.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tpc.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Mon, 15 May 2023 06:34:19 GMT

Redirect headers

content-length
0
date
Mon, 15 May 2023 06:34:19 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1684132458537-966106332148-001204-005-006940&biddername=56&pid=59c9148628a0612da3689288&key=d3a4721e-7984-4c0e-96f3-c849e4754319&gdpr_consent=undefined&gdpr=1
server
_
occ
ups.analytics.yahoo.com/ups/58543/ Frame 6E7D
0
0
Document
General
Full URL
https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=undefined
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5ef4bc022e79664d2b473869
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://tpc.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
date
Mon, 15 May 2023 06:34:19 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.57
strict-transport-security
max-age=31536000
cookiesyncendpoint
sync.aniview.com/ Frame C311
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=undefined&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1684132458537-966106332148-001204-005-006...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1684132458537-966106332148-001204-005-006940&biddername=200&key=OPTOUT
0
201 B
Document
General
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1684132458537-966106332148-001204-005-006940&biddername=200&key=OPTOUT
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5ef4bc022e79664d2b473869
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.122.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-122-152.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tpc.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Mon, 15 May 2023 06:34:19 GMT

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Mon, 15 May 2023 06:34:19 GMT
etag
OPTOUT
expires
0
location
https://sync.aniview.com/cookiesyncendpoint?auid=1684132458537-966106332148-001204-005-006940&biddername=200&key=OPTOUT
pragma
no-cache
pixel
ap.lijit.com/ Frame DE7A
0
0
Document
General
Full URL
https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=undefined&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1684132458537-966106332148-001204-005-006940%26biddername%3D18%26key%3D%24UID
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5ef4bc022e79664d2b473869
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://tpc.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Mon, 15 May 2023 06:34:19 GMT
X-Sovrn-Pod
ad_ap7ams1
/
onetag-sys.com/usync/ Frame 48E9
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=undefined&us_privacy=1---
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5ef4bc022e79664d2b473869
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://tpc.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 94FF
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=undefined&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1684132458537-966106332148-001204-005-006940%26biddername%3D1%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5ef4bc022e79664d2b473869
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://tpc.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=149430
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 15 May 2023 06:34:19 GMT
expires
Wed, 17 May 2023 00:04:49 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
vid.vidoomy.com/ Frame 5C63
49 KB
18 KB
Document
General
Full URL
https://vid.vidoomy.com/sync?gdpr=1&gdpr_consent=undefined&us_privacy=1---&redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1684132458537-966106332148-001204-005-006940%26biddername%3D133%26pid%3D59c9148628a0612da3689288%26key%3D%7B%7BVID%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5ef4bc022e79664d2b473869
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
ce33815b4c0f7c15686c773ff8b0e5092b36696a6c758ef499dc32e5a8f01e9a

Request headers

Referer
https://tpc.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html
date
Mon, 15 May 2023 06:34:19 GMT
etag
W/"64243ed7-c28e"
last-modified
Wed, 29 Mar 2023 13:36:23 GMT
server
CDN77-Turbo
vary
Accept-Encoding
x-77-cache
MISS
x-77-nzt
AcO1qhHvoJKh
x-77-nzt-ray
4c156224c13459ae6bd26164e3628c07
x-77-pop
frankfurtDE
x-cache
MISS
ptv
secure.adnxs.com/ Frame 7866
27 B
846 B
Fetch
General
Full URL
https://secure.adnxs.com/ptv?id=20889945&cb=4132459096&schain=1.0%2C1!smilewanted.com%2C4192%2C1%2C%2Cpurifydigital.com%2Cpurifydigital.com%2C&vplaybackmethod=0&referrer=eqywj.katerionews.com&kw_channel=instream_sans_algo
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5ef4bc022e79664d2b473869
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 06:34:19 GMT
AN-X-Request-Uuid
f39b940d-668b-43e7-a3f2-a12f54cb2d43
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/xml; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://tpc.googlesyndication.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.146; 185.213.155.146; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
27
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vast.xml
optimized-by.rubiconproject.com/a/api/ Frame 7866
Redirect Chain
  • https://video-ads.rubiconproject.com/video/19814/243946/1858894/201/vast.xml?tg_c.language=fr&p_aso.video.maxduration=120&gdpr=1&gdpr_consent=undefined
  • https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=19814&site_id=243946&zone_id=1858894&size_id=201&tg_c.language=fr&p_aso.video.maxduration=120&gdpr=1&gdpr_consent=&p_aso.video.api=...
28 B
663 B
Fetch
General
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=19814&site_id=243946&zone_id=1858894&size_id=201&tg_c.language=fr&p_aso.video.maxduration=120&gdpr=1&gdpr_consent=&p_aso.video.api=2&p_aso.video.mimes=application%2Fjavascript%2Cvideo%2Fmp4&tk_vpaid=1&cb=65693738.714649
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H2
Server
18.194.110.75 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-110-75.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
pragma
no-cache
date
Mon, 15 May 2023 06:34:20 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
null
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
x-http2-stream-id
248467

Redirect headers

Date
Mon, 15 May 2023 06:34:19 GMT
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By
PHP/5.4.16
Access-Control-Allow-Methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type
text/html; charset=UTF-8
Location
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=19814&site_id=243946&zone_id=1858894&size_id=201&tg_c.language=fr&p_aso.video.maxduration=120&gdpr=1&gdpr_consent=&p_aso.video.api=2&p_aso.video.mimes=application%2Fjavascript%2Cvideo%2Fmp4&tk_vpaid=1&cb=65693738.714649
Access-Control-Allow-Origin
https://tpc.googlesyndication.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Accept-Charset,X-Accept,Content-Type
Content-Length
0
ptv
secure.adnxs.com/ Frame 7866
85 B
1 KB
Fetch
General
Full URL
https://secure.adnxs.com/ptv?id=20752114&cb=4132459096&schain=1.0%2C1!smilewanted.com%2C4192%2C1%2C%2Cpurifydigital.com%2Cpurifydigital.com%2C&vplaybackmethod=0&referrer=eqywj.katerionews.com&kw_channel=instream_sans_algo
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5ef4bc022e79664d2b473869
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 06:34:19 GMT
AN-X-Request-Uuid
bd9ed424-a231-40ef-bbdb-87d9bace9066
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/xml; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://tpc.googlesyndication.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.146; 185.213.155.146; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 7866
1 KB
889 B
Fetch
General
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=158810&siteId=0&adId=2934480&vadFmt=3&vapi=2&vminl=1&vmaxl=120&vh=365&vw=650&placement=1&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&sec=1&gdpr=1&gdpr_consent=undefined&schain=1.0%2C1!smilewanted.com%2C4192%2C1%2C%2Cpurifydigital.com%2Cpurifydigital.com%2C&us_privacy=&kadpageurl=eqywj.katerionews.com&cbb=4132459097
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5ef4bc022e79664d2b473869
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9cfa1fa1186f1bea7c08fc2de38d413cbd11e706504fc7739efc023e0df34050

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:19 GMT
content-encoding
gzip
server
Apache
etag
"23da-5e7fbf52c16e8-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://tpc.googlesyndication.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
638
expires
Mon, 15 May 2023 06:34:19 GMT
0
ads.stickyadstv.com/vast/vpaid-adapter/ Frame 7866
67 B
622 B
Fetch
General
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/0?loc=https%3A%2F%2Feqywj.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a62&_fw_gdpr=1&_fw_gdpr_consent=undefined&cbb=4132459097
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5ef4bc022e79664d2b473869
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-16.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 06:34:19 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://tpc.googlesyndication.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1684132459142086-333
Expires
Mon, 15 May 2023 06:34:19 GMT
sync
x.bidswitch.net/ Frame 7866
43 B
146 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=&user_id=1684132458537-966106332148-001204-005-006940&gdpr=1&gdpr_consent=undefined&us_privacy=1---
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.144.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-144-147.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1684132458537-966106332148-001204-005-006940%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D
x.bidswitch.net/check_uuid/ Frame 7866
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1684132458537-966106332148-001204-005-006940%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D?gdpr=1&gdpr_consent=undefined&us_privacy=1---
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.144.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-144-147.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
track
track1.aniview.com/ Frame 7866
0
97 B
Image
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=eqywj.katerionews.com&rs=eqywj.katerionews.com&sid=3380&t=1684132458&cip=185.213.155.146&sn=&tgt=1&osv=10&bv=113.0&brn=Chrome&wi=480&he=270&app=&AV_PUBLISHERID=5ef4bc022e79664d2b473869&test=&d64=457386a273d3c540db849c51b6a3ba15&d63=457386a273d3c540db849c51b6a3ba15&aafaid=&proto=https&uid=1684132458537-966106332148-001204-005-006940&cha=0.05&stagid=&stplid=&d35=&d36=6.2.98&cb=70628946280&d39=&d65=&d66=&d73=&apppkg=&d9=0000&d37=realtime&AV_WIDTH=480&AV_HEIGHT=270&nid=5ef4bc022e79664d2b473869&ncid=5fd512d6c22e4d461a608c85&e=request&cb=1684132459097&asid=600063541f5b0f2fbc637ad9%2C5fd520b9eaa1363e56524fad%2C5fd51ab848217056e368a756%2C5fd5261d9eaac6371a732cb6%2C5fd52859b50cd54a4264f38d&ofpr=%2C%2C%2C%2C&fpo=%2C%2C%2C%2C&ri=1%2C1%2C1%2C1%2C1
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.77.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-21-77-250.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:19 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 75BF
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
yHpogsakS7iCluwAmUa6Y9ccBYm32d5h
content-encoding
gzip
via
1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
date
Mon, 15 May 2023 04:51:30 GMT
x-amz-cf-pop
FRA56-P3
age
19980
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 11 May 2023 21:16:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
H4LyApY5HZ4XRJqxESwHnVi6kMRkga06zr50vl1h9UQQcAcQ1dmWiA==
publishertag.prebid.134.js
static.criteo.net/js/ld/
89 KB
29 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.134.js
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467814/hbp_master_741094_17335.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:33 GMT
server
nginx
etag
W/"642e8db5-162ff"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 16 May 2023 06:34:19 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 94EB
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
yHpogsakS7iCluwAmUa6Y9ccBYm32d5h
content-encoding
gzip
via
1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
date
Mon, 15 May 2023 04:51:30 GMT
x-amz-cf-pop
FRA56-P3
age
19980
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 11 May 2023 21:16:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
vQr0uj5yHeuMq9V0Ztn1GeoKEHb6YP5nuXzkJgg2PDq_oaAeoSSv1Q==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 0489
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
yHpogsakS7iCluwAmUa6Y9ccBYm32d5h
content-encoding
gzip
via
1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
date
Mon, 15 May 2023 04:51:30 GMT
x-amz-cf-pop
FRA56-P3
age
19980
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 11 May 2023 21:16:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
GdcFbSt8xO7BffIyQtWODw0wgqnul3FJqRQiQrxAK5_F79f4vHOa4w==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame AFEA
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
yHpogsakS7iCluwAmUa6Y9ccBYm32d5h
content-encoding
gzip
via
1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
date
Mon, 15 May 2023 04:51:30 GMT
x-amz-cf-pop
FRA56-P3
age
19980
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 11 May 2023 21:16:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
cz05drLIEcRs1_h2Bbh5n5RWRpU6PbOEbrPVuXnL78Kr9P8BYgCseA==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6A02
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?attrep=f&attua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F113.0.5672.92%20Safari%2F537.36&atthead=t&attinj=t&attexp=none&lid=169&sdkv=h.3.572.0&id=ima_html5&c=3738951884441982&domain
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pes.playerInterface.57ed8da7.js
static1.dmcdn.net/playerv5/
5 KB
2 KB
Script
General
Full URL
https://static1.dmcdn.net/playerv5/pes.playerInterface.57ed8da7.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/libs/player/xa2et.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
36f94bb3b6ec671c552607da23527c6a08e2453f00e7b6c2941fd6b278ddd00b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:20 GMT
content-encoding
gzip
age
411755
server-timing
total;dur=0, dc;desc="dc3"
content-length
1726
last-modified
Wed, 10 May 2023 12:08:52 GMT
server
DMS/1.0.42
etag
"645b8954-1315"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
6beed7487073aca62450169120703d58
expires
Fri, 09 Jun 2023 12:11:45 GMT
cookie.js
geo.dailymotion.com/
38 B
976 B
Script
General
Full URL
https://geo.dailymotion.com/cookie.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/libs/player/xa2et.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.90 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
fp.dc3.dailymotion.com
Software
DMS/1.0.42 /
Resource Hash
407c0ea74212ba3a966ae1d7cf3c8ecf68e6071c8b6194fa830e4560ec13635b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31708800; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Security-Policy
upgrade-insecure-requests
Date
Mon, 15 May 2023 06:34:20 GMT
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31708800; includeSubDomains; preload
Server
DMS/1.0.42
Expect-Ct
max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Content-Security-Policy-Report-Only
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Vary
X-DM-SSL
Content-Type
application/javascript; charset=utf-8
Cache-Control
no-cache, no-store
Server-Timing
total;dur=8, dc;desc="dc3"
Timing-Allow-Origin
*
Content-Length
38
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Feqywj.katerionews.com%2F&domain=eqywj.katerionews.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://eqywj.katerionews.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://eqywj.katerionews.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 15 May 2023 06:34:19 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
265528
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/
2 B
380 B
XHR
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Feqywj.katerionews.com%2F&domain=eqywj.katerionews.com&cw=1&lsw=1
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467814/hbp_master_741094_17335.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://eqywj.katerionews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:20 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://eqywj.katerionews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
324890
expires
0
prebid
id5-sync.com/api/config/
135 B
550 B
XHR
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467814/hbp_master_741094_17335.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://eqywj.katerionews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://eqywj.katerionews.com
date
Mon, 15 May 2023 06:34:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
/
onetag-sys.com/usync/ Frame F412
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?cb=1684132456933
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467814/hbp_master_741094_17335.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://eqywj.katerionews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync.html
public.servenobid.com/ Frame 5F25
9 KB
4 KB
Document
General
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467814/hbp_master_741094_17335.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-30.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b24b19152e92ee2240cdf53444b33a1b8ec286e9a44072890c5490c9d8ddfa3d

Request headers

Referer
https://eqywj.katerionews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2752
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Mon, 15 May 2023 05:48:29 GMT
etag
W/"fd0102e5847015626666169917857ba8"
last-modified
Wed, 12 Apr 2023 16:16:50 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
x-amz-cf-id
J2eMDdTW_zAmMdLQV7my0joJjX5hxADhYsfq4FVt6i1roiLnnrwubA==
x-amz-cf-pop
FRA56-P5
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:b4af218c-2bc9-4531-9210-521693d9d5d7
x-amz-meta-codebuild-content-md5
9cec9a15b660da7393081e2fc6c34731
x-amz-meta-codebuild-content-sha256
8e6d48a695640d90e0623cd4e573f94721be8c1becd249758c7df42fcffde7be
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
PugMaster
image6.pubmatic.com/AdServer/ Frame 94FF
0
42 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=68507622&p=160993&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=undefined&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=undefined&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1684132458537-966106332148-001204-005-006940%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:19 GMT
content-length
0
view
securepubads.g.doubleclick.net/pcs/ Frame EE2C
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvcpCpthbjBkNc6XaVvvei2F6CbVGhQR4ABp-bkFzwiIMG1A2dakkWHI1wYrWQFFx1IPI6iDGIHZ4Bwqeoabq4sXqSFK_VMbBT1ZmxHdUwkxk-NN_aDP-5pgp-63SH6iSv2Ne71iP6zyLNSMmNr3Y_RhEVfCmNY2b4wP0Ia6SDFPLgTgO7x939tR-710YUhV3ApBLYTo0kNjPZG6B4WwwRA7yFBGldDl2Zgv0O9fLD5MwAiC4FsnmcQ4bXfOGL92Aydn6ZCx1qh5Z7GISNurR9_oSB62boBI88bjUPEPVCimZtZYpOJhWJ-iewct8mnnkNcoz3gmOoxgcHefWLacdsTtblsop7cmYzhyxvrFzSt&sai=AMfl-YTayf9ZkvBt4KpcndbOz8uKenyfF5T70PTfqkqRikGaFYwmyrxElwMvVyt3dN6YJ0wpZJ5Y93e1ZQ_WJ237B28ajpYzKigSv7Q1OBN94F3iNfKZU7BdTSgNqptVMhg&sig=Cg0ArKJSzJ6xjvxIsEMxEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 15 May 2023 06:34:20 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame EE2C
15 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230510&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3592985597631507&plah=eqywj.katerionews.com&bust=31074512
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9551ff3b8ac9719180578dc3714daa0287524ff826b1d00fcc461cc6233fe58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11265
x-xss-protection
0
/
track-selectmedia.com/trackv4/
0
17 B
Image
General
Full URL
https://track-selectmedia.com/trackv4/?d10=IT&d12=Chrome&d14=338X600&d19=10&d2=1684132200&d20=113.0.0&d23=tag_5f40f04e-17fa-49cf-ae12-28a8f5bc005c&d24=e1da33b2-5df6-46fc-a1b0-e9494976c808&d25=fee06c3e-0c86-4f3a-ae7d-b4a40c03835b&d3=413cb585-3a5f-47af-b38f-bfa872f9a666&d4=5cc8935c-b8e7-4e62-97fc-d3dc58e709bd&d5=eqywj.katerionews.com&d8=1&d9=Windows&channelkey=dHMxPTVjYzg5MzVjLWI4ZTctNGU2Mi05N2ZjLWQzZGM1OGU3MDliZCZ0czI9MSZ0czM9MiZ0czQ9MQ==&d28=1332&d33=20&d34=-1&d35=1&d36=1&d37=1&d38=1&d40=20&d26=600x338&d27=1&cb=1684132460507-4d2648de-f870-4f2c-9076-4c4de20ca14b&e=1
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:20 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
allowedmethods
GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials
true
allowedheaders
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
track-selectmedia.com/trackv4/
0
17 B
Image
General
Full URL
https://track-selectmedia.com/trackv4/?d10=IT&d12=Chrome&d14=338X600&d19=10&d2=1684132200&d20=113.0.0&d23=tag_5f40f04e-17fa-49cf-ae12-28a8f5bc005c&d24=e1da33b2-5df6-46fc-a1b0-e9494976c808&d25=fee06c3e-0c86-4f3a-ae7d-b4a40c03835b&d3=413cb585-3a5f-47af-b38f-bfa872f9a666&d4=5cc8935c-b8e7-4e62-97fc-d3dc58e709bd&d5=eqywj.katerionews.com&d8=1&d9=Windows&channelkey=dHMxPTVjYzg5MzVjLWI4ZTctNGU2Mi05N2ZjLWQzZGM1OGU3MDliZCZ0czI9MSZ0czM9MiZ0czQ9MQ==&d28=1332&d33=20&d34=-1&d35=1&d36=1&d37=1&d38=1&d40=20&cb=1684132460507-39953b8b-3343-4bd2-8311-4f72f7496109&e=36
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:20 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
allowedmethods
GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials
true
allowedheaders
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=eqywj.katerionews.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=eqywj.katerionews.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
jquery.min.js
unpkg.com/jquery@2.2.4/dist/ Frame BA84
84 KB
30 KB
Script
General
Full URL
https://unpkg.com/jquery@2.2.4/dist/jquery.min.js
Requested by
Host: waaw.to
URL: https://waaw.to/player/embed_player.php?vpn=1&vid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://waaw.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:20 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
8909521
last-modified
Fri, 20 May 2016 17:24:42 GMT
fly-request-id
01GR5H2Y819A0SKJQ1MNKQXVV8-fra
server
cloudflare
etag
W/"14e4a-abtp4lyn1e8JNTF1hOYVPz/ZqIw"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7c795ac7080e3a74-FRA
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6A02
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?mode=2&lid=41&sdkv=h.3.572.0&id=ima_html5&c=3738951884441982&domain
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6A02
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?native=f&gdpr=f&tcStrValid=f&lid=165&sdkv=h.3.572.0&e=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&id=ima_html5&c=3738951884441982&domain
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6A02
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?delay=0&vpaidadapter=f&request_type=xfp&ctv=0&lid=6&sdkv=h.3.572.0&e=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&id=ima_html5&c=3738951884441982&domain
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6A02
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?step=sendingMessage&logid=0.8387998809004542&time=1684132460730&lid=43&sdkv=h.3.572.0&e=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&id=ima_html5&c=3738951884441982&domain
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame EE2C
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3592985597631507&plah=eqywj.katerionews.com&bust=31074512
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 15 May 2023 06:34:20 GMT
publishertag.prebid.134.js
static.criteo.net/js/ld/
89 KB
29 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.134.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.134.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:33 GMT
server
nginx
etag
W/"642e8db5-162ff"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 16 May 2023 06:34:20 GMT
13926
g2.gumgum.com/usync/ Frame A564
4 KB
2 KB
Document
General
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.11.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-11-185.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e04d0598c51e29073fcb36a81ab4db31d5e90875dacd0ead7be1e56aacd02632

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 15 May 2023 06:34:20 GMT
etag
W/"0472aa9216000e21f5d4657104b2c1198"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame CE8F
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 42B0
807 B
1 KB
Document
General
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
fa5370a6a3c4759254cc12e8b1a4e37d2cbee3aa96d160ccd5129af43b0632e2

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
807
content-type
text/html
date
Mon, 15 May 2023 06:34:20 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 6943
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
2 KB
3 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
82eaf517e5fb5d1444558c84efe22d9fd3c6c20a2bc124484df797a3779db6d1

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1921
Content-Type
text/html
Date
Mon, 15 May 2023 06:34:20 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Mon, 15 May 2023 06:34:20 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usync.html
eus.rubiconproject.com/ Frame 7A6D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 15 May 2023 06:34:20 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 15 May 2023 06:34:20 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A010
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=149429
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 15 May 2023 06:34:20 GMT
expires
Wed, 17 May 2023 00:04:49 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame B766
0
485 B
Document
General
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:e400:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
0
content-type
text/html
date
Mon, 15 May 2023 06:34:20 GMT
via
1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
x-amz-cf-id
2qPMegoPljzSKyVZekKpNBj45DRQo9HXhT1HqAa6Lo4h8H0EWyIUfA==
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
user-sync
sync.adkernel.com/ Frame 673F
0
160 B
Document
General
Full URL
https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Mon, 15 May 2023 06:34:20 GMT
Pragma
no-cache
Server
nginx
sync-iframe
cs-server-s2s.yellowblue.io/ Frame BF70
0
329 B
Document
General
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.80.185.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-185-211.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
0
content-type
text/html
date
Mon, 15 May 2023 06:34:21 GMT
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
sync
ads.servenobid.com/ Frame 5F25
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=7062505060153592632
0
344 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=312&uid=7062505060153592632
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.250.48.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-48-151.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:20 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Mon, 15 May 2023 06:34:20 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.146; 185.213.155.146; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
87310508-c0de-4c10-a4a9-b6dbea65f803
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ads.servenobid.com/sync?pid=312&uid=7062505060153592632
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 5F25
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=GpfKARZHWOPaTxP6RkGCnPoY
0
351 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=310&uid=GpfKARZHWOPaTxP6RkGCnPoY
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.250.48.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-48-151.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:21 GMT
server
envoy
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://ads.servenobid.com/sync?pid=310&uid=GpfKARZHWOPaTxP6RkGCnPoY
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
x-envoy-upstream-service-time
19
content-length
0
expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame 5F25
0
277 B
Image
General
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 15 May 2023 06:34:20 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
/
rtb-csync.smartadserver.com/redir/ Frame 5F25
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1684132460880
  • https://ad.turn.com/r/cs?pid=45&rndcb=396011368
  • https://sync.1rx.io/usersync/turn/8201070212447686353?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-faa4deea-7eb5-424d-b4ce-bd89ac87ac9a-003?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-faa4deea-7...
  • https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-faa4deea-7eb5-424d-b4ce-bd89ac87ac9a-003
43 B
163 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-faa4deea-7eb5-424d-b4ce-bd89ac87ac9a-003
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:20 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-faa4deea-7eb5-424d-b4ce-bd89ac87ac9a-003
date
Mon, 15 May 2023 06:34:21 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXfaa4deea7eb5424db4cebd89ac87ac9a003
content-type
text/html
sync
ads.servenobid.com/ Frame 5F25
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5124322326444370326
0
344 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5124322326444370326
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.250.48.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-48-151.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5124322326444370326
Date
Mon, 15 May 2023 06:34:20 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame 5F25
0
498 B
Image
General
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 06:34:21 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-75
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame 5F25
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=ba596a21-f2cf-4506-b936-f44005f70ce3&gdpr=0&gdpr_consent=&us_privacy=1YN-
0
356 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=327&uid=ba596a21-f2cf-4506-b936-f44005f70ce3&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.250.48.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-48-151.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:20 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=ba596a21-f2cf-4506-b936-f44005f70ce3&gdpr=0&gdpr_consent=&us_privacy=1YN-
date
Mon, 15 May 2023 06:34:20 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 5F25
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true
  • https://ads.servenobid.com/sync?pid=337&uid=y-CPALOV9E2uHOmrppWzfXortDSn3pxreeBpDNYhs-~A
0
366 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-CPALOV9E2uHOmrppWzfXortDSn3pxreeBpDNYhs-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.250.48.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-48-151.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-CPALOV9E2uHOmrppWzfXortDSn3pxreeBpDNYhs-~A
date
Mon, 15 May 2023 06:34:20 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ads.servenobid.com/ Frame 5F25
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://ads.servenobid.com/sync?pid=346&uid=ua-51b3b8b4-c9e4-3476-94aa-9949837be7a5
0
359 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=346&uid=ua-51b3b8b4-c9e4-3476-94aa-9949837be7a5
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.250.48.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-48-151.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=346&uid=ua-51b3b8b4-c9e4-3476-94aa-9949837be7a5
pragma
no-cache
date
Mon, 15 May 2023 06:34:21 GMT
cache-control
no-store
content-length
0
expires
0
sync
ads.servenobid.com/ Frame 5F25
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ups.analytics.yahoo.com/ups/58632/occ?verify=true
  • https://ads.servenobid.com/sync?pid=339&uid=y-CPALOV9E2uHOmrppWzfXortDSn3pxreeBpDNYhs-~A
0
366 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-CPALOV9E2uHOmrppWzfXortDSn3pxreeBpDNYhs-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.250.48.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-48-151.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-CPALOV9E2uHOmrppWzfXortDSn3pxreeBpDNYhs-~A
date
Mon, 15 May 2023 06:34:20 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/universal/ Frame 5F25
0
360 B
Image
General
Full URL
https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.66.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-66-197.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:20 GMT
sync
ads.servenobid.com/ Frame 5F25
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
0
336 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.250.48.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-48-151.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Mon, 15 May 2023 06:34:20 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Mon, 15 May 2023 06:34:20 GMT
trackv4
track-selectmedia.com/ Frame
0
0
Preflight
General
Full URL
https://track-selectmedia.com/trackv4?bulkV3=true&version=1332&uuid=aa3aaa9b-f02f-4c4f-a62f-4505420ec9f2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://eqywj.katerionews.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://eqywj.katerionews.com
allowedheaders
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
allowedmethods
GET , POST , PUT , DELETE , OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json
date
Mon, 15 May 2023 06:34:21 GMT
referrer-policy
no-referrer-when-downgrade
via
1.1 google
trackv4
track-selectmedia.com/
0
17 B
XHR
General
Full URL
https://track-selectmedia.com/trackv4?bulkV3=true&version=1332&uuid=aa3aaa9b-f02f-4c4f-a62f-4505420ec9f2
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/selectmedia-player.umd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eqywj.katerionews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
https://eqywj.katerionews.com
allowedmethods
GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials
true
allowedheaders
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
v1
lb.eu-1-id5-sync.com/lb/
33 B
408 B
XHR
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467814/hbp_master_741094_17335.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
fe5a8544ab484c9078c57809519fa909a4c7803e4382d85e774ba64cdfb4eb0c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://eqywj.katerionews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://eqywj.katerionews.com
date
Mon, 15 May 2023 06:34:20 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
ads
pubads.g.doubleclick.net/gampad/ Frame F899
94 KB
18 KB
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7047%2C22893780809%2Fapl%2Faniplay%2Faniplay_200&description_url=eqywj.katerionews.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2597997270121949&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=2056672941&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=74856BB5-2C00-4794-8749-470FC5B3E63B&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&ref=https%3A%2F%2Fwaaw.to%2F&url=https%3A%2F%2Feqywj.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4&dlt=1684132456199&idt=3646&dt=1684132460958&cookie=ID%3Dec0379141404ca4e-224b7ba3d4dd002d%3AT%3D1684132457%3ART%3D1684132458%3AS%3DALNI_MbbxTW3mlRQUeuppWxH8CvnxaQdlw&gpic=UID%3D00000c15a859b47b%3AT%3D1684132457%3ART%3D1684132457%3AS%3DALNI_MZmx8bWl0OM1B6CUucaUW_qbJIgyA&scor=3107027506831558&ged=ve4_td5_tt4_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb38f5bea71951c90c392e31dae6d409932b0bb3a59426e3414261bc1673319d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18211
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 414E
156 B
185 B
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21939239661%2C22893780809%2Fapl%2Faniplay%2Faniplay_650&description_url=eqywj.katerionews.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3914565843774818&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4141724494&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=74856BB5-2C00-4794-8749-470FC5B3E63B&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&ref=https%3A%2F%2Fwaaw.to%2F&url=https%3A%2F%2Feqywj.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4&dlt=1684132456199&idt=3733&dt=1684132460962&cookie=ID%3Dec0379141404ca4e-224b7ba3d4dd002d%3AT%3D1684132457%3ART%3D1684132458%3AS%3DALNI_MbbxTW3mlRQUeuppWxH8CvnxaQdlw&gpic=UID%3D00000c15a859b47b%3AT%3D1684132457%3ART%3D1684132457%3AS%3DALNI_MZmx8bWl0OM1B6CUucaUW_qbJIgyA&scor=1606768700971782&ged=ve4_td5_tt4_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame DBC9
156 B
185 B
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22703897216%2C22893780809%2FSMG_Adipolo%2Fpreroll%2Fsyndication_4&description_url=eqywj.katerionews.com&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3877083672459059&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=2611017745&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=74856BB5-2C00-4794-8749-470FC5B3E63B&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&ref=https%3A%2F%2Fwaaw.to%2F&url=https%3A%2F%2Feqywj.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4&dlt=1684132456199&idt=3833&dt=1684132460967&cookie=ID%3Dec0379141404ca4e-224b7ba3d4dd002d%3AT%3D1684132457%3ART%3D1684132458%3AS%3DALNI_MbbxTW3mlRQUeuppWxH8CvnxaQdlw&gpic=UID%3D00000c15a859b47b%3AT%3D1684132457%3ART%3D1684132457%3AS%3DALNI_MZmx8bWl0OM1B6CUucaUW_qbJIgyA&scor=3107869816189165&ged=ve4_td5_tt4_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 6943
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZGHSbN7sFlbIJxRK63vT8QAAFD8AAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZGHSbN7sFlbIJxRK63vT8QAAFD8AAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZGHSbN7sFlbIJxRK63vT8QAAFD8AAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 06:34:21 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
X28S7XQBCZSBQ6CN5W9Q
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 15 May 2023 06:34:21 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0AMGXTSGHR3083MS5B1E
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZGHSbN7sFlbIJxRK63vT8QAAFD8AAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 6943
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 15 May 2023 06:34:21 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame 6943
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZGHSbN7sFlbIJxRK63vT8QAAFD8AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPX7sRWEFWPIxGygEVr3LLI&google_cver=1
43 B
766 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPX7sRWEFWPIxGygEVr3LLI&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 06:34:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPX7sRWEFWPIxGygEVr3LLI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 6943
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZGHSbN7sFlbIJxRK63vT8QAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEI8cd6sAp7oHLIEpX6JSn7s&google_cver=1
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEI8cd6sAp7oHLIEpX6JSn7s&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 06:34:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEI8cd6sAp7oHLIEpX6JSn7s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 6943
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=a7a49c74-3d0a-4d5a-8aaa-26bb9d9ced15
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=a7a49c74-3d0a-4d5a-8aaa-26bb9d9ced15
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 06:34:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=a7a49c74-3d0a-4d5a-8aaa-26bb9d9ced15
date
Mon, 15 May 2023 06:34:21 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
sync
ssbsync.smartadserver.com/api/ Frame 6943
0
75 B
Image
General
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:20 GMT
content-length
0
rum
dsum-sec.casalemedia.com/ Frame 6943
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=d3a4721e-7984-4c0e-96f3-c849e4754319&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
271 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=d3a4721e-7984-4c0e-96f3-c849e4754319&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 06:34:21 GMT
Server
Apache
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=d3a4721e-7984-4c0e-96f3-c849e4754319&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date
Mon, 15 May 2023 06:34:21 GMT
server
_
content-length
0
crum
dsum.casalemedia.com/ Frame 6943
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=38a5f184-94f7-c6b8-2393bdea
43 B
632 B
Image
General
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=38a5f184-94f7-c6b8-2393bdea
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 06:34:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Mon, 15 May 2023 06:34:21 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=38a5f184-94f7-c6b8-2393bdea
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
sync
ads.servenobid.com/ Frame 6943
0
357 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=333&uid=ZGHSbN7sFlbIJxRK63vT8QAAFD8AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.48.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-48-151.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
ads
pubads.g.doubleclick.net/gampad/ Frame 43B6
156 B
185 B
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F136431902%2C22893780809%2Fapl%2Faniplay%2Faniplay_300&description_url=eqywj.katerionews.com&tfcd=0&npa=0&sz=400x300&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=43238016779383&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4190038522&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=74856BB5-2C00-4794-8749-470FC5B3E63B&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&ref=https%3A%2F%2Fwaaw.to%2F&url=https%3A%2F%2Feqywj.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4&dlt=1684132456199&idt=3850&dt=1684132460979&cookie=ID%3Dec0379141404ca4e-224b7ba3d4dd002d%3AT%3D1684132457%3ART%3D1684132458%3AS%3DALNI_MbbxTW3mlRQUeuppWxH8CvnxaQdlw&gpic=UID%3D00000c15a859b47b%3AT%3D1684132457%3ART%3D1684132457%3AS%3DALNI_MZmx8bWl0OM1B6CUucaUW_qbJIgyA&scor=3655996858110517&ged=ve4_td5_tt4_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame C67A
83 KB
18 KB
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21725819945%2C22651347523%2Fjkapvid%2Funiversaljkvid&description_url=eqywj.katerionews.com&tfcd=0&npa=0&sz=400x300%7C640x480&cust_params=aplkv%3D075&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1368886926529554&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=2833661598&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=74856BB5-2C00-4794-8749-470FC5B3E63B&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&ref=https%3A%2F%2Fwaaw.to%2F&url=https%3A%2F%2Feqywj.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4&dlt=1684132456199&idt=3869&dt=1684132460984&cookie=ID%3Dec0379141404ca4e-224b7ba3d4dd002d%3AT%3D1684132457%3ART%3D1684132458%3AS%3DALNI_MbbxTW3mlRQUeuppWxH8CvnxaQdlw&gpic=UID%3D00000c15a859b47b%3AT%3D1684132457%3ART%3D1684132457%3AS%3DALNI_MZmx8bWl0OM1B6CUucaUW_qbJIgyA&scor=3191150513795383&ged=ve4_td5_tt4_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
19d5db70a2d32ec4442f2493b20e5ccd416a1b72b29e1b041149ee1115c88a57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18138
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame E629
156 B
185 B
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F127641337%2C22652786701%2C22893780809%2FAdipoloshFloor2&description_url=eqywj.katerionews.com&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1312977695921973&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=3945014588&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=74856BB5-2C00-4794-8749-470FC5B3E63B&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&ref=https%3A%2F%2Fwaaw.to%2F&url=https%3A%2F%2Feqywj.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4&dlt=1684132456199&idt=3886&dt=1684132460989&cookie=ID%3Dec0379141404ca4e-224b7ba3d4dd002d%3AT%3D1684132457%3ART%3D1684132458%3AS%3DALNI_MbbxTW3mlRQUeuppWxH8CvnxaQdlw&gpic=UID%3D00000c15a859b47b%3AT%3D1684132457%3ART%3D1684132457%3AS%3DALNI_MZmx8bWl0OM1B6CUucaUW_qbJIgyA&scor=3101389657917920&ged=ve4_td5_tt4_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame C560
156 B
185 B
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7047%2C22893780809%2Fapl%2Faniplay%2Faniplay_650&description_url=eqywj.katerionews.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2895047570509609&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=2401421350&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=74856BB5-2C00-4794-8749-470FC5B3E63B&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&ref=https%3A%2F%2Fwaaw.to%2F&url=https%3A%2F%2Feqywj.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4&dlt=1684132456199&idt=3912&dt=1684132460995&cookie=ID%3Dec0379141404ca4e-224b7ba3d4dd002d%3AT%3D1684132457%3ART%3D1684132458%3AS%3DALNI_MbbxTW3mlRQUeuppWxH8CvnxaQdlw&gpic=UID%3D00000c15a859b47b%3AT%3D1684132457%3ART%3D1684132457%3AS%3DALNI_MZmx8bWl0OM1B6CUucaUW_qbJIgyA&scor=3110786899398922&ged=ve4_td5_tt4_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6A02
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?step=receivedResponse&time=1684132460998&timeout=f&logid=0.8387998809004542&timediff=268&lid=43&sdkv=h.3.572.0&e=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&id=ima_html5&c=3738951884441982&domain
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6A02
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?rt=xfp&lid=17&sdkv=h.3.572.0&e=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&id=ima_html5&c=3738951884441982&domain
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6A02
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?contentLocation=flat&lid=160&sdkv=h.3.572.0&e=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&id=ima_html5&c=3738951884441982&domain
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 6A02
156 B
185 B
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21939239661%2C22893780809%2Fapl%2Faniplay%2Faniplay_300&description_url=eqywj.katerionews.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1372675991872824&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4068321354&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=74856BB5-2C00-4794-8749-470FC5B3E63B&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&ref=https%3A%2F%2Fwaaw.to%2F&url=https%3A%2F%2Feqywj.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4&dlt=1684132456199&idt=3930&dt=1684132461001&cookie=ID%3Dec0379141404ca4e-224b7ba3d4dd002d%3AT%3D1684132457%3ART%3D1684132458%3AS%3DALNI_MbbxTW3mlRQUeuppWxH8CvnxaQdlw&gpic=UID%3D00000c15a859b47b%3AT%3D1684132457%3ART%3D1684132457%3AS%3DALNI_MZmx8bWl0OM1B6CUucaUW_qbJIgyA&scor=408648785783386&ged=ve4_td5_tt4_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 2E32
156 B
185 B
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22703897216%2C22893780809%2FSMG_Adipolo%2Fpreroll%2Fsyndication_1&description_url=eqywj.katerionews.com&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1613439018325898&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=87870059&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=74856BB5-2C00-4794-8749-470FC5B3E63B&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&ref=https%3A%2F%2Fwaaw.to%2F&url=https%3A%2F%2Feqywj.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4&dlt=1684132456199&idt=3947&dt=1684132461007&cookie=ID%3Dec0379141404ca4e-224b7ba3d4dd002d%3AT%3D1684132457%3ART%3D1684132458%3AS%3DALNI_MbbxTW3mlRQUeuppWxH8CvnxaQdlw&gpic=UID%3D00000c15a859b47b%3AT%3D1684132457%3ART%3D1684132457%3AS%3DALNI_MZmx8bWl0OM1B6CUucaUW_qbJIgyA&scor=2645192869205263&ged=ve4_td5_tt4_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame EE0F
156 B
185 B
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F136431902%2C22893780809%2Fapl%2Faniplay%2Faniplay_400&description_url=eqywj.katerionews.com&tfcd=0&npa=0&sz=400x300&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3834931045348242&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=961248209&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=74856BB5-2C00-4794-8749-470FC5B3E63B&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&ref=https%3A%2F%2Fwaaw.to%2F&url=https%3A%2F%2Feqywj.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4&dlt=1684132456199&idt=3963&dt=1684132461018&cookie=ID%3Dec0379141404ca4e-224b7ba3d4dd002d%3AT%3D1684132457%3ART%3D1684132458%3AS%3DALNI_MbbxTW3mlRQUeuppWxH8CvnxaQdlw&gpic=UID%3D00000c15a859b47b%3AT%3D1684132457%3ART%3D1684132457%3AS%3DALNI_MZmx8bWl0OM1B6CUucaUW_qbJIgyA&scor=4092082208400201&ged=ve4_td5_tt4_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 6D4C
156 B
259 B
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21725819945%2C22651347523%2Fjkapvid%2Funiversaljkvid&description_url=eqywj.katerionews.com&tfcd=0&npa=0&sz=400x300%7C640x480&cust_params=aplkv%3D100&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4437083487184679&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=74856BB5-2C00-4794-8749-470FC5B3E63B&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=null&dt=1684132461029&scor=1348318226226595&ged=ve4_td5_tt4_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame EF40
156 B
185 B
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F127641337%2C22652786701%2C22893780809%2FAdipoloshFloor1.5&description_url=eqywj.katerionews.com&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4395005947699262&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=74856BB5-2C00-4794-8749-470FC5B3E63B&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=null&dt=1684132461038&scor=1515319475206273&ged=ve4_td5_tt4_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 659D
156 B
142 B
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7047%2C22893780809%2Fapl%2Faniplay%2Faniplay_170&description_url=eqywj.katerionews.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3398940219177449&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=74856BB5-2C00-4794-8749-470FC5B3E63B&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=null&dt=1684132461045&scor=511860268617759&ged=ve4_td5_tt4_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 7BFD
156 B
142 B
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21939239661%2C22893780809%2Fapl%2Faniplay%2Faniplay_200&description_url=eqywj.katerionews.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=546431863868280&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=74856BB5-2C00-4794-8749-470FC5B3E63B&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=null&dt=1684132461050&scor=1007452267754020&ged=ve4_td5_tt4_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 53E2
156 B
142 B
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22703897216%2C22893780809%2FSMG_Adipolo%2Fpreroll%2Fsyndication_6&description_url=eqywj.katerionews.com&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2895290740251225&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=74856BB5-2C00-4794-8749-470FC5B3E63B&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=null&dt=1684132461055&scor=4454752579190027&ged=ve4_td5_tt4_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 7A6D
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ddf8be177e7b79aaeb98ffa04b2c4f8a1c05058cb59a55387ad22612c968ee32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Mon, 15 May 2023 06:34:21 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 May 2023 04:59:05 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=80717
Connection
keep-alive
Content-Length
10021
Expires
Tue, 16 May 2023 04:59:38 GMT
sync
ads.servenobid.com/ Frame 42B0
0
344 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=317&uid=1350542721399933549&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.48.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-48-151.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
RX-faa4deea-7eb5-424d-b4ce-bd89ac87ac9a-003
sync.targeting.unrulymedia.com/csync/ Frame 42B0
Redirect Chain
  • https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent=
  • https://ad.turn.com/r/cs?pid=45&rndcb=628847490
  • https://sync.1rx.io/usersync/turn/8201070212447686353?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-faa4deea-7eb5-424d-b4ce-bd89ac87ac9a-003
43 B
377 B
Image
General
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-faa4deea-7eb5-424d-b4ce-bd89ac87ac9a-003
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
213.19.147.45 Castricum, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-faa4deea-7eb5-424d-b4ce-bd89ac87ac9a-003
pragma
no-cache
date
Mon, 15 May 2023 06:34:21 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
content-type
text/html
/
b1sync.zemanta.com/usersync/smart/ Frame 42B0
0
64 B
Image
General
Full URL
https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.74.236.159 , United States, ASN19024 (INTERNAP-BLK5, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Mon, 15 May 2023 06:34:21 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 42B0
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=7062505060153592632&gdpr=0&gdpr_consent=
43 B
408 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=7062505060153592632&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 15 May 2023 06:34:20 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Date
Mon, 15 May 2023 06:34:21 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.146; 185.213.155.146; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
7a2f83f9-00d3-4f0b-9999-5175af6f146d
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=7062505060153592632&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 42B0
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=f284b9b8-f563-48be-83f6-e03a83c2b56a&gdpr=0&gdpr_consent=
43 B
425 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=f284b9b8-f563-48be-83f6-e03a83c2b56a&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 15 May 2023 06:34:20 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:20 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=f284b9b8-f563-48be-83f6-e03a83c2b56a&gdpr=0&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
953884
content-length
0
expires
Mon, 15 May 2023 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame A564
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=7062505060153592632
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=7062505060153592632
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 15 May 2023 06:34:21 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Date
Mon, 15 May 2023 06:34:21 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.146; 185.213.155.146; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
25a08ced-ca25-4d03-be00-168a59d09ffc
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://usersync.gumgum.com/usersync?b=apn&i=7062505060153592632
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
odr.mookie1.com/t/v2/ Frame A564
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_25e8b37f-59b0-4390-af76-7cb7cbc85db8&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_25e8b37f-59b0-4390-af76-7cb7cbc85db8&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=e5064afa-f659-44cc-9f43-67174998427f&ssp=gumgum2&gdpr=0&gdpr_consent=
42 B
213 B
Image
General
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=e5064afa-f659-44cc-9f43-67174998427f&ssp=gumgum2&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.236.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
via
1.1 google
last-modified
Tue, 28 Jun 2022 14:08:50 GMT
server
nginx
etag
"62bb0b72-2a"
content-type
image/gif
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=e5064afa-f659-44cc-9f43-67174998427f&ssp=gumgum2&gdpr=0&gdpr_consent=
date
Mon, 15 May 2023 06:34:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync
usersync.gumgum.com/ Frame A564
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-9b39b16f-72b6-5a09-7ee3-43059088ebc4$ip$185.213.155.146
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-9b39b16f-72b6-5a09-7ee3-43059088ebc4$ip$185.213.155.146
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 15 May 2023 06:34:21 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-9b39b16f-72b6-5a09-7ee3-43059088ebc4$ip$185.213.155.146
Date
Mon, 15 May 2023 06:34:21 GMT
Connection
keep-alive
Content-Length
129
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame A564
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_25e8b37f-59b0-4390-af76-7cb7cbc85db8&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=SuLxhhGJAjRzb0rmI-7i&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2U3VJR4GQ2CHJJAWUUT2MIYHE3KJFU3WS...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=SuLxhhGJAjRzb0rmI-7i&us_privacy=1---
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=SuLxhhGJAjRzb0rmI-7i&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 15 May 2023 06:34:22 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 15 May 2023 06:34:21 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=SuLxhhGJAjRzb0rmI-7i&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame A564
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=V3FeiccmDZhM&ev=1&pid=558355
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=V3FeiccmDZhM&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 15 May 2023 06:34:21 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
location
https://usersync.gumgum.com/usersync?b=pln&i=V3FeiccmDZhM&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-b9f9f4b7f-rh69j
expires
-1
cookie-sync
sync.outbrain.com/ Frame A564
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28PdqUvEqN9Ygc_8vKpFwk1IfOasuFUE56VzStODC7VIOLW0zSXV5ner-MDQ40jisf%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_25e8b37f-59b0-4390-af76-7cb7cbc85db8&obuid=ENC(PdqUvEqN9Ygc_8vKpFwk1IfOasuFUE56VzStODC7VIOLW0zSXV5ner-MDQ40jisf)
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=PdqUvEqN9Ygc_8vKpFwk1IfOasuFUE56VzStODC7VIOLW0zSXV5ner-MDQ40jisf&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_...
  • https://sync.outbrain.com/cookie-sync?p=appnexus&uid=7062505060153592632&obUid=PdqUvEqN9Ygc_8vKpFwk1IfOasuFUE56VzStODC7VIOLW0zSXV5ner-MDQ40jisf&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_pri...
0
145 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=7062505060153592632&obUid=PdqUvEqN9Ygc_8vKpFwk1IfOasuFUE56VzStODC7VIOLW0zSXV5ner-MDQ40jisf&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Mon, 15 May 2023 06:34:22 GMT
Cache-Control
no-cache
X-TraceId
856a4a2473d3388a9d30677468bc6d2c
Content-Length
0

Redirect headers

Date
Mon, 15 May 2023 06:34:22 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.146; 185.213.155.146; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
7a262aed-248d-481c-8704-cd3c9da7e255
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=7062505060153592632&obUid=PdqUvEqN9Ygc_8vKpFwk1IfOasuFUE56VzStODC7VIOLW0zSXV5ner-MDQ40jisf&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame A564
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=6d7915d7-afbb-4ad5-8e64-c8461f95a9f9
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=6d7915d7-afbb-4ad5-8e64-c8461f95a9f9
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 15 May 2023 06:34:21 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 15 May 2023 06:34:21 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=6d7915d7-afbb-4ad5-8e64-c8461f95a9f9
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame A564
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-04_F8HJE2peM6TpX0ux.WtGPhHd_vWRq.Ys4~A
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-04_F8HJE2peM6TpX0ux.WtGPhHd_vWRq.Ys4~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 15 May 2023 06:34:21 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 15 May 2023 06:34:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-04_F8HJE2peM6TpX0ux.WtGPhHd_vWRq.Ys4~A
content-length
0
usersync
usersync.gumgum.com/ Frame A564
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=1fe4df1f-79e7-424d-843e-a98874fd718b
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=1fe4df1f-79e7-424d-843e-a98874fd718b
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 15 May 2023 06:34:21 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=1fe4df1f-79e7-424d-843e-a98874fd718b
Date
Mon, 15 May 2023 06:34:21 GMT
Connection
keep-alive
X-CI-RTID
75360c4a-d2c3-42c8-89ad-63d8719345ae
Content-Length
108
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame A564
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
  • https://usersync.gumgum.com/usersync?b=snc&i=GDPR
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=snc&i=GDPR
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 15 May 2023 06:34:21 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 15 May 2023 06:34:21 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
987088062
location
https://usersync.gumgum.com/usersync?b=snc&i=GDPR
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
content-length
0
142
match.deepintent.com/usersync/ Frame A564
0
44 B
Image
General
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
content-length
0
server
b
usersync
usersync.gumgum.com/ Frame A564
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=60214c66-21ed-45a3-a225-dbd78e0721fd
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=60214c66-21ed-45a3-a225-dbd78e0721fd
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 15 May 2023 06:34:21 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=60214c66-21ed-45a3-a225-dbd78e0721fd
access-control-allow-origin
*
date
Mon, 15 May 2023 06:34:21 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame A564
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=1350542721399933549
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=1350542721399933549
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 15 May 2023 06:34:21 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=1350542721399933549
date
Mon, 15 May 2023 06:34:20 GMT
content-length
0
sync
ads.servenobid.com/ Frame A564
0
358 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_25e8b37f-59b0-4390-af76-7cb7cbc85db8
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.48.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-48-151.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
jquery.cookie.js
unpkg.com/jquery.cookie@1.4.1/ Frame BA84
3 KB
1 KB
Script
General
Full URL
https://unpkg.com/jquery.cookie@1.4.1/jquery.cookie.js
Requested by
Host: waaw.to
URL: https://waaw.to/player/embed_player.php?vpn=1&vid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://waaw.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
8909521
last-modified
Sun, 27 Apr 2014 20:04:54 GMT
fly-request-id
01GR5H2YCAFMF3D1MX4HZT5RNC-fra
server
cloudflare
etag
W/"c31-MeG8xM+AWiwv7iH0je0eWY9koqg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7c795ac9ab0e3a74-FRA
xa2et.html
geo.dailymotion.com/player/ Frame 4871
59 KB
18 KB
Document
General
Full URL
https://geo.dailymotion.com/player/xa2et.html?video=x80idv5&syndicationKey=273773&mute=true&ads_params=main
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/libs/player/xa2et.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.90 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
fp.dc3.dailymotion.com
Software
DMS/1.0.42 /
Resource Hash
1a4c150d2e5c0aac609c6ba139fed94c48ff61894df87eebe5f98564ed00e583
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31708800; includeSubDomains; preload

Request headers

Referer
https://eqywj.katerionews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store
Content-Encoding
gzip
Content-Length
17416
Content-Security-Policy
upgrade-insecure-requests
Content-Security-Policy-Report-Only
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Content-Type
text/html; charset=utf-8
Date
Mon, 15 May 2023 06:34:21 GMT
Expect-Ct
max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Referrer-Policy
strict-origin-when-cross-origin
Server
DMS/1.0.42
Server-Timing
total;dur=34, dc;desc="dc3"
Strict-Transport-Security
max-age=31708800; includeSubDomains; preload
Timing-Allow-Origin
*
Vary
X-DM-SSL,Accept-Encoding
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6F37
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eqywj.katerionews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
19366
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 15 May 2023 01:11:35 GMT
expires
Tue, 14 May 2024 01:11:35 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame DF2B
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
283b80e955b55d85b258f43bb361ff43aff7f6bc6525228bd168b1acf749070b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-RJ0J311uIRsYZ0JemngpoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eqywj.katerionews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-RJ0J311uIRsYZ0JemngpoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 15 May 2023 06:34:21 GMT
expires
Mon, 15 May 2023 06:34:21 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
user-sync
sync.adkernel.com/ Frame 92F7
0
160 B
Document
General
Full URL
https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Mon, 15 May 2023 06:34:21 GMT
Pragma
no-cache
Server
nginx
e9d4ff858b5e32317e843f5ed11b2659.gif
cs.iqzone.com/ Frame 6A01
20 B
189 B
Document
General
Full URL
https://cs.iqzone.com/e9d4ff858b5e32317e843f5ed11b2659.gif?puid=e_25e8b37f-59b0-4390-af76-7cb7cbc85db8&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diqz
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.111.13 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Mon, 15 May 2023 06:34:24 GMT
Server
nginx
Transfer-Encoding
chunked
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B689
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=149428
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 15 May 2023 06:34:21 GMT
expires
Wed, 17 May 2023 00:04:49 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 9973
70 B
264 B
Document
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Mon, 15 May 2023 06:34:21 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 8912
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=8c7c6461-d26e-4000-8ddf-5ebda9ff0433&gdpr=0&gdpr_consent=
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=8c7c6461-d26e-4000-8ddf-5ebda9ff0433&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 15 May 2023 06:34:21 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 15 May 2023 06:34:21 GMT
Expires
Mon, 15 May 2023 06:34:20 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 851 9bd98ae master zrh-pixel-x8 config_version:"unknown"
location
https://usersync.gumgum.com/usersync?b=mmh&i=8c7c6461-d26e-4000-8ddf-5ebda9ff0433&gdpr=0&gdpr_consent=
usersync
usersync.gumgum.com/ Frame DA27
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZGHSbQAKHGEBrQBS
  • https://usersync.gumgum.com/usersync?b=atm&i=ZGHSbQAKHGEBrQBS&gdpr=0&gdpr_consent=&_test=ZGHSbQAKHGEBrQBS
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZGHSbQAKHGEBrQBS&gdpr=0&gdpr_consent=&_test=ZGHSbQAKHGEBrQBS
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 15 May 2023 06:34:21 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Mon, 15 May 2023 06:34:21 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZGHSbQAKHGEBrQBS&gdpr=0&gdpr_consent=&_test=ZGHSbQAKHGEBrQBS
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-eddf8230035-FRA
x-timer
S1684132461.381855,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 7537
170 B
409 B
Document
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8yNWU4YjM3Zi01OWIwLTQzOTAtYWY3Ni03Y2I3Y2JjODVkYjg=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Mon, 15 May 2023 06:34:21 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
usersync
usersync.gumgum.com/ Frame 5E07
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZGHSbcCo8YQAABwDFE4AAAAA
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZGHSbcCo8YQAABwDFE4AAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 15 May 2023 06:34:22 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Mon, 15 May 2023 06:34:21 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZGHSbcCo8YQAABwDFE4AAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
6
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40207.dc2p.scaleout.jp
X-SO-IP
185.213.155.146
X-SO-Key
ZGHSbcCo8YQAABwDFE4AAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZGHSbcCo8YQAABwDFE4AAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40207"}
X-SO-LB-Hostname
m-tgng32.dc4p.scaleout.jp
X-SO-Upstream-ID
a-ad40207
gumgum
cs.admanmedia.com/sync/ Frame 59BB
0
0
Document
General
Full URL
https://cs.admanmedia.com/sync/gumgum?puid=e_25e8b37f-59b0-4390-af76-7cb7cbc85db8&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.162 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options DENY

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Mon, 15 May 2023 06:34:21 GMT
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
X-Frame-Options
DENY
692.json
id5-sync.com/g/v2/
241 B
656 B
XHR
General
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467814/hbp_master_741094_17335.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
183ec2e1c7754f34bfc550f60cedba4553d7de4f6f8e9df3ab1e947dad0b97a9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://eqywj.katerionews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://eqywj.katerionews.com
date
Mon, 15 May 2023 06:34:20 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame A8F7
159 KB
38 KB
Script
General
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158810&siteId=0&adId=2934480&vadFmt=3&vapi=2&vminl=1&vmaxl=120&vh=365&vw=650&placement=1&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&sec=1&gdpr=1&gdpr_consent=undefined&schain=1.0%2C1!smilewanted.com%2C4192%2C1%2C%2Cpurifydigital.com%2Cpurifydigital.com%2C&us_privacy=&kadpageurl=eqywj.katerionews.com&cbb=4132459097
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5ef4bc022e79664d2b473869
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6df215b9a2f1b4f5e10092923bb034bd581f40596071bfba89f3168e204d031d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
content-encoding
gzip
last-modified
Tue, 21 Mar 2023 05:15:25 GMT
server
Apache
etag
"27bcd-5f762218e8e3a-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
38303
csi
csi.gstatic.com/ Frame 6D4C
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lhogzeek&c=5392965397098&slotId=2696482698549&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400f:804::2003 Boulder, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:21 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame EF40
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lhogzefy&c=5392965397098&slotId=2696482698549&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400f:804::2003 Boulder, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:21 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 1308
43 B
766 B
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 15 May 2023 06:34:21 GMT
Expires
0
Keep-Alive
timeout=1, max=498
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usersync
usersync.gumgum.com/ Frame 6A09
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=CAlwCvVEjpTy5orMAo2m&pi=gumgum&tc=1
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=CAlwCvVEjpTy5orMAo2m&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 15 May 2023 06:34:21 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 15 May 2023 06:34:21 GMT Mon, 15 May 2023 06:34:21 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=CAlwCvVEjpTy5orMAo2m&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame AA8A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 15 May 2023 06:34:21 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 15 May 2023 06:34:21 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 7A6D
0
239 B
Image
General
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LHOGZFF0-6-K7O6
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
csi
csi.gstatic.com/ Frame 7BFD
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lhogzej8&c=5392965397098&slotId=2696482698549&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400f:804::2003 Boulder, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:21 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dmp.infopack.ca37c0ce5289aa663899.js
static1.dmcdn.net/playerv5/ Frame 4871
54 KB
13 KB
Script
General
Full URL
https://static1.dmcdn.net/playerv5/dmp.infopack.ca37c0ce5289aa663899.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xa2et.html?video=x80idv5&syndicationKey=273773&mute=true&ads_params=main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
da44646f2878b555f954e40049ebe013b17358c48caa69dc0cb5292e9e1e595e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
content-encoding
gzip
age
2416269
server-timing
total;dur=0, dc;desc="dc3"
content-length
13357
last-modified
Fri, 14 Apr 2023 08:16:55 GMT
server
DMS/1.0.42
etag
"64390bf7-d78d"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
5893eec1f705db02bdfeb3b90b161876
expires
Wed, 17 May 2023 07:23:12 GMT
dmp.jq_flight.1d9782312a093aadb89f.js
static1.dmcdn.net/playerv5/ Frame 4871
41 KB
15 KB
Script
General
Full URL
https://static1.dmcdn.net/playerv5/dmp.jq_flight.1d9782312a093aadb89f.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xa2et.html?video=x80idv5&syndicationKey=273773&mute=true&ads_params=main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
5e24b61f7ae7a4e552208ab7eb54601da5fd5af5a24a5cf542839398a33a9630

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
content-encoding
gzip
age
1810740
server-timing
total;dur=0, dc;desc="dc3"
content-length
14946
last-modified
Fri, 21 Apr 2023 15:43:47 GMT
server
DMS/1.0.42
etag
"6442af33-a5e2"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
73da7341e03efcf11ef9352e203f1735
expires
Wed, 24 May 2023 07:35:21 GMT
dmp.photon_manifest.529fd40cb9ac7b46995a.js
static1.dmcdn.net/playerv5/ Frame 4871
4 KB
2 KB
Script
General
Full URL
https://static1.dmcdn.net/playerv5/dmp.photon_manifest.529fd40cb9ac7b46995a.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xa2et.html?video=x80idv5&syndicationKey=273773&mute=true&ads_params=main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
28b061905058b158a72cd1956f0ab8f9fefd5769031efa7e9e179f5df75502c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
content-encoding
gzip
age
411756
server-timing
total;dur=0, dc;desc="dc3"
content-length
1912
last-modified
Wed, 10 May 2023 12:08:46 GMT
server
DMS/1.0.42
etag
"645b894e-100f"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
7ce6c7da5d63f323496e0a39538b0580
expires
Fri, 09 Jun 2023 12:11:45 GMT
dmp.photon_vendor.4581297c3e0fb53a3eb4.js
static1.dmcdn.net/playerv5/ Frame 4871
336 KB
101 KB
Script
General
Full URL
https://static1.dmcdn.net/playerv5/dmp.photon_vendor.4581297c3e0fb53a3eb4.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xa2et.html?video=x80idv5&syndicationKey=273773&mute=true&ads_params=main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
dfd8bf00cc57b6f60e742c4465d8f7c2099c71dc9e33d424fc23dc307e491006

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
content-encoding
gzip
age
204683
server-timing
total;dur=0, dc;desc="dc3"
content-length
103454
last-modified
Wed, 10 May 2023 12:08:46 GMT
server
DMS/1.0.42
etag
"645b894e-53fa4"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
1c00d480bd12954fe9c001ed2ba734a9
expires
Sun, 11 Jun 2023 21:42:58 GMT
dmp.photon_boot.624ef8cca1099e095a73.js
static1.dmcdn.net/playerv5/ Frame 4871
149 KB
35 KB
Script
General
Full URL
https://static1.dmcdn.net/playerv5/dmp.photon_boot.624ef8cca1099e095a73.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xa2et.html?video=x80idv5&syndicationKey=273773&mute=true&ads_params=main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
f88aa464ecf3027497dace126754601cdf7c47db2779106d4dadff0a47463cd2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
content-encoding
gzip
age
1115381
server-timing
total;dur=0, dc;desc="dc3"
content-length
35615
last-modified
Tue, 02 May 2023 08:23:04 GMT
server
DMS/1.0.42
etag
"6450c868-252f3"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
dafc3e80df5429ce7f8c1343bd82d0cc
expires
Thu, 01 Jun 2023 08:44:40 GMT
dmp.photon_app.983d7cf72c576cd73b9c.js
static1.dmcdn.net/playerv5/ Frame 4871
475 KB
134 KB
Script
General
Full URL
https://static1.dmcdn.net/playerv5/dmp.photon_app.983d7cf72c576cd73b9c.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xa2et.html?video=x80idv5&syndicationKey=273773&mute=true&ads_params=main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
472c6cbba96888170546c60275bbbdc10ce7ce297489deb283d1d4db8a7e5d75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
content-encoding
gzip
age
428265
server-timing
total;dur=0, dc;desc="dc3"
content-length
137200
last-modified
Wed, 10 May 2023 07:35:37 GMT
server
DMS/1.0.42
etag
"645b4949-76b37"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
d2b8d5af83c7606c77efe5866888ef1f
expires
Fri, 09 Jun 2023 07:36:36 GMT
dmp.photon_player.10ae2b2d193ea2ccd438.js
static1.dmcdn.net/playerv5/ Frame 4871
94 KB
28 KB
Script
General
Full URL
https://static1.dmcdn.net/playerv5/dmp.photon_player.10ae2b2d193ea2ccd438.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xa2et.html?video=x80idv5&syndicationKey=273773&mute=true&ads_params=main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
4a196b3f9f8d9b123d9f7e1d35a5dd11a4912f2638316916e5bb2a0d43f6ef9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
content-encoding
gzip
age
1115381
server-timing
total;dur=1, dc;desc="dc3"
content-length
28701
last-modified
Tue, 02 May 2023 08:23:04 GMT
server
DMS/1.0.42
etag
"6450c868-178e1"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
91dac9fd50691a17bdb51faff90d102b
expires
Thu, 01 Jun 2023 08:44:40 GMT
csi
csi.gstatic.com/ Frame 659D
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lhogzehg&c=5392965397098&slotId=2696482698549&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400f:804::2003 Boulder, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:21 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
d_check.js
waaw.to/js/ Frame BA84
3 KB
1 KB
Script
General
Full URL
https://waaw.to/js/d_check.js?34
Requested by
Host: waaw.to
URL: https://waaw.to/player/embed_player.php?vpn=1&vid=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
Google Frontend /
Resource Hash
2a750a5c4cd53d770d99cfd648aab9587e12c2fe9e2f6d0a52b699d2e88e5615

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://waaw.to/player/embed_player.php?vpn=1&vid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
cache
date
Mon, 15 May 2023 06:34:21 GMT
content-encoding
gzip
x-cache-status-inferno-s
HIT
last-modified
Thu, 27 Feb 2020 14:57:53 GMT
server
Google Frontend
etag
W/"5e57d8f1-d8a"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
x-inferno-location
static
accessing-static
1
csi
csi.gstatic.com/ Frame C67A
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lhogze6h&c=5392965397098&slotId=2696482698549&eee=missing-element&bi=missing-id&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=3&vhc=0&wta=1&ytext_viu=1&ytext_hd=0&ytext_vi=O9TR5uGHNKU&hghme=1&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400f:804::2003 Boulder, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:21 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 53E2
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lhogzekt&c=5392965397098&slotId=2696482698549&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400f:804::2003 Boulder, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:21 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame AA8A
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ddf8be177e7b79aaeb98ffa04b2c4f8a1c05058cb59a55387ad22612c968ee32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Mon, 15 May 2023 06:34:21 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 May 2023 04:59:05 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=80717
Connection
keep-alive
Content-Length
10021
Expires
Tue, 16 May 2023 04:59:38 GMT
csi
csi.gstatic.com/ Frame C560
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lhogze97&c=5392965397098&slotId=2696482698549&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400f:804::2003 Boulder, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:21 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 43B6
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lhogze4p&c=5392965397098&slotId=2696482698549&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400f:804::2003 Boulder, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:21 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dmp.locale-en-US.392361d874e0355190a5.json
static1.dmcdn.net/playerv5/ Frame 4871
2 KB
941 B
XHR
General
Full URL
https://static1.dmcdn.net/playerv5/dmp.locale-en-US.392361d874e0355190a5.json
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xa2et.html?video=x80idv5&syndicationKey=273773&mute=true&ads_params=main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
c8d7ace64894d227e9a65ae13f7fffa8feac2de602f7271e2b6b5c0c0f1e4823

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
content-encoding
gzip
age
928591
server-timing
total;dur=0, dc;desc="dc3"
content-length
613
last-modified
Thu, 04 May 2023 12:28:29 GMT
server
DMS/1.0.42
etag
"6453a4ed-822"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
fbb490015e1db0bb2d835696b5d1a85f
expires
Sat, 03 Jun 2023 12:37:50 GMT
/
pebed.dm-event.net/ Frame 4871
15 B
363 B
XHR
General
Full URL
https://pebed.dm-event.net/
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xa2et.html?video=x80idv5&syndicationKey=273773&mute=true&ads_params=main
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.59 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed2.dm.gg
Software
edward-ed/2.2.2 /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
https://geo.dailymotion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

Date
Mon, 15 May 2023 06:34:21 GMT
Server
edward-ed/2.2.2
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length
15
csi
csi.gstatic.com/ Frame 6A02
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lhogzeak&c=5392965397098&slotId=2696482698549&eee=missing-element&bi=missing-id&faa=1&fas=1&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400f:804::2003 Boulder, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:21 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame EE0F
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lhogzed9&c=5392965397098&slotId=2696482698549&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400f:804::2003 Boulder, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:21 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame EE0F
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lhogzfv8&c=5392965397098&slotId=2696482698549&ghmsh_eids=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400f:804::2003 Boulder, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:21 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame F899
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lhogzdzm&c=5392965397098&slotId=2696482698549&eee=missing-element&bi=missing-id&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=3&vhc=0&wta=1&ytext_viu=1&ytext_hd=0&ytext_vi=iUXoZ9QnifM&hghme=1&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400f:804::2003 Boulder, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:21 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track-selectmedia.com/trackv4/
0
17 B
Image
General
Full URL
https://track-selectmedia.com/trackv4/?d10=IT&d12=Chrome&d14=338X600&d19=10&d2=1684132200&d20=113.0.0&d23=tag_5f40f04e-17fa-49cf-ae12-28a8f5bc005c&d24=e1da33b2-5df6-46fc-a1b0-e9494976c808&d25=fee06c3e-0c86-4f3a-ae7d-b4a40c03835b&d3=413cb585-3a5f-47af-b38f-bfa872f9a666&d4=5cc8935c-b8e7-4e62-97fc-d3dc58e709bd&d5=eqywj.katerionews.com&d8=1&d9=Windows&channelkey=dHMxPTVjYzg5MzVjLWI4ZTctNGU2Mi05N2ZjLWQzZGM1OGU3MDliZCZ0czI9MSZ0czM9MiZ0czQ9MQ==&d28=1332&d33=20&d34=-1&d35=1&d36=1&d37=1&d38=1&d40=20&d26=600x338&d27=1&adSourceKey=YWRzMT0zMzA3OGZmOS02MTM3LTQxOGUtODBkYS1mZTlkYzM2MGI2Y2ImYWRzMj0xJmFkczM9MC43NSZhZHM0PTAmYWRzNj0wJmFkczc9MSZhZHM4PTc3MzE1MTFjLTc5MTAtNDc5NS1iNzBkLWE2NzIwYzZlNGQ0YiZhZHM5PTA=&adsourceId=33078ff9-6137-418e-80da-fe9dc360b6cb&cb=1684132461351-047ecbdb-5305-4277-b30b-d826ec731252&e=4
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
allowedmethods
GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials
true
allowedheaders
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
csi
csi.gstatic.com/ Frame 6D4C
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lhogzfr7&c=5392965397098&slotId=2696482698549&ghmsh_eids=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400f:804::2003 Boulder, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:21 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame EF40
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lhogzfrb&c=5392965397098&slotId=2696482698549&ghmsh_eids=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400f:804::2003 Boulder, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:21 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 659D
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lhogzfsq&c=5392965397098&slotId=2696482698549&ghmsh_eids=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400f:804::2003 Boulder, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:21 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 7A6D
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=gSSH3gcvSVyiYg7KdndoKA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=gSSH3gcvSVyiYg7KdndoKA
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=gSSH3gcvSVyiYg7KdndoKA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 06:34:21 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7Y2ETY9B6DQX3T4ZTXRQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=gSSH3gcvSVyiYg7KdndoKA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 7A6D
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 15 May 2023 06:34:21 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 7A6D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECVEfFn968Hh7Sz39UT-qlQ&google_cver=1
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECVEfFn968Hh7Sz39UT-qlQ&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECVEfFn968Hh7Sz39UT-qlQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 7A6D
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=XqJuXoo4TC2lhqGeY30jzQ&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=XqJuXoo4TC2lhqGeY30jzQ
43 B
479 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=XqJuXoo4TC2lhqGeY30jzQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Server
54.239.33.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 06:34:21 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1HKKH1TFYWTESV6EBEQG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=XqJuXoo4TC2lhqGeY30jzQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 7A6D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/l0dTPyFY7L7GRyuaaAbYbQ?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-OASIXZ9E2oJmlmBWe02GwCeipqNBsKA_LdniMQ--~A
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-OASIXZ9E2oJmlmBWe02GwCeipqNBsKA_LdniMQ--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Mon, 15 May 2023 06:34:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-OASIXZ9E2oJmlmBWe02GwCeipqNBsKA_LdniMQ--~A
content-length
0
setuid
px.ads.linkedin.com/ Frame 7A6D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHOGZFF0-6-K7O6
0
648 B
Image
General
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHOGZFF0-6-K7O6
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 79902039BB55469C99C9F9973830DB23 Ref B: FRAEDGE1709 Ref C: 2023-05-15T06:34:21Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX7taUgOLDTms9qOqLGJg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHOGZFF0-6-K7O6
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 7A6D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEhPR1pGRjAtNi1LN082
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBpLbRHSSG96QWCcMZ93NYY&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhPR1pGRjAtNi1LN082&google_push=
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhPR1pGRjAtNi1LN082&google_push=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhPR1pGRjAtNi1LN082&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e06182bf224d96e6550f4595601cdb0b
Expires
0
pixel
cm.g.doubleclick.net/ Frame 7A6D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzVlNGQ3MDIzZTg0OTE5N2RhNjk3YjdhNjU2YzYxZTdlNGMyOWM3ZQ
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzVlNGQ3MDIzZTg0OTE5N2RhNjk3YjdhNjU2YzYxZTdlNGMyOWM3ZQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzVlNGQ3MDIzZTg0OTE5N2RhNjk3YjdhNjU2YzYxZTdlNGMyOWM3ZQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
showad.js
ads.pubmatic.com/AdServer/js/ Frame 28E3
39 KB
14 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158810&siteId=0&adId=2934480&vadFmt=3&vapi=2&vminl=1&vmaxl=120&vh=365&vw=650&placement=1&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&sec=1&gdpr=1&gdpr_consent=undefined&schain=1.0%2C1!smilewanted.com%2C4192%2C1%2C%2Cpurifydigital.com%2Cpurifydigital.com%2C&us_privacy=&kadpageurl=eqywj.katerionews.com&cbb=4132459097
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5cd425896ccfd119ee720821af6a832189231c40d52ae8cad03480886967b984

Request headers

Referer
https://tpc.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=162764
content-encoding
gzip
content-length
14445
content-type
text/html
date
Mon, 15 May 2023 06:34:21 GMT
expires
Wed, 17 May 2023 03:47:05 GMT
last-modified
Tue, 21 Mar 2023 06:09:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame A8F7
39 KB
14 KB
Script
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158810&siteId=0&adId=2934480&vadFmt=3&vapi=2&vminl=1&vmaxl=120&vh=365&vw=650&placement=1&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&sec=1&gdpr=1&gdpr_consent=undefined&schain=1.0%2C1!smilewanted.com%2C4192%2C1%2C%2Cpurifydigital.com%2Cpurifydigital.com%2C&us_privacy=&kadpageurl=eqywj.katerionews.com&cbb=4132459097
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5cd425896ccfd119ee720821af6a832189231c40d52ae8cad03480886967b984

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
content-encoding
gzip
last-modified
Tue, 21 Mar 2023 06:09:28 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=162764
accept-ranges
bytes
content-length
14445
expires
Wed, 17 May 2023 03:47:05 GMT
track
st.pubmatic.com/ Frame A8F7
0
91 B
Image
General
Full URL
https://st.pubmatic.com/track?operId=7&p=158810&s=0&a=2934480&ts=1684132461&wa=0&vadsId=-1&er=993&isAk=0
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.221 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 15 May 2023 06:34:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
csi
csi.gstatic.com/ Frame 7BFD
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lhogzfsi&c=5392965397098&slotId=2696482698549&ghmsh_eids=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400f:804::2003 Boulder, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:21 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 53E2
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lhogzfty&c=5392965397098&slotId=2696482698549&ghmsh_eids=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400f:804::2003 Boulder, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:21 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vendor-list.json
vendorlist.dmcdn.net/v2/ Frame 4871
412 KB
55 KB
XHR
General
Full URL
https://vendorlist.dmcdn.net/v2/vendor-list.json
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.infopack.ca37c0ce5289aa663899.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
AmazonS3 /
Resource Hash
184f716d8d9ebd697c7dce0b2e76fa56fafec48daff5cb5bf558b0e9e0622e40

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
VH00MNLyGv9Kjmw0..K4FVrGCCiI4i4b
content-encoding
gzip
via
1.1 6fa25eadb94abd73b5efc56a89b2d828.cloudfront.net (CloudFront)
date
Mon, 15 May 2023 06:34:21 GMT
x-amz-cf-pop
CDG53-C1
age
311054
x-amz-server-side-encryption
AES256
content-length
55525
last-modified
Thu, 11 May 2023 16:05:25 GMT
server
AmazonS3
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
x-ip-address
178.79.244.27
x-amz-cf-id
PCWm_EoqNHUayTBn8f8cWRn883m3ck_rKO3TD4Yo7v9QhomumZTZzA==
x-llid
c2b3b707994e805568b4a650bad35be2
expires
Thu, 18 May 2023 16:10:07 GMT
csi
csi.gstatic.com/ Frame DBC9
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lhogze3a&c=5392965397098&slotId=2696482698549&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400f:804::2003 Boulder, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:21 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track-selectmedia.com/trackv4/
0
17 B
Image
General
Full URL
https://track-selectmedia.com/trackv4/?d10=IT&d12=Chrome&d14=338X600&d19=10&d2=1684132200&d20=113.0.0&d23=tag_5f40f04e-17fa-49cf-ae12-28a8f5bc005c&d24=e1da33b2-5df6-46fc-a1b0-e9494976c808&d25=fee06c3e-0c86-4f3a-ae7d-b4a40c03835b&d3=413cb585-3a5f-47af-b38f-bfa872f9a666&d4=5cc8935c-b8e7-4e62-97fc-d3dc58e709bd&d5=eqywj.katerionews.com&d8=1&d9=Windows&channelkey=dHMxPTVjYzg5MzVjLWI4ZTctNGU2Mi05N2ZjLWQzZGM1OGU3MDliZCZ0czI9MSZ0czM9MiZ0czQ9MQ==&d28=1332&d33=20&d34=-1&d35=1&d36=1&d37=1&d38=1&d40=20&d26=600x338&d27=1&adSourceKey=YWRzMT1iOWFlNzlkOC04ZGUzLTQ0YjAtOTFmYS04Y2EwZmIyOTA4YmImYWRzMj0xJmFkczM9MiZhZHM2PTAmYWRzNz0xJmFkczg9NDNiZmI0MDYtNjlkYy00NzA0LTlmNDEtMWI3ODkyYmY1NDkxJmFkczk9MA==&adsourceId=b9ae79d8-8de3-44b0-91fa-8ca0fb2908bb&cb=1684132461382-ef85d408-8382-41b1-b325-52ea95c56274&e=4
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
allowedmethods
GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials
true
allowedheaders
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sync.php
pixel.rubiconproject.com/exchange/ Frame AA8A
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LHOGZFF0-6-K7O6
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
x80idv5
www.dailymotion.com/player/metadata/video/ Frame 4871
11 KB
7 KB
XHR
General
Full URL
https://www.dailymotion.com/player/metadata/video/x80idv5?embedder=https%3A%2F%2Feqywj.katerionews.com%2F&geo=1&player-id=xa2et&syndicationKey=273773&locale=en-US&dmV1st=57a8aa54-71c4-4cfe-af38-8243cd3a9029&dmTs=953616&is_native_app=0&dmSharingUrlLocation=https%3A%2F%2Feqywj.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xa2et.html?video=x80idv5&syndicationKey=273773&mute=true&ads_params=main
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.90 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
fp.dc3.dailymotion.com
Software
DMS/1.0.42 /
Resource Hash
9a55287e2b8125e31a6a71700a12f4600a5b5b76766400003c371919e4da466f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31708800; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Security-Policy
upgrade-insecure-requests
Content-Encoding
gzip
Date
Mon, 15 May 2023 06:34:21 GMT
Strict-Transport-Security
max-age=31708800; includeSubDomains; preload
Content-Security-Policy-Report-Only
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Server-Timing
total;dur=181, dc;desc="dc3"
Content-Length
5752
Referrer-Policy
strict-origin-when-cross-origin
Server
DMS/1.0.42
Expect-Ct
max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Vary
X-DM-SSL,Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://geo.dailymotion.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
*
Access-Control-Allow-Headers
Authorization
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 4871
360 KB
120 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xa2et.html?video=x80idv5&syndicationKey=273773&mute=true&ads_params=main
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f826765655e6a3e039bda8ec43370f2c9247a931e3e33129175e48ca0690b1e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122883
x-xss-protection
0
expires
Mon, 15 May 2023 06:34:21 GMT
embed.211.js
waaw.to/js/ Frame BA84
167 KB
46 KB
Script
General
Full URL
https://waaw.to/js/embed.211.js?736
Requested by
Host: waaw.to
URL: https://waaw.to/player/embed_player.php?vpn=1&vid=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
Google Frontend /
Resource Hash
1d85956e60f098d0e36bd9c3e3457ea595d083561c95edf8ddffb37a577dcb55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://waaw.to/player/embed_player.php?vpn=1&vid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
cache
date
Mon, 15 May 2023 06:34:21 GMT
content-encoding
gzip
x-cache-status-inferno-s
HIT
last-modified
Sat, 29 Apr 2023 15:48:32 GMT
server
Google Frontend
etag
W/"644d3c50-29c06"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
x-inferno-location
static
accessing-static
1
csi
csi.gstatic.com/ Frame E629
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lhogze7w&c=5392965397098&slotId=2696482698549&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400f:804::2003 Boulder, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:21 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame DF2B
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230510&jk=3300188462687036&rc=
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js
pagead2.googlesyndication.com/bg/ Frame 6F37
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03a0e4a85c470c697b9cab256a97ff2704a034b9394b9d67c4aaf6c5d421b5d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 21:19:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
33282
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14779
x-xss-protection
0
last-modified
Mon, 08 May 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 May 2024 21:19:39 GMT
csi
csi.gstatic.com/ Frame 2E32
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lhogzebx&c=5392965397098&slotId=2696482698549&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400f:804::2003 Boulder, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:21 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
st.pubmatic.com/ Frame 7866
0
49 B
Image
General
Full URL
https://st.pubmatic.com/track?operId=7&p=158810&s=0&a=2934480&ts=1684132459&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.221 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 15 May 2023 06:34:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
ptv
secure.adnxs.com/ Frame 7866
85 B
1 KB
Fetch
General
Full URL
https://secure.adnxs.com/ptv?id=20889945&cb=4132461525&schain=1.0%2C1!smilewanted.com%2C4192%2C1%2C%2Cpurifydigital.com%2Cpurifydigital.com%2C&vplaybackmethod=0&referrer=eqywj.katerionews.com&kw_channel=instream_sans_algo
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5ef4bc022e79664d2b473869
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 06:34:21 GMT
AN-X-Request-Uuid
ceb6889e-040b-43de-952f-9d5872274e4f
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/xml; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://tpc.googlesyndication.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.146; 185.213.155.146; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ptv
secure.adnxs.com/ Frame 7866
85 B
1 KB
Fetch
General
Full URL
https://secure.adnxs.com/ptv?id=20752114&cb=4132461525&schain=1.0%2C1!smilewanted.com%2C4192%2C1%2C%2Cpurifydigital.com%2Cpurifydigital.com%2C&vplaybackmethod=0&referrer=eqywj.katerionews.com&kw_channel=instream_sans_algo
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5ef4bc022e79664d2b473869
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 06:34:21 GMT
AN-X-Request-Uuid
d726d0cb-10aa-4e44-8890-10f61b576ff8
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/xml; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://tpc.googlesyndication.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.146; 185.213.155.146; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vast.xml
optimized-by.rubiconproject.com/a/api/ Frame 7866
Redirect Chain
  • https://video-ads.rubiconproject.com/video/19814/243946/1858894/201/vast.xml?tg_c.language=fr&p_aso.video.maxduration=120&gdpr=1&gdpr_consent=undefined
  • https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=19814&site_id=243946&zone_id=1858894&size_id=201&tg_c.language=fr&p_aso.video.maxduration=120&gdpr=1&gdpr_consent=&p_aso.video.api=...
28 B
347 B
Fetch
General
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=19814&site_id=243946&zone_id=1858894&size_id=201&tg_c.language=fr&p_aso.video.maxduration=120&gdpr=1&gdpr_consent=&p_aso.video.api=2&p_aso.video.mimes=application%2Fjavascript%2Cvideo%2Fmp4&tk_vpaid=1&cb=65693738.714649
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H2
Server
18.194.110.75 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-110-75.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
pragma
no-cache
date
Mon, 15 May 2023 06:34:21 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
null
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
x-http2-stream-id
248535

Redirect headers

Date
Mon, 15 May 2023 06:34:21 GMT
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By
PHP/5.4.16
Access-Control-Allow-Methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type
text/html; charset=UTF-8
Location
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=19814&site_id=243946&zone_id=1858894&size_id=201&tg_c.language=fr&p_aso.video.maxduration=120&gdpr=1&gdpr_consent=&p_aso.video.api=2&p_aso.video.mimes=application%2Fjavascript%2Cvideo%2Fmp4&tk_vpaid=1&cb=65693738.714649
Access-Control-Allow-Origin
https://tpc.googlesyndication.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Accept-Charset,X-Accept,Content-Type
Content-Length
0
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 7866
1 KB
889 B
Fetch
General
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=158810&siteId=0&adId=2934480&vadFmt=3&vapi=2&vminl=1&vmaxl=120&vh=365&vw=650&placement=1&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&sec=1&gdpr=1&gdpr_consent=undefined&schain=1.0%2C1!smilewanted.com%2C4192%2C1%2C%2Cpurifydigital.com%2Cpurifydigital.com%2C&us_privacy=&kadpageurl=eqywj.katerionews.com&cbb=4132461526
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5ef4bc022e79664d2b473869
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
632132c2c0ceec6d89d832b18865c1d622472ea793213019cf1714699cd013cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:21 GMT
content-encoding
gzip
server
Apache
etag
"23da-5e7fbf52c16e8-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://tpc.googlesyndication.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
638
expires
Mon, 15 May 2023 06:34:21 GMT
0
ads.stickyadstv.com/vast/vpaid-adapter/ Frame 7866
67 B
622 B
Fetch
General
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/0?loc=https%3A%2F%2Feqywj.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a62&_fw_gdpr=1&_fw_gdpr_consent=undefined&cbb=4132461526
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5ef4bc022e79664d2b473869
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-16.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 06:34:21 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://tpc.googlesyndication.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1684132461486047-367
Expires
Mon, 15 May 2023 06:34:21 GMT
track
track1.aniview.com/ Frame 7866
0
97 B
Image
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=eqywj.katerionews.com&rs=eqywj.katerionews.com&sid=3380&t=1684132458&cip=185.213.155.146&sn=&tgt=1&osv=10&bv=113.0&brn=Chrome&wi=480&he=270&app=&AV_PUBLISHERID=5ef4bc022e79664d2b473869&test=&d64=457386a273d3c540db849c51b6a3ba15&d63=457386a273d3c540db849c51b6a3ba15&aafaid=&proto=https&uid=1684132458537-966106332148-001204-005-006940&cha=0.05&stagid=&stplid=&d35=&d36=6.2.98&cb=70628946280&d39=&d65=&d66=&d73=&apppkg=&d9=0000&d37=realtime&AV_WIDTH=480&AV_HEIGHT=270&nid=5ef4bc022e79664d2b473869&ncid=5fd512d6c22e4d461a608c85&e=request&cb=1684132461526&asid=600063541f5b0f2fbc637ad9%2C5fd51ab848217056e368a756%2C5fd520b9eaa1363e56524fad%2C5fd5261d9eaac6371a732cb6%2C5fd52859b50cd54a4264f38d&ofpr=%2C%2C%2C%2C&fpo=%2C%2C%2C%2C&ri=%2C%2C%2C%2C
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.77.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-21-77-250.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame EE2C
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss6i22awCo6ljZzQGGbXBqKoXqqI7sPnPjYa1itpiOVHkQ_b9zGLlPc6NxD5whqPDkWW_wxv0uSr5mh_-cRJBmCvEjuHdKkcoCHXfAa2sNXgRS5jzSw&sig=Cg0ArKJSzD8CYOcxBgW7EAE&id=lidar2&mcvt=1027&p=393,1065,443,1385&mtos=1027,1027,1027,1027,1027&tos=1027,0,0,0,0&v=20230510&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=778162663&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684132457512&rpt=2972&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
popunder.js
waaw.to/ad/api/ Frame BA84
21 B
366 B
Script
General
Full URL
https://waaw.to/ad/api/popunder.js
Requested by
Host: waaw.to
URL: https://waaw.to/player/embed_player.php?vpn=1&vid=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
Google Frontend /
Resource Hash
a499068cf858aa2cd9b077e2e354b6bf8435eaa8e44c2047f403c7283031977f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://waaw.to/player/embed_player.php?vpn=1&vid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
cache
date
Mon, 15 May 2023 06:34:21 GMT
x-cache-status-inferno-s
HIT
last-modified
Wed, 15 Sep 2021 14:06:22 GMT
server
Google Frontend
etag
"6141fdde-15"
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
accept-ranges
bytes
content-length
21
x-inferno-location
static
accessing-static
1
urlsvid.json
vpaid.vidoomy.com/sync/ Frame 5C63
1 KB
815 B
XHR
General
Full URL
https://vpaid.vidoomy.com/sync/urlsvid.json
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr=1&gdpr_consent=undefined&us_privacy=1---&redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1684132458537-966106332148-001204-005-006940%26biddername%3D133%26pid%3D59c9148628a0612da3689288%26key%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
81a4bd27e957576653d3059ac699bf25e16698b98a98e26a6a84cf1d6d9660b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 15 May 2023 06:34:21 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
935613
x-accel-date
1683196848
x-77-nzt
AcO1rw4lNq7/vUYOAA
x-accel-expires
@1684233648
last-modified
Wed, 29 Mar 2023 10:31:18 GMT
server
CDN77-Turbo
etag
W/"64241376-446"
x-77-nzt-ray
90833930db1d9b206dd26164d7d8a128
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://vid.vidoomy.com
access-control-allow-credentials
true
csi
csi.gstatic.com/ Frame 414E
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lhogze1h&c=5392965397098&slotId=2696482698549&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400f:804::2003 Boulder, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:21 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame F899
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lhogzfvg&c=5392965397098&slotId=2696482698549&qqid=COu036ja9v4CFS-R_Qcd29sOwA&gqid=bNJhZNikO-aB7_UP3ui1uAQ&fb=ima_html5-lima&sdkv=h.3.572.0&mrd=4&aab=1&itv=1&ghmsh_eids=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&met.4=ghmsh_s.lhogzfvj~ghmsh_s.lhogzfvj&ghmsh_hd=1&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C396%2C398%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=XxiX2L9riJ0dluiM
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400f:804::2003 Boulder, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:21 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F899
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&lid=143&sdkv=h.3.572.0&e=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&id=ima_html5&c=3498604389408478&domain
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame F899
453 B
478 B
Image
General
Full URL
https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-video-pub-4903453974745530
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 05:58:38 GMT
x-content-type-options
nosniff
age
2143
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
453
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
image/png
cache-control
public, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 15 May 2023 06:48:38 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame F899
42 B
176 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CS72obdJhZKtKr6L27w_bt7uADPrloM5vrLrt9NQQjNyJn7wBEAEgmYu9L2CV4pCCoAegAeXF1KoCyAEFqQK4Sb-1M2eyPuACAKgDAZgEAKoE8QNP0DKckqmhGa8U0kDXim9vpFKFaUl0Utcbw6r_HM5CwvV36a9J_m1zJXpaeG3mXEUg-iQPmaoUiBcZWDSL2XxvyTRqd4kNWqRk5lxLvYfAyzWPittU61yCsB5srnDYeD9fr7yknN3bW8F2qZAONZ7KzBHT_-SJ2Voo2T5CzOBiL8yDrfjiO2RUvjT_LNMnt6PUJeg4gTIaxUibPO3qnl5XxWAc6lCX84gJ20a8UkIfXFHcVb_tTRsNvCnm4a6TPBx4owMTXcsVzQivsFpJQFuy6zOABH9KCzLcj71GBrMPP7Jh8ehqsAnud4Fo_LiWFxgBMmzNk6G4TViNqhJsk9Lsz-RKa7VUmE4mdSlGH0JjvXncYgm_ALfK-FNVR5jKyJ5lfxCPS2D4ynSjh4r6AaOnzRD-irG5DWVJHRlh3GcKXnxs6L4266oDlCEU-wM3CpO3-1pVUGS0PqD7DYCE0KjAavj28q6AsxVP5cL3udYCvBQs9-xiE-Br8tsEPfuc6JcIxR6Q1x_SFsUP1_OyXIt2KL7eSL1H2PbBMBB0xW8I5vJznDJAvNJN8tuZre7xG9_j2Df4Ps5JKez9QLMXVvB3PQaFrBL1P2pe27EUmZYqaQ06mtbeeKy6xOZYGyK4EJ27D3xYDpB7bp-G46o4mHXnQMAEzY7stP4D4AQBoAZUgAeDuqvVAagHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHAagIAdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqxCTrYv2l2l07SgAoDmAsByAsB0AsPuAwBmg0BD9gTE9AVAfgWAYAXAQ&sigh=bo_3jd_1tJ0&label=show_ad&sdkv=h.3.572.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU3MjU0OTQ1NTE0ODIMNjA5MjUzNzg5MTUxQPgCUiMQDyUAAPBBKAE6C2lVWG9aOVFuaWZNQglnb29nbGVhZHNQABgB
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame F899
0
0
Image
General
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=CMD6KbdJhZKtKr6L27w_bt7uADPrloM5vrLrt9NQQjNyJn7wBEAEgmYu9L2CV4pCCoAegAeXF1KoCyAEFqQK4Sb-1M2eyPuACAKgDAZgEAKoE7gNP0DKckqmhGa8U0kDXim9vpFKFaUl0Utcbw6r_HM5CwvV36a9J_m1zJXpaeG3mXEUg-iQPmaoUiBcZWDSL2XxvyTRqd4kNWqRk5lxLvYfAyzWPittU61yCsB5srnDYeD9fr7yknN3bW8F2qZAONZ7KzBHT_-SJ2Voo2T5CzOBiL8yDrfjiO2RUvjT_LNMnt6PUJeg4gTIaxUibPO3qnl5XxWAc6lCX84gJ20a8UkIfXFHcVb_tTRsNvCnm4a6TPBx4owMTXcsVzQivsFpJQFuy6zOABH9KCzLcj71GBrMPP7Jh8ehqsAnud4Fo_LiWFxgBMmzNk6G4TViNqhJsk9Lsz-RKa7VUmE4mdSlGH0JjvXncYgm_ALfK-FNVR5jKyJ5lfxCPS2D4ynSjh4r6AaOnzRD-irG5DWVJHRlh3GcKXnxs6L4266oDlCEU-wM3CpO3-1pVUGS0PqD7DYCE0KjAavj28q6AsxVP5cL3udYCvBQs9-xiE-Br8tsEPfuc6JcIxR6Q1x_SFsUP1_OyXIt2KL7eSL1H2PbBMBB0xW8I5vJznDJAvNJN8tuZre7xG9_j2Df4Ps5JKez9QLMXVvB3PQaF9BNHVWJ0O5OGN3e9H-2t31kFWyJJ1cdStiiWCDF9gAq4u0pRQocZSGkbFsAEzY7stP4D4AQBoAZUgAeDuqvVAagHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQwO1dqAgB0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA8gLAcITBhjlxdSqAtgTE9AVAYAXAbIXHgocCAASFHB1Yi02NzM2MjU2NDczMjAyNzMzGOTDDg&sigh=DqGQPkzf2B0&cmd=Ch1jYS12aWRlby1wdWItNDkwMzQ1Mzk3NDc0NTUzMBAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&cid=CAQSPABygQiD70ceAbhYbjXH_BdZOhTwqkadl22z-qkftwc9xaUrivP9uxkd7UTxeFRCo74isr9guwOkJjYoPRgB&vt=10&sdkv=h.3.572.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU3MjU0OTQ1NTE0ODIMNjA5MjUzNzg5MTUxQPgCUiMQDyUAAPBBKAE6C2lVWG9aOVFuaWZNQglnb29nbGVhZHNQABgB
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

embed_player.3.css
waaw.to/styles/global/ Frame BA84
6 KB
2 KB
Stylesheet
General
Full URL
https://waaw.to/styles/global/embed_player.3.css?130
Requested by
Host: waaw.to
URL: https://waaw.to/player/embed_player.php?vpn=1&vid=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
Google Frontend /
Resource Hash
e2f1967bd0ff37182a4c0d4af0ae9cb04cdcbd189cec906bc2e2d9e0a36209e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://waaw.to/player/embed_player.php?vpn=1&vid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
cache
date
Mon, 15 May 2023 06:34:21 GMT
content-encoding
gzip
x-cache-status-inferno-s
HIT
last-modified
Wed, 09 Dec 2020 22:16:37 GMT
server
Google Frontend
etag
W/"5fd14cc5-1701"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
x-inferno-location
static
accessing-static
1
csi
csi.gstatic.com/
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~lhogzdan&c=5392965397098&slotId=2696482698549&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400f:804::2003 Boulder, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:21 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
rr1---sn-5hneknes.googlevideo.com/ Frame 75BF
2 MB
2 MB
Media
General
Full URL
https://rr1---sn-5hneknes.googlevideo.com/videoplayback?expire=1684161261&ei=bdJhZKz6CbvIx_APpryBmAc&ip=2a03:1b20:6:f011::2e&id=8945e867d42789f3&itag=22&source=youtube&requiressl=yes&mh=Z8&mm=31&mn=sn-5hneknes&ms=au&mv=m&mvi=1&pl=48&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=30.069&lmt=1668300674300858&mt=1684132146&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIgLPjDmrHC7UMQHbRXlRrUnrmPFgFQOST1P_vfunPVQCUCIQDLMUvNeWq5BlRZOs-XycExF14hIOyMWPFkAV4nkcWHeA==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgEkt1aR8rOcVUEeDPPoPRo2NyN2IM65-K0SAe_NxTzi4CIQCfVjmSMfAxtXxl3dT27n5Dt5WA4X0FSZtZU9MxpV9Kig==&cpn=XxiX2L9riJ0dluiM
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:10::6 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
83e91914f886619fc86233b80949e6734c17c0f6c3c169aa2c4847d7f04fed86
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Range
bytes=0-

Response headers

Date
Mon, 15 May 2023 06:34:21 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 13 Nov 2022 00:51:14 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-1703725/1703726
Cache-Control
private, max-age=28500
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
1703726
Expires
Mon, 15 May 2023 06:34:21 GMT
dmp.omweb.cdfef7829ffd9944e2f5.js
static1.dmcdn.net/playerv5/ Frame 4871
38 KB
13 KB
Script
General
Full URL
https://static1.dmcdn.net/playerv5/dmp.omweb.cdfef7829ffd9944e2f5.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.photon_manifest.529fd40cb9ac7b46995a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
cf9975742e815c4d3f5c33d9c18f09681b2ed299025ed022973ff91a18e9fec6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
content-encoding
gzip
age
2132955
server-timing
total;dur=1, dc;desc="dc3"
content-length
13218
last-modified
Wed, 19 Apr 2023 13:40:00 GMT
server
DMS/1.0.42
etag
"643fef30-9633"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
9098a10a4aac8b2e93c884ee573db327
expires
Sat, 20 May 2023 14:05:06 GMT
dmp.omid_session_client.63164f6b3825d0575556.js
static1.dmcdn.net/playerv5/ Frame 4871
61 KB
12 KB
Script
General
Full URL
https://static1.dmcdn.net/playerv5/dmp.omid_session_client.63164f6b3825d0575556.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.photon_manifest.529fd40cb9ac7b46995a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
c8a2e26051508d58bf9fd678d53238d1274420fa683ceb393d1c41b8df65abb0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
content-encoding
gzip
age
2525952
server-timing
total;dur=1, dc;desc="dc3"
content-length
12086
last-modified
Thu, 13 Apr 2023 13:38:03 GMT
server
DMS/1.0.42
etag
"643805bb-f43f"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
bc84fd6439bb71d905fbda7452d3eb45
expires
Tue, 16 May 2023 00:55:09 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 4871
4 KB
2 KB
Script
General
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.photon_app.983d7cf72c576cd73b9c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 15 May 2023 06:34:21 GMT
latencies.js
speedtest.dailymotion.com/ Frame 4871
7 KB
2 KB
Script
General
Full URL
https://speedtest.dailymotion.com/latencies.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.photon_app.983d7cf72c576cd73b9c.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.91 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
st.dc3.dailymotion.com
Software
/
Resource Hash
72b2181e58d5c45800d66d36702794ca5ae5bf1fbc20f106442b7eac3191a623

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Mon, 15 May 2023 06:34:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Sep 2020 07:44:45 GMT
Content-Type
application/javascript
Cache-Control
max-age=21600, public
Accept-Ranges
bytes
Content-Length
2041
Expires
Mon, 15 May 2023 12:34:21 GMT
ABCFavoritRegular.606eba755d8de32177c321d7c0801e64.woff2
static1.dmcdn.net/playerv5/fonts/ Frame 4871
49 KB
49 KB
Font
General
Full URL
https://static1.dmcdn.net/playerv5/fonts/ABCFavoritRegular.606eba755d8de32177c321d7c0801e64.woff2
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
cae765e89c38588186de4b36811acb8e873a674a2ca9223dca8fb391a012082b

Request headers

Referer
https://geo.dailymotion.com/
Origin
https://geo.dailymotion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
last-modified
Wed, 26 Apr 2023 08:40:03 GMT
server
DMS/1.0.42
age
1633854
etag
"6448e363-c320"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000
server-timing
total;dur=0, dc;desc="dc3"
accept-ranges
bytes
timing-allow-origin
*
content-length
49952
x-llid
fe9b0bcb5a74eae86dccaff1f4c11ecd
expires
Fri, 26 May 2023 08:43:27 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame BB6A
360 KB
120 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.photon_app.983d7cf72c576cd73b9c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f826765655e6a3e039bda8ec43370f2c9247a931e3e33129175e48ca0690b1e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122883
x-xss-protection
0
expires
Mon, 15 May 2023 06:34:21 GMT
script-2.12.5.js
waaw.to/js/ Frame BA84
19 KB
5 KB
Script
General
Full URL
https://waaw.to/js/script-2.12.5.js
Requested by
Host: waaw.to
URL: https://waaw.to/js/embed.211.js?736
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
Google Frontend /
Resource Hash
5776d146edfa1de32f5c74f409ced004eac80e4f8e2b981ab44dfd46ebba1712

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://waaw.to/player/embed_player.php?vpn=1&vid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
cache
date
Mon, 15 May 2023 06:34:21 GMT
content-encoding
gzip
x-cache-status-inferno-s
HIT
last-modified
Tue, 01 Dec 2020 19:28:37 GMT
server
Google Frontend
etag
W/"5fc69965-4cb8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
x-inferno-location
static
accessing-static
1
trace
waaw.to/cdn-cgi/ Frame BA84
548 B
337 B
XHR
General
Full URL
https://waaw.to/cdn-cgi/trace
Requested by
Host: unpkg.com
URL: https://unpkg.com/jquery@2.2.4/dist/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
Google Frontend /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Accept
*/*
Referer
https://waaw.to/player/embed_player.php?vpn=1&vid=1
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
content-encoding
gzip
server
Google Frontend
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
x-cache-status-inferno
MISS
x-origin-location
/
x-inferno-location
/
segment.css
waaw.to/styles/global/ Frame BA84
616 B
654 B
Stylesheet
General
Full URL
https://waaw.to/styles/global/segment.css?11
Requested by
Host: waaw.to
URL: https://waaw.to/player/embed_player.php?vpn=1&vid=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
Google Frontend /
Resource Hash
889727ca9e58ccddfc9c0df7031ea9b5fd19b42a15286cc5c380eef5bea350ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://waaw.to/player/embed_player.php?vpn=1&vid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
cache
date
Mon, 15 May 2023 06:34:21 GMT
content-encoding
gzip
x-cache-status-inferno-s
HIT
last-modified
Sun, 17 Mar 2019 16:12:54 GMT
server
Google Frontend
etag
W/"5c8e7206-268"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
x-inferno-location
static
accessing-static
1
sync
x.bidswitch.net/ Frame 5C63
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=vidoomy&gdpr=1&gdpr_consent=undefined
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.144.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-144-147.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
prebid
rtb.openx.net/sync/ Frame 5C63
43 B
351 B
Image
General
Full URL
https://rtb.openx.net/sync/prebid?gdpr=1&gdpr_consent=undefined&r=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D$%7BUID%7D%26vid%3D2799041a3515fb48b172c141f80c0fdc%26dspid%3Dopenx
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:21 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
i516s1nmgp3cvp9d3qftqhl45h6vu46r
cookie
cm.adform.net/ Frame 5C63
43 B
106 B
Image
General
Full URL
https://cm.adform.net/cookie?gdpr=1&gdpr_consent=undefined&redirect_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%24UID%26vid%3D2799041a3515fb48b172c141f80c0fdc%26dspid%3Dadf
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
server
nginx
content-length
43
content-type
image/gif
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 4D74
159 KB
38 KB
Script
General
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158810&siteId=0&adId=2934480&vadFmt=3&vapi=2&vminl=1&vmaxl=120&vh=365&vw=650&placement=1&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&sec=1&gdpr=1&gdpr_consent=undefined&schain=1.0%2C1!smilewanted.com%2C4192%2C1%2C%2Cpurifydigital.com%2Cpurifydigital.com%2C&us_privacy=&kadpageurl=eqywj.katerionews.com&cbb=4132461526
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5ef4bc022e79664d2b473869
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6df215b9a2f1b4f5e10092923bb034bd581f40596071bfba89f3168e204d031d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
content-encoding
gzip
last-modified
Tue, 21 Mar 2023 05:15:25 GMT
server
Apache
etag
"27bcd-5f762218e8e3a-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
38303
/
pebed.dm-event.net/ Frame 4871
15 B
363 B
XHR
General
Full URL
https://pebed.dm-event.net/
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.photon_vendor.4581297c3e0fb53a3eb4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.59 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed2.dm.gg
Software
edward-ed/2.2.2 /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Accept
application/json, text/plain, */*
Referer
https://geo.dailymotion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

Date
Mon, 15 May 2023 06:34:21 GMT
Server
edward-ed/2.2.2
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length
15
generate_204
tpc.googlesyndication.com/ Frame 6F37
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?7xTjjA
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
trackv4
track-selectmedia.com/
0
17 B
XHR
General
Full URL
https://track-selectmedia.com/trackv4?bulkV3=true&version=1332&uuid=0223985f-527c-4385-a9cb-3954d0f5fec8
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/selectmedia-player.umd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eqywj.katerionews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 15 May 2023 06:34:22 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
https://eqywj.katerionews.com
allowedmethods
GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials
true
allowedheaders
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
trackv4
track-selectmedia.com/ Frame
0
0
Preflight
General
Full URL
https://track-selectmedia.com/trackv4?bulkV3=true&version=1332&uuid=0223985f-527c-4385-a9cb-3954d0f5fec8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://eqywj.katerionews.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://eqywj.katerionews.com
allowedheaders
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
allowedmethods
GET , POST , PUT , DELETE , OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json
date
Mon, 15 May 2023 06:34:21 GMT
referrer-policy
no-referrer-when-downgrade
via
1.1 google
showad.js
ads.pubmatic.com/AdServer/js/ Frame B217
39 KB
14 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158810&siteId=0&adId=2934480&vadFmt=3&vapi=2&vminl=1&vmaxl=120&vh=365&vw=650&placement=1&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&sec=1&gdpr=1&gdpr_consent=undefined&schain=1.0%2C1!smilewanted.com%2C4192%2C1%2C%2Cpurifydigital.com%2Cpurifydigital.com%2C&us_privacy=&kadpageurl=eqywj.katerionews.com&cbb=4132461526
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5cd425896ccfd119ee720821af6a832189231c40d52ae8cad03480886967b984

Request headers

Referer
https://tpc.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=162764
content-encoding
gzip
content-length
14445
content-type
text/html
date
Mon, 15 May 2023 06:34:21 GMT
expires
Wed, 17 May 2023 03:47:05 GMT
last-modified
Tue, 21 Mar 2023 06:09:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 4D74
39 KB
14 KB
Script
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158810&siteId=0&adId=2934480&vadFmt=3&vapi=2&vminl=1&vmaxl=120&vh=365&vw=650&placement=1&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&sec=1&gdpr=1&gdpr_consent=undefined&schain=1.0%2C1!smilewanted.com%2C4192%2C1%2C%2Cpurifydigital.com%2Cpurifydigital.com%2C&us_privacy=&kadpageurl=eqywj.katerionews.com&cbb=4132461526
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5cd425896ccfd119ee720821af6a832189231c40d52ae8cad03480886967b984

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
content-encoding
gzip
last-modified
Tue, 21 Mar 2023 06:09:28 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=162764
accept-ranges
bytes
content-length
14445
expires
Wed, 17 May 2023 03:47:05 GMT
track
st.pubmatic.com/ Frame 4D74
0
49 B
Image
General
Full URL
https://st.pubmatic.com/track?operId=7&p=158810&s=0&a=2934480&ts=1684132462&wa=0&vadsId=-1&er=993&isAk=0
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.221 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 15 May 2023 06:34:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
embed_menu.css
waaw.to/styles/cbv2new/theme/ Frame BA84
10 KB
3 KB
Stylesheet
General
Full URL
https://waaw.to/styles/cbv2new/theme/embed_menu.css?21
Requested by
Host: waaw.to
URL: https://waaw.to/player/embed_player.php?vpn=1&vid=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
Google Frontend /
Resource Hash
45bc2ebb82341b0beb20bf20f0318c5f520e782e2c23da5280d26ab94e046013

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://waaw.to/player/embed_player.php?vpn=1&vid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
cache
date
Mon, 15 May 2023 06:34:21 GMT
content-encoding
gzip
x-cache-status-inferno-s
HIT
last-modified
Wed, 02 Dec 2020 01:21:09 GMT
server
Google Frontend
etag
W/"5fc6ec05-26c0"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
x-inferno-location
static
accessing-static
1
bridge3.572.0_en.html
imasdk.googleapis.com/js/core/ Frame 7AA6
707 KB
226 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b144069da3f1709d073fdb3895992e36a79a45b9f8db3a8bc3f52b54bc86115a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://geo.dailymotion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
313965
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
231061
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 11 May 2023 15:21:36 GMT
expires
Fri, 10 May 2024 15:21:36 GMT
last-modified
Thu, 04 May 2023 18:03:20 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame BB6A
44 KB
16 KB
Script
General
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 May 2023 06:34:21 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame F899
42 B
64 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CS72obdJhZKtKr6L27w_bt7uADPrloM5vrLrt9NQQjNyJn7wBEAEgmYu9L2CV4pCCoAegAeXF1KoCyAEFqQK4Sb-1M2eyPuACAKgDAZgEAKoE8QNP0DKckqmhGa8U0kDXim9vpFKFaUl0Utcbw6r_HM5CwvV36a9J_m1zJXpaeG3mXEUg-iQPmaoUiBcZWDSL2XxvyTRqd4kNWqRk5lxLvYfAyzWPittU61yCsB5srnDYeD9fr7yknN3bW8F2qZAONZ7KzBHT_-SJ2Voo2T5CzOBiL8yDrfjiO2RUvjT_LNMnt6PUJeg4gTIaxUibPO3qnl5XxWAc6lCX84gJ20a8UkIfXFHcVb_tTRsNvCnm4a6TPBx4owMTXcsVzQivsFpJQFuy6zOABH9KCzLcj71GBrMPP7Jh8ehqsAnud4Fo_LiWFxgBMmzNk6G4TViNqhJsk9Lsz-RKa7VUmE4mdSlGH0JjvXncYgm_ALfK-FNVR5jKyJ5lfxCPS2D4ynSjh4r6AaOnzRD-irG5DWVJHRlh3GcKXnxs6L4266oDlCEU-wM3CpO3-1pVUGS0PqD7DYCE0KjAavj28q6AsxVP5cL3udYCvBQs9-xiE-Br8tsEPfuc6JcIxR6Q1x_SFsUP1_OyXIt2KL7eSL1H2PbBMBB0xW8I5vJznDJAvNJN8tuZre7xG9_j2Df4Ps5JKez9QLMXVvB3PQaFrBL1P2pe27EUmZYqaQ06mtbeeKy6xOZYGyK4EJ27D3xYDpB7bp-G46o4mHXnQMAEzY7stP4D4AQBoAZUgAeDuqvVAagHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHAagIAdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqxCTrYv2l2l07SgAoDmAsByAsB0AsPuAwBmg0BD9gTE9AVAfgWAYAXAQ&sigh=bo_3jd_1tJ0&label=video_ad_loaded&sdkv=h.3.572.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU3MjU0OTQ1NTE0ODIMNjA5MjUzNzg5MTUxQPgCUiMQDyUAAPBBKAE6C2lVWG9aOVFuaWZNQglnb29nbGVhZHNQABgB
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame BA84
5 KB
701 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,300&subset=latin,cyrillic
Requested by
Host: waaw.to
URL: https://waaw.to/styles/cbv2new/theme/embed_menu.css?21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
785b3c6cc775a90a0c69c4ca9228dce8d19e91fdbea991ce3ed438f3e77e38c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://waaw.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 15 May 2023 06:34:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 15 May 2023 04:50:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 May 2023 06:34:21 GMT
dmp.dynamic_quality_switcher.1c7534ac08453c758024.js
static1.dmcdn.net/playerv5/ Frame 4871
22 KB
7 KB
Script
General
Full URL
https://static1.dmcdn.net/playerv5/dmp.dynamic_quality_switcher.1c7534ac08453c758024.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.photon_manifest.529fd40cb9ac7b46995a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
0f5c7a7fa9d3024dc2ca19a856ea61d7d31c9a82743dcabd61ee3bce7c26147d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
content-encoding
gzip
age
1633854
server-timing
total;dur=0, dc;desc="dc3"
content-length
7194
last-modified
Wed, 26 Apr 2023 08:40:03 GMT
server
DMS/1.0.42
etag
"6448e363-5871"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
ea3d46d03e36a5cb8f13b23359ebe43a
expires
Fri, 26 May 2023 08:43:27 GMT
dmp.vendors~hlsjs_stable.8ac8809237b9a52466f8.js
static1.dmcdn.net/playerv5/ Frame 4871
189 KB
54 KB
Script
General
Full URL
https://static1.dmcdn.net/playerv5/dmp.vendors~hlsjs_stable.8ac8809237b9a52466f8.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.photon_manifest.529fd40cb9ac7b46995a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
1b6d3eb6c61dbc3983ce0842d475d4c4e6174c9ac87baefec2e4b3ea11284d04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:21 GMT
content-encoding
gzip
age
2530576
server-timing
total;dur=0, dc;desc="dc3"
content-length
54686
last-modified
Thu, 13 Apr 2023 13:38:03 GMT
server
DMS/1.0.42
etag
"643805bb-2f204"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
02edb2a81bd501021a508dbdb5847f85
expires
Mon, 15 May 2023 23:38:05 GMT
x80idv5.m3u8
dmxleo.dailymotion.com/cdn/manifest/video/ Frame 4871
0
275 B
Script
General
Full URL
https://dmxleo.dailymotion.com/cdn/manifest/video/x80idv5.m3u8?auth=1684305261-2688-r17d0vvb-f95c6362e0a8aa3ff1cfffcc57df8e38o7xo1wXobd5hGd3MuOXg6QXbl9bqfhttOCa7n21km4VjkAsCBRfFTl7aO6q5OZ298svAcjW5jAKE06Dyaz8sXBD-4tFVDUYzL1lV--KOgKQh4vNMsIGIWMoKV-M1j-LcI82T7Y_oyHTqZC1vErXbIkCMofv_I48P0BTJvNtfms01JViquv0-4-BK9ufDGMAw8wn4AEd8dIGvJuOAu8cQyOMUyDzyzjpzGURu0keVjp16pavhwpxYDPkhDAEM2ITIHg-qzebOrUeB1Gv15YIM4BKQDg2x3bQP1u33AyoIUGmHPH4pc_YTCSR6cMIVPFjnXs0n87twhC8Ab55WKT3cw5cH2XIFjMv3LRCUOWyE3Vm1XWF5N8E-_KpqC75MDXj4cJ4H22BIigv_lXKtvniY9rWTn5b_rAEgV7bvWPgXksyjwxk4w49XQvFGPlZqMAy-nstnvKvKIfwol6MJVHycOnnuQeovHpGv2Q16P8UxPVrNRp32egHLYd-xNeJCEMGM7RqCVRS5DGVgmW7fKlNM-RhlXFwJ291-MatmhP8b2Ar8Ms9vvez7zdt-RnuZbT2P-4Mz_OxgVVJoL-VdAUGKnBVab0a73j1M0KRdSz-f2ltbKvhl3pK6rcLg2DfxjNfZWd-HoR7uSfYQW3FB5vLuzbSaQhcf6FyHoV7vZTPg1HA18ZQ7EZZeyrPPCSrBltgmcYQTtU2vZZ4ZrJjTljf84ws1bgJxER0nfsnLACoMdUAKqMSDMwbgjgoOmfWIkOaldILs_7_nkVybWveueaZomnjbtLyPJAoFedychraB-1c3CX2vBcFpun6lErs2iIvzSKPasQcURwucsfS9Nf2TgNyazl5OWUfODlvj3_QXqebgvAtsKgrldFIJKPZK8x3lwtHDjd9AD6saoygXOEorsjnjGBsm3av9dvOmrlswF5T0oqbNM-vJgJU6dY7gjUmSvGYri5rdIIBIEndhW1SajPi5OJg0_nRLFxMmnHSU8jxMSujtH8XsmTbvemE6VrjPxwdmkO56gJMO-ZTosBQWuHEJFAeZyz8ZpmeUh4RgPw5uQdu6R3yKi6sIlxFot2FpIQRdN-c39n2EvUWFuLwlWVq1-6-bXrX3WWPObC5KJiWY7XqCkECvOXtMmGfSlOzXXxJ5ucy-PzgQ6_Lpf1aP5g89s081nauf7fehJbGk7w8UIrZ2ivPb64RL9DFCMK7XLxhK2JidR5j-8IMRQGAK3Bdco1u1M7aKvjZEzHu7xpYmn9Ar0DuQJNl5mduyTLXoMPI1Qn5WEhyYiFCkOu--75vtJIpz01GO8WxP7GqQEcDo&bs=1&cookie_sync_ab_gk=1&reader_gdpr_flag=1&reader_gdpr_consent=&gdpr_binary_consent=opt-out&gdpr_comes_from_infopack=0&reader_us_privacy=1---
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.photon_app.983d7cf72c576cd73b9c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.65.124.66 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ingress-03-pub-prod-ix7.vip.dailymotion.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-dm-lb-name
ingress-nginx-nginx-in-cluster-btlgw
date
Mon, 15 May 2023 06:34:22 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-methods
GET
access-control-allow-origin
https://geo.dailymotion.com/
access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type
Oy6hyfNY.js
tpc.googlesyndication.com/sodar/ Frame F899
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 16:10:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
138253
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15406
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 May 2024 16:10:08 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F899
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=showui&format=TRUEVIEW&lid=143&sdkv=h.3.572.0&e=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&id=ima_html5&c=3498604389408478&domain
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame F899
0
0
Image
General
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=CMD6KbdJhZKtKr6L27w_bt7uADPrloM5vrLrt9NQQjNyJn7wBEAEgmYu9L2CV4pCCoAegAeXF1KoCyAEFqQK4Sb-1M2eyPuACAKgDAZgEAKoE7gNP0DKckqmhGa8U0kDXim9vpFKFaUl0Utcbw6r_HM5CwvV36a9J_m1zJXpaeG3mXEUg-iQPmaoUiBcZWDSL2XxvyTRqd4kNWqRk5lxLvYfAyzWPittU61yCsB5srnDYeD9fr7yknN3bW8F2qZAONZ7KzBHT_-SJ2Voo2T5CzOBiL8yDrfjiO2RUvjT_LNMnt6PUJeg4gTIaxUibPO3qnl5XxWAc6lCX84gJ20a8UkIfXFHcVb_tTRsNvCnm4a6TPBx4owMTXcsVzQivsFpJQFuy6zOABH9KCzLcj71GBrMPP7Jh8ehqsAnud4Fo_LiWFxgBMmzNk6G4TViNqhJsk9Lsz-RKa7VUmE4mdSlGH0JjvXncYgm_ALfK-FNVR5jKyJ5lfxCPS2D4ynSjh4r6AaOnzRD-irG5DWVJHRlh3GcKXnxs6L4266oDlCEU-wM3CpO3-1pVUGS0PqD7DYCE0KjAavj28q6AsxVP5cL3udYCvBQs9-xiE-Br8tsEPfuc6JcIxR6Q1x_SFsUP1_OyXIt2KL7eSL1H2PbBMBB0xW8I5vJznDJAvNJN8tuZre7xG9_j2Df4Ps5JKez9QLMXVvB3PQaF9BNHVWJ0O5OGN3e9H-2t31kFWyJJ1cdStiiWCDF9gAq4u0pRQocZSGkbFsAEzY7stP4D4AQBoAZUgAeDuqvVAagHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQwO1dqAgB0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA8gLAcITBhjlxdSqAtgTE9AVAYAXAbIXHgocCAASFHB1Yi02NzM2MjU2NDczMjAyNzMzGOTDDg&sigh=DqGQPkzf2B0&cmd=Ch1jYS12aWRlby1wdWItNDkwMzQ1Mzk3NDc0NTUzMBAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&cid=CAQSPABygQiD70ceAbhYbjXH_BdZOhTwqkadl22z-qkftwc9xaUrivP9uxkd7UTxeFRCo74isr9guwOkJjYoPRgB&sdkv=h.3.572.0
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

/
googleads.g.doubleclick.net/pagead/interaction/ Frame F899
42 B
64 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CBeEJbdJhZKtKr6L27w_bt7uADPrloM5vrLrt9NQQjNyJn7wBEAEgmYu9L2CV4pCCoAegAeXF1KoCyAEFqQK4Sb-1M2eyPuACAKgDAZgEAKoE7gNP0DKckqmhGa8U0kDXim9vpFKFaUl0Utcbw6r_HM5CwvV36a9J_m1zJXpaeG3mXEUg-iQPmaoUiBcZWDSL2XxvyTRqd4kNWqRk5lxLvYfAyzWPittU61yCsB5srnDYeD9fr7yknN3bW8F2qZAONZ7KzBHT_-SJ2Voo2T5CzOBiL8yDrfjiO2RUvjT_LNMnt6PUJeg4gTIaxUibPO3qnl5XxWAc6lCX84gJ20a8UkIfXFHcVb_tTRsNvCnm4a6TPBx4owMTXcsVzQivsFpJQFuy6zOABH9KCzLcj71GBrMPP7Jh8ehqsAnud4Fo_LiWFxgBMmzNk6G4TViNqhJsk9Lsz-RKa7VUmE4mdSlGH0JjvXncYgm_ALfK-FNVR5jKyJ5lfxCPS2D4ynSjh4r6AaOnzRD-irG5DWVJHRlh3GcKXnxs6L4266oDlCEU-wM3CpO3-1pVUGS0PqD7DYCE0KjAavj28q6AsxVP5cL3udYCvBQs9-xiE-Br8tsEPfuc6JcIxR6Q1x_SFsUP1_OyXIt2KL7eSL1H2PbBMBB0xW8I5vJznDJAvNJN8tuZre7xG9_j2Df4Ps5JKez9QLMXVvB3PQaF9BNHVWJ0O5OGN3e9H-2t31kFWyJJ1cdStiiWCDF9gAq4u0pRQocZSGkbFsAEzY7stP4D4AQBoAZUgAeDuqvVAagHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHAagIAdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgPICwHYExPQFQH4FgGAFwE&sigh=U3jmhq4lfss&cmd=Ch1jYS12aWRlby1wdWItNDkwMzQ1Mzk3NDc0NTUzMBAAGAI&label=vast_creativeview&ad_mt=0&acvw=sv%3D951%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D20,500,358,1100%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30000%26vmtime%3D-1%26is%3D33554707%26cs%3D33554706%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D2749%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D267232123%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D3974%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.1%26t%3D1684132461601&sdkv=h.3.572.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU3MjU0OTQ1NTE0ODIMNjA5MjUzNzg5MTUxQPgCUiYQDyUAAPBBKAE6C2lVWG9aOVFuaWZNQglnb29nbGVhZHNI2gJQABgB
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F899
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstkWHh3wJeEawRGqxibVL6c9mEhTpewO5z39vb8DJLIAL27-A-FKW_sPDGD8BeqSRid41udF0wFeNVcG6qi4ElCw9joGQYcFa83ky1OiyPIk75xN6YL-enesvfsvL8bzZ6bqomPVvBMb5jyX_GCrU-8Q0hXofCIs8Ob&sai=AMfl-YToPRpIqwHDKYb0k3KKZgRxY6lejCUv8gARqt4bsSveEd8MledWnJJ_X9gqTwnaEkCw6MB-DcNi-VJcNSC2luM4UcvNEoTKRGOt7oH4q_nnx6Q7vDZIsMpEnyjO&sig=Cg0ArKJSzNdCOeQTIfLQEAE&cid=CAQSPABygQiD70ceAbhYbjXH_BdZOhTwqkadl22z-qkftwc9xaUrivP9uxkd7UTxeFRCo74isr9guwOkJjYoPRgB&id=lidarv&acvw=sv%3D951%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D20,500,358,1100%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554707%26ic%3D33554706%26cs%3D33554706%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D2749%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D267232123%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D3975%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.1%26t%3D1684132461601&avm=1
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame F899
42 B
64 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CBeEJbdJhZKtKr6L27w_bt7uADPrloM5vrLrt9NQQjNyJn7wBEAEgmYu9L2CV4pCCoAegAeXF1KoCyAEFqQK4Sb-1M2eyPuACAKgDAZgEAKoE7gNP0DKckqmhGa8U0kDXim9vpFKFaUl0Utcbw6r_HM5CwvV36a9J_m1zJXpaeG3mXEUg-iQPmaoUiBcZWDSL2XxvyTRqd4kNWqRk5lxLvYfAyzWPittU61yCsB5srnDYeD9fr7yknN3bW8F2qZAONZ7KzBHT_-SJ2Voo2T5CzOBiL8yDrfjiO2RUvjT_LNMnt6PUJeg4gTIaxUibPO3qnl5XxWAc6lCX84gJ20a8UkIfXFHcVb_tTRsNvCnm4a6TPBx4owMTXcsVzQivsFpJQFuy6zOABH9KCzLcj71GBrMPP7Jh8ehqsAnud4Fo_LiWFxgBMmzNk6G4TViNqhJsk9Lsz-RKa7VUmE4mdSlGH0JjvXncYgm_ALfK-FNVR5jKyJ5lfxCPS2D4ynSjh4r6AaOnzRD-irG5DWVJHRlh3GcKXnxs6L4266oDlCEU-wM3CpO3-1pVUGS0PqD7DYCE0KjAavj28q6AsxVP5cL3udYCvBQs9-xiE-Br8tsEPfuc6JcIxR6Q1x_SFsUP1_OyXIt2KL7eSL1H2PbBMBB0xW8I5vJznDJAvNJN8tuZre7xG9_j2Df4Ps5JKez9QLMXVvB3PQaF9BNHVWJ0O5OGN3e9H-2t31kFWyJJ1cdStiiWCDF9gAq4u0pRQocZSGkbFsAEzY7stP4D4AQBoAZUgAeDuqvVAagHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHAagIAdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgPICwHYExPQFQH4FgGAFwE&sigh=U3jmhq4lfss&cmd=Ch1jYS12aWRlby1wdWItNDkwMzQ1Mzk3NDc0NTUzMBAAGAI&label=part2viewed&ad_mt=0&acvw=sv%3D951%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D20,500,358,1100%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554707%26i0%3D33554707%26ic%3D0%26cs%3D33554706%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D2749%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D267232123%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D3976%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.1%26t%3D1684132461601&sdkv=h.3.572.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU3MjU0OTQ1NTE0ODIMNjA5MjUzNzg5MTUxQPgCUiYQDyUAAPBBKAE6C2lVWG9aOVFuaWZNQglnb29nbGVhZHNI2gJQABgB
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame F899
42 B
64 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CBeEJbdJhZKtKr6L27w_bt7uADPrloM5vrLrt9NQQjNyJn7wBEAEgmYu9L2CV4pCCoAegAeXF1KoCyAEFqQK4Sb-1M2eyPuACAKgDAZgEAKoE7gNP0DKckqmhGa8U0kDXim9vpFKFaUl0Utcbw6r_HM5CwvV36a9J_m1zJXpaeG3mXEUg-iQPmaoUiBcZWDSL2XxvyTRqd4kNWqRk5lxLvYfAyzWPittU61yCsB5srnDYeD9fr7yknN3bW8F2qZAONZ7KzBHT_-SJ2Voo2T5CzOBiL8yDrfjiO2RUvjT_LNMnt6PUJeg4gTIaxUibPO3qnl5XxWAc6lCX84gJ20a8UkIfXFHcVb_tTRsNvCnm4a6TPBx4owMTXcsVzQivsFpJQFuy6zOABH9KCzLcj71GBrMPP7Jh8ehqsAnud4Fo_LiWFxgBMmzNk6G4TViNqhJsk9Lsz-RKa7VUmE4mdSlGH0JjvXncYgm_ALfK-FNVR5jKyJ5lfxCPS2D4ynSjh4r6AaOnzRD-irG5DWVJHRlh3GcKXnxs6L4266oDlCEU-wM3CpO3-1pVUGS0PqD7DYCE0KjAavj28q6AsxVP5cL3udYCvBQs9-xiE-Br8tsEPfuc6JcIxR6Q1x_SFsUP1_OyXIt2KL7eSL1H2PbBMBB0xW8I5vJznDJAvNJN8tuZre7xG9_j2Df4Ps5JKez9QLMXVvB3PQaF9BNHVWJ0O5OGN3e9H-2t31kFWyJJ1cdStiiWCDF9gAq4u0pRQocZSGkbFsAEzY7stP4D4AQBoAZUgAeDuqvVAagHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHAagIAdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgPICwHYExPQFQH4FgGAFwE&sigh=U3jmhq4lfss&cmd=Ch1jYS12aWRlby1wdWItNDkwMzQ1Mzk3NDc0NTUzMBAAGAI&label=admute&ad_mt=0&acvw=sv%3D951%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D20,500,358,1100%26tos%3D37,0,0,0,0%26mtos%3D37,37,37,37,37%26amtos%3D0,0,0,0,0%26mcvt%3D37%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D37%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D37%26pst%3D-1%26dur%3D30000%26vmtime%3D-1%26dvs%3D37%26dfvs%3D37%26dvpt%3D37%26is%3D33554707%26i0%3D33554707%26ic%3D4096%26cs%3D33558802%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D2749%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D267232123%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D3981%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,37,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.1%26t%3D1684132461601&sdkv=h.3.572.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU3MjU0OTQ1NTE0ODIMNjA5MjUzNzg5MTUxQPgCUiYQDyUAAPBBKAE6C2lVWG9aOVFuaWZNQglnb29nbGVhZHNI2gJQABgB
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
st.pubmatic.com/ Frame 7866
0
49 B
Image
General
Full URL
https://st.pubmatic.com/track?operId=7&p=158810&s=0&a=2934480&ts=1684132461&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.221 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 15 May 2023 06:34:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
cast_sender.js
www.gstatic.com/eureka/clank/113/ Frame 4871
51 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/eureka/clank/113/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a54e29a4b1f0cdf4f5cb2e77963987ff5051d96515bf7ee4cf0a17a28756539
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:31:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
169
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15228
x-xss-protection
0
last-modified
Mon, 13 Mar 2023 15:06:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Tue, 16 May 2023 06:31:33 GMT
/
track-selectmedia.com/trackv4/
0
17 B
Image
General
Full URL
https://track-selectmedia.com/trackv4/?d10=IT&d12=Chrome&d14=338X600&d19=10&d2=1684132200&d20=113.0.0&d23=tag_5f40f04e-17fa-49cf-ae12-28a8f5bc005c&d24=e1da33b2-5df6-46fc-a1b0-e9494976c808&d25=fee06c3e-0c86-4f3a-ae7d-b4a40c03835b&d3=413cb585-3a5f-47af-b38f-bfa872f9a666&d4=5cc8935c-b8e7-4e62-97fc-d3dc58e709bd&d5=eqywj.katerionews.com&d8=1&d9=Windows&channelkey=dHMxPTVjYzg5MzVjLWI4ZTctNGU2Mi05N2ZjLWQzZGM1OGU3MDliZCZ0czI9MSZ0czM9MiZ0czQ9MQ==&d28=1332&d33=20&d34=-1&d35=1&d36=1&d37=1&d38=1&d40=20&d26=600x338&d27=1&adSourceKey=YWRzMT1iOWFlNzlkOC04ZGUzLTQ0YjAtOTFmYS04Y2EwZmIyOTA4YmImYWRzMj0xJmFkczM9MiZhZHM2PTAmYWRzNz0xJmFkczg9NDNiZmI0MDYtNjlkYy00NzA0LTlmNDEtMWI3ODkyYmY1NDkxJmFkczk9MA==&d30=30&adsourceId=b9ae79d8-8de3-44b0-91fa-8ca0fb2908bb&cb=1684132462018-7f335bbd-2c47-4776-a11c-a763a83389be&e=5
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:22 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
allowedmethods
GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials
true
allowedheaders
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
track-selectmedia.com/trackv4/
0
17 B
Image
General
Full URL
https://track-selectmedia.com/trackv4/?d10=IT&d12=Chrome&d14=338X600&d19=10&d2=1684132200&d20=113.0.0&d23=tag_5f40f04e-17fa-49cf-ae12-28a8f5bc005c&d24=e1da33b2-5df6-46fc-a1b0-e9494976c808&d25=fee06c3e-0c86-4f3a-ae7d-b4a40c03835b&d3=413cb585-3a5f-47af-b38f-bfa872f9a666&d4=5cc8935c-b8e7-4e62-97fc-d3dc58e709bd&d5=eqywj.katerionews.com&d8=1&d9=Windows&channelkey=dHMxPTVjYzg5MzVjLWI4ZTctNGU2Mi05N2ZjLWQzZGM1OGU3MDliZCZ0czI9MSZ0czM9MiZ0czQ9MQ==&d28=1332&d33=20&d34=-1&d35=1&d36=1&d37=1&d38=1&d40=20&d26=600x338&d27=1&adSourceKey=YWRzMT1iOWFlNzlkOC04ZGUzLTQ0YjAtOTFmYS04Y2EwZmIyOTA4YmImYWRzMj0xJmFkczM9MiZhZHM2PTAmYWRzNz0xJmFkczg9NDNiZmI0MDYtNjlkYy00NzA0LTlmNDEtMWI3ODkyYmY1NDkxJmFkczk9MA==&adsourceId=b9ae79d8-8de3-44b0-91fa-8ca0fb2908bb&cb=1684132462018-750c7354-242a-429f-94ea-0724968e3457&e=6
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:22 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
allowedmethods
GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials
true
allowedheaders
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
track-selectmedia.com/trackv4/
0
17 B
Image
General
Full URL
https://track-selectmedia.com/trackv4/?d10=IT&d12=Chrome&d14=338X600&d19=10&d2=1684132200&d20=113.0.0&d23=tag_5f40f04e-17fa-49cf-ae12-28a8f5bc005c&d24=e1da33b2-5df6-46fc-a1b0-e9494976c808&d25=fee06c3e-0c86-4f3a-ae7d-b4a40c03835b&d3=413cb585-3a5f-47af-b38f-bfa872f9a666&d4=5cc8935c-b8e7-4e62-97fc-d3dc58e709bd&d5=eqywj.katerionews.com&d8=1&d9=Windows&channelkey=dHMxPTVjYzg5MzVjLWI4ZTctNGU2Mi05N2ZjLWQzZGM1OGU3MDliZCZ0czI9MSZ0czM9MiZ0czQ9MQ==&d28=1332&d33=20&d34=-1&d35=1&d36=1&d37=1&d38=1&d40=20&adSourceKey=YWRzMT1iOWFlNzlkOC04ZGUzLTQ0YjAtOTFmYS04Y2EwZmIyOTA4YmImYWRzMj0xJmFkczM9MiZhZHM2PTAmYWRzNz0xJmFkczg9NDNiZmI0MDYtNjlkYy00NzA0LTlmNDEtMWI3ODkyYmY1NDkxJmFkczk9MA==&adsourceId=b9ae79d8-8de3-44b0-91fa-8ca0fb2908bb&cb=1684132462021-12b13bf1-5b41-4cf4-90f4-047f5200c80e&e=11
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:22 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
allowedmethods
GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials
true
allowedheaders
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ Frame BA84
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300&subset=latin,cyrillic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://waaw.to
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 00:21:44 GMT
x-content-type-options
nosniff
age
195158
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 May 2024 00:21:44 GMT
segment.7.js
waaw.to/js/ Frame BA84
7 KB
3 KB
Script
General
Full URL
https://waaw.to/js/segment.7.js?157
Requested by
Host: waaw.to
URL: https://waaw.to/player/embed_player.php?vpn=1&vid=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
Google Frontend /
Resource Hash
2b9882b1d4950f6e9ec65efbef9636a76a43b423302695035cf88b8c44474acd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://waaw.to/player/embed_player.php?vpn=1&vid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
cache
date
Mon, 15 May 2023 06:34:21 GMT
content-encoding
gzip
x-cache-status-inferno-s
HIT
last-modified
Fri, 10 Dec 2021 17:25:16 GMT
server
Google Frontend
etag
W/"61b38d7c-1c01"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
x-inferno-location
static
accessing-static
1
ABCFavoritMedium.49884d379d5f27f75991f15de4d231cb.woff2
static1.dmcdn.net/playerv5/fonts/ Frame 4871
52 KB
52 KB
Font
General
Full URL
https://static1.dmcdn.net/playerv5/fonts/ABCFavoritMedium.49884d379d5f27f75991f15de4d231cb.woff2
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
2d7e04f93797dca868560733bfe7342aabd013ae8bba52073a35bc5fd99e830b

Request headers

Referer
https://geo.dailymotion.com/
Origin
https://geo.dailymotion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:22 GMT
last-modified
Thu, 27 Apr 2023 13:00:57 GMT
server
DMS/1.0.42
age
1531851
etag
"644a7209-ce44"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000
server-timing
total;dur=0, dc;desc="dc3"
accept-ranges
bytes
timing-allow-origin
*
content-length
52804
x-llid
ae786f644d140dd47dd2eda9e7b99782
expires
Sat, 27 May 2023 13:03:31 GMT
hhrtBw21.html
tpc.googlesyndication.com/sodar/ Frame 8183
23 KB
9 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
190463
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 13 May 2023 01:39:59 GMT
expires
Sun, 12 May 2024 01:39:59 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
x80idv5.m3u8
www.dailymotion.com/cdn/manifest/video/ Frame 4871
3 KB
2 KB
XHR
General
Full URL
https://www.dailymotion.com/cdn/manifest/video/x80idv5.m3u8?sec=zH6eGBmd0gs1w1zf6kSnVTT_VtadiIh1haDJ-Px52ua9S5rUE7q9fBeavEdNaXJx&dmTs=953616&dmV1st=57a8aa54-71c4-4cfe-af38-8243cd3a9029
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.vendors~hlsjs_stable.8ac8809237b9a52466f8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.90 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
fp.dc3.dailymotion.com
Software
DMS/1.0.42 /
Resource Hash
43cf947b8b7cae654a40eb72005b289d2e2c7b4107b312a65029997bc8fbd56d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31708800; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Security-Policy
upgrade-insecure-requests
Content-Encoding
gzip
Date
Mon, 15 May 2023 06:34:22 GMT
Strict-Transport-Security
max-age=31708800; includeSubDomains; preload
Content-Security-Policy-Report-Only
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Server-Timing
total;dur=23, dc;desc="dc3"
Content-Length
936
Referrer-Policy
no-referrer-when-downgrade
Server
DMS/1.0.42
Expect-Ct
max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Vary
X-DM-SSL,Accept-Encoding
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
https://geo.dailymotion.com
Cache-Control
private, max-age=600
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
*
Expires
Mon, 15 May 2023 06:44:22 +0000
track
track1.aniview.com/ Frame 7866
0
0

playback
www.youtube.com/api/stats/ Frame F899
0
0
Image
General
Full URL
https://www.youtube.com/api/stats/playback?ns=yt&fexp=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&el=adunit&cpn=XxiX2L9riJ0dluiM&docid=iUXoZ9QnifM&visitordata=CgswSEFVRzVVdV9hQQ%253D%253D&of=-_xhI4eL4MjOL53E0nwGhA&ver=2&cmt=0.286&fmt=18&rt=0.000&adformat=2_2_1&euri&len=30.000&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=113.0.5672.92&cos=Win32&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=28&rtn=10
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

netu.php
testingmetriksbre.ru/ Frame BA84
1 KB
871 B
Script
General
Full URL
https://testingmetriksbre.ru/netu.php
Requested by
Host: waaw.to
URL: https://waaw.to/player/embed_player.php?vpn=1&vid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:aa2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash
fd45bb46808611318ab74c39100ef0aa9aa78e5ad508e6219d0ec8d4d52f2a46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://waaw.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.1.33
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JkfOB1Hl6H82cihiuU22sdvCOSBhyGyFmU70OUSgCmH6wiW03B8UNYl4iARC%2FGlwHr16meU4v9EsyvuOocumVYnw7YvLsWWLMXDRPMRAAZQZ97bqXqEHobGndtpdxdH8z6MyRGC7SohmA30SuQuK%2B7CGPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
7c795ad11c7418b3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
484587185_mp4_h264_aac.m3u8
proxy-045.dc3.dailymotion.com/sec(Y1vpsrJkRaxa6jF-j2RR0nUqa8UtGVFRFGjxq4VPF8O3djLqnBEE0Qn3KZ_A-WiEz6roHNNRQlggpvuM_h3ox5OpHKgKYK0eKLmbHtaDvNo)/video/581/785/ Frame 4871
6 KB
746 B
XHR
General
Full URL
https://proxy-045.dc3.dailymotion.com/sec(Y1vpsrJkRaxa6jF-j2RR0nUqa8UtGVFRFGjxq4VPF8O3djLqnBEE0Qn3KZ_A-WiEz6roHNNRQlggpvuM_h3ox5OpHKgKYK0eKLmbHtaDvNo)/video/581/785/484587185_mp4_h264_aac.m3u8
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.vendors~hlsjs_stable.8ac8809237b9a52466f8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.126.210 Vaux-sur-Seine, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
proxy-045.dc3.dailymotion.com
Software
lumberjack/2.5.2 /
Resource Hash
c1e73f8f646a816e70ed819bee6c37bf1f01f29e11b273e14711b5b5831443d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Mon, 15 May 2023 06:34:22 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Aug 2021 04:02:39 GMT
Server
lumberjack/2.5.2
Access-Control-Max-Age
600
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, public
Accept-Ranges
bytes
Content-Length
367
Expires
Tue, 16 May 2023 06:34:22 GMT
error.php
prebid.smilewanted.com/track/analytics/
0
118 B
Ping
General
Full URL
https://prebid.smilewanted.com/track/analytics/error.php?id_site=22469&id_format=24&id_device=1&code_partner=smilewanted&error_json=%7B%22type%22%3A%22adPlayError%22%2C%22errorCode%22%3A901%2C%22errorMessage%22%3A%22An%20unexpected%20error%20occurred%20within%20the%20VPAID%20creative.%20Refer%20to%20the%20inner%20error%20for%20more%20info.%22%2C%22innerError%22%3A%22Error%3A%20No%20Ad%22%7D&config_json=%7B%22site_id%22%3A22469%2C%22device_id%22%3A1%2C%22domaine%22%3A%22katerionews_com_27f21a7%22%2C%22format%22%3A%22corner-video%22%2C%22format_stats%22%3A%22corner_video%22%2C%22diff_jw%22%3Atrue%2C%22capping_type%22%3A%22jour%22%2C%22contenu%22%3Atrue%2C%22contenu_type%22%3A%22hosted_sw%22%2C%22close%22%3Atrue%2C%22close_type%22%3A%22percent%22%2C%22close_val%22%3A90%2C%22sound_hover%22%3Afalse%2C%22tags_vast%22%3A%5B%22https%3A%2F%2Fsearch.spotxchange.com%2Fvast%2F2.00%2F271231%3FVPAID%3DJS%26content_page_url%3Dhttps%3A%2F%2Feqywj.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4%26cb%3D__timestamp__%26VMaxd%3D120%26custom_skin%3D1%26player_width%3D640%26player_height%3D480%26custom%5Bvd%5D%3D0%26schain%3D1.0%2C1!smilewanted.com%2C4192%2C1%2C%2Cpurifydigital.com%2Cpurifydigital.com%2C%22%2C%22https%3A%2F%2Fvast.aniview.com%2Fapi%2Fadserver61%2Fvast%2F%3FAV_PUBLISHERID%3D5ef4bc022e79664d2b473869%26AV_CHANNELID%3D5fd512d6c22e4d461a608c85%26logo%3Dfalse%26vastretry%3D3%26AV_URL%3Dhttps%3A%2F%2Feqywj.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4%26cb%3D__timestamp__%26AV_GDPR%3D1%26AV_CONSENT%3Dundefined%26AV_CUSTOM1%3D594147%26AV_CUSTOM2%3D1819404%26AV_CUSTOM3%3D0%26AV_CUSTOM4%3D0%26AV_CUSTOM5%3D0%26AV_CUSTOM6%3D0%26AV_CUSTOM7%3D271231%26AV_CUSTOM8%3D0%26AV_CUSTOM9%3Dinstream_sans_algo%26AV_CUSTOM10%3D1.0%252C1%2521smilewanted.com%252C4192%252C1%252C%252Cpurifydigital.com%252Cpurifydigital.com%252C%22%5D%2C%22dm_nb_video%22%3A1%2C%22nb_dm_videos%22%3A3%2C%22passback%22%3A%22%22%2C%22capping_num%22%3A0%2C%22dm_videos_ids%22%3A%5B%22x80idv5%22%2C%22x86t4da%22%2C%22x7yinbp%22%2C%22x7wj119%22%2C%22x81iuq0%22%2C%22x85sfe6%22%2C%22x7y4j2k%22%2C%22x84026m%22%2C%22x7xly5v%22%2C%22x7zjhqt%22%5D%2C%22timeout_jw%22%3A10%2C%22timeout_dm%22%3A3000%2C%22timeout_pb%22%3A12000%2C%22contenu_src%22%3A%22https%3A%2F%2Fstatic.smilewanted.com%2Fvideo%2F2019%2F04%2F05%2F4470.mp4%22%2C%22r%22%3Atrue%2C%22nb_i_d%22%3A2%2C%22nb_m_c%22%3A3%2C%22c_c%22%3Afalse%2C%22config_hb%22%3A%5B%5D%7D
Requested by
Host: tags.smilewanted.com
URL: https://tags.smilewanted.com/formats/config_formats/corner-video-ima/katerionews_com_27f21a7/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eqywj.katerionews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryPW5QyIUuNFNs9RGS

Response headers

date
Mon, 15 May 2023 06:34:22 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://eqywj.katerionews.com, https://eqywj.katerionews.com
access-control-allow-credentials
true, true
cf-ray
7c795ad179b32c00-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With, Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js
pagead2.googlesyndication.com/bg/ Frame 8183
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03a0e4a85c470c697b9cab256a97ff2704a034b9394b9d67c4aaf6c5d421b5d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 21:19:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
33283
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14779
x-xss-protection
0
last-modified
Mon, 08 May 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 May 2024 21:19:39 GMT
f.php
testingmetriksbre.ru/ Frame FDA9
4 KB
2 KB
Document
General
Full URL
https://testingmetriksbre.ru/f.php?sid=212040
Requested by
Host: testingmetriksbre.ru
URL: https://testingmetriksbre.ru/netu.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:aa2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash
23ba7f6d6b7429f5b450ecbe67907f7f384e9145d846664daa7dd4682a0787b9

Request headers

Referer
https://waaw.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
7c795ad1ac05365f-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 15 May 2023 06:34:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=693h%2Ba0JUAo9IFDJr%2FudmVuEpCXvXD5FpIoc4aoUzCAWC29nltQsz3KZS02dN4qsCE7WkA%2Fidn5F%2BIk8zHG8mOJV%2B%2FViBtpLImFDA2vcHhX0%2Fhwnj2ClML2WmzMXDfoxCK18gxGVMnXGLdLdGsjkqzTxPw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.1.33
x-robots-tag
noindex
484587185_mp4_h264_aac.ts
proxy-045.dc3.dailymotion.com/sec(Y1vpsrJkRaxa6jF-j2RR0nUqa8UtGVFRFGjxq4VPF8O3djLqnBEE0Qn3KZ_A-WiEz6roHNNRQlggpvuM_h3ox5OpHKgKYK0eKLmbHtaDvNo)/atrk(0)/frag(1)/video/581/785/ Frame 4871
155 KB
155 KB
XHR
General
Full URL
https://proxy-045.dc3.dailymotion.com/sec(Y1vpsrJkRaxa6jF-j2RR0nUqa8UtGVFRFGjxq4VPF8O3djLqnBEE0Qn3KZ_A-WiEz6roHNNRQlggpvuM_h3ox5OpHKgKYK0eKLmbHtaDvNo)/atrk(0)/frag(1)/video/581/785/484587185_mp4_h264_aac.ts
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.vendors~hlsjs_stable.8ac8809237b9a52466f8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.126.210 Vaux-sur-Seine, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
proxy-045.dc3.dailymotion.com
Software
lumberjack/2.5.2 /
Resource Hash
5480fc596dda1a851a385048fc9952f59b0fa46286267ca80bbccfa6a580fa9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Mon, 15 May 2023 06:34:22 GMT
Last-Modified
Wed, 11 Aug 2021 04:02:39 GMT
Server
lumberjack/2.5.2
Access-Control-Max-Age
600
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, public
Accept-Ranges
bytes
Content-Length
158296
Expires
Tue, 16 May 2023 06:34:22 GMT
0a53eb19-8e09-4bcc-9717-7a009d520647
https://geo.dailymotion.com/ Frame 4871
65 KB
0
Other
General
Full URL
blob:https://geo.dailymotion.com/0a53eb19-8e09-4bcc-9717-7a009d520647
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a5e40c41a359f601b100331ed08088e4bfec229c2b9cc70c67ae27fb642dd3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Length
66540
Content-Type
text/javascript
banner.gif
testingmetriksbre.ru/ads/ Frame FDA9
42 B
502 B
Image
General
Full URL
https://testingmetriksbre.ru/ads/banner.gif
Requested by
Host: testingmetriksbre.ru
URL: https://testingmetriksbre.ru/f.php?sid=212040
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:aa2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://testingmetriksbre.ru/f.php?sid=212040
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:22 GMT
cf-cache-status
DYNAMIC
last-modified
Tue, 05 Jul 2022 17:05:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"62c46f48-2a"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aMVePQJauKACeL%2Fos01pbDwfshzJLug5skMIEPJkTO9ur6ZH4Lh1QiuzyGIFGOPDgo3BXrAeb5hJokvBYNdbhxXUq8Hhy%2BIOHjcsGLCK%2B%2BYhgec05v2bFMamCARI1UJDThNFN1x4HsiQNmTMBrl6l3QmYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
accept-ranges
bytes
cf-ray
7c795ad22cac365f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42
f.php
videocdnmetrika.com/ Frame FDA9
4 KB
2 KB
Document
General
Full URL
https://videocdnmetrika.com/f.php?sid=212040&rand=62541577
Requested by
Host: testingmetriksbre.ru
URL: https://testingmetriksbre.ru/f.php?sid=212040
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash
31185c8b5e4ef1a9e83fcb0b1c82d60a32f4553a9bd4325639922b94a2badcb8

Request headers

Referer
https://testingmetriksbre.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
7c795ad26f97901c-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 15 May 2023 06:34:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YP4NQUSRufbFjSYtkpNwZ0i53quDldDnmVmvf6YH0Yzf0zhzt0%2Bb1Aa7HRRpSBKE6UhVlMdXin2iMafAyTvfeWf1j8NfjptW9zSEj787hrD42MZs61m5%2FOsoQN1n4gWX3HMCkNOl356RMgdviWX0Oe3N"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.1.33
x-robots-tag
noindex
sodar
pagead2.googlesyndication.com/pagead/ Frame EE2C
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230510&jk=3300188462687036&bg=!j4yljNjNAAYldGN0BXQ7ADkAdvg8WvfnQRdQsOAzELYvsCozLunSQdEx5BbQwrxCNWw_PPIJTtzGw8QB9pSEIrfbrJdgkaeJwncCAAABPVIAAAADaAEHCgBsu3OIgb2M39K46JTzLbTQEFoddoWHaHo3IScEcRKqR3bK8DllenUMLVHfEK7IhIurqlkIsCU-tcQtec9wgo1dy1HiICojVCwVZLIQsQuMgAZ3uDq32qAMqQJIsEPS_XNelNC24YXFViiggGJsmQLGNh7cs_3HN4yF1oCpvjaLL4osnyQk22cU4ve0QWRcQn9P101gGzqnZpWq7ZjcxcSty9Jgbmjm-AKW2ylj_wrpEhQ3Hj8VlBUvu2K5q4kYeejfrqlE8jugYluUnEsnl19R33HTC3D-b5rlCP9DTqAFmiyB_IXY3lIlBBgDZ86l38f2_M_ZHiknKjtYTcEeLTEDtcNShqlEIQe3z5B25LeL0BCbJDCkZI6-iEy3Hiko4N0MxqalFj-fGNPHmHMn7xaqdi0MqdcBfp23b8bCXoNC7przK0c_SFWoSZ-u-d9qlOelSVz7Rx56jh9lg9rxR0peCUvMLRNRuK6O0kfWqhvnc0jZ6byrqo-TPNv7j7DPD6D4BsFS4f5SvgwZM9gRPRRzghUvEiUMq1JvstO5YtplFdaVYQAg4tu7V1WIQiNbAsOCsNh3OKy5bZ8Ef9Qt_mnI_-TBTevYcAxetABKfMEun9wQRSO8V0zh_bfcsBuVaMTTncHSOyt3qVFO8mbkUOn2FpgjezgS0jgNuGqoAnC8kK72-8ZwIZxYCSTelv2E3-DdyUV9nV6kC9Vvb0NYhNZa5BUEWmjWfl-MYFGUwYK4YQfAT5m9d-2x7E-xBhe8x0JpvGOEG1qYX_JoPUKO7_rrXcHtxtE8WEixDgkrlP2YtWwRKl9IhfsXQAnjz_ot5YZ61ao5jsJaYqqxAoU_nA0--xpDejS_VsNUOjIjwK_wtwBPG1jkLhMdyK4M4wkxiGRlG8TlK40UVrGFKh63-qXT-ih7CudC4xS4o5actliBpZh0x2QdMplC0exbE2Eam108-TYBidKtkbrd0Dx-yoCImvuk-dfmnpXAGegnEIgWT1gNhndV57VQdwVOZ8WuDVU1OdSblSXaGovWSJ8eO3EicZfXTkE1bfSw98UrYqC_bSZ5Kvuf1rQpFRZI6HIuJKJAmpBoxn4
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

banner.gif
videocdnmetrika.com/ads/ Frame FDA9
42 B
415 B
Image
General
Full URL
https://videocdnmetrika.com/ads/banner.gif
Requested by
Host: videocdnmetrika.com
URL: https://videocdnmetrika.com/f.php?sid=212040&rand=62541577
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://videocdnmetrika.com/f.php?sid=212040&rand=62541577
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:22 GMT
cf-cache-status
HIT
last-modified
Tue, 05 Jul 2022 17:05:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2787
etag
"62c46f48-2a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ug43vHGtZQ9og0woQ7LywrTonFNqeoaaJW8%2FWycLmf6sK4r8PKmPnlsYHyd2y27rXxFNavX7OC2WQ6oA4gT%2F%2FCyyYHAQnYuD6M%2FczbYoJ2iL1xFgJzpK0ejImuEFDXUvvoXkah6kU%2BpLYN4vMdNUh%2B%2Br"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7c795ad2e819901c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42
tag.js
cdn.jsdelivr.net/npm/yandex-metrica-watch/ Frame FDA9
213 KB
88 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
Requested by
Host: videocdnmetrika.com
URL: https://videocdnmetrika.com/f.php?sid=212040&rand=62541577
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8bbed2b8ca4e0a8532496fbeaac3ba7f97c964f5ccf704224da0263e79f9a185
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://videocdnmetrika.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 15 May 2023 06:34:22 GMT
x-content-type-options
nosniff
content-encoding
br
age
19891
x-jsd-version
1.274.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
89128
x-served-by
cache-fra-eddf8230078-FRA
x-jsd-version-type
version
etag
W/"3545d-fnsNgR4saniyknGB9bqq0zV8j7M"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8183
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.572.0&bgai=BJD-MbdJhZKtKr6L27w_bt7uADAAAAAA4AboFEwjYit2o2vb-AhXmwLsIHV50DUc&bg=!Z2SlZDDNAAYldGN0BXQ7ADkAdvg8WlRKUpCaIppBYF_O_LTchiX9yoVTzxRp4GsG9eQXYKn2IQfFv_zM5gcVf8ZZlOXu1LTeE_0CAAAAqVIAAAACaAEHCgCVwKisJONIcwaJ7fIPok_iOYGcC5aJhJTz0B88fa--TUnjO_0XyGMfCLtULhKFhONztL8eszvs1LIhiiFQ1cDsrD2C8GWdErTv-Bayd6m-A9gyn2uGw08_NfIBcfmQz80fzshLTRL5HN0JIad8NIeBozbbm-Gdbn3KJZK_ykkF-WpSeL5_FXZdtpJGjnRgFZIL-A8FUvuZAmq9eGWQkkMu2x53lbI6Lcj3raYsM0ZfTREQZdPBG650EstAvg242YhLTKPjyahxUxq0bvX0J0EQY9qYDYDaCCSqZP4mZEChnhqp_WqvxmgBaTcDM0-PMazVskoOHR3JbafR_Johvqi0AcbLBYCFHxW7hThoGeIWHnDT_CuLpPuJKoqdRpvX2ukE4_-__XIILJQxvHXFjmTfkBdZtNo_BErmGt15PXavDm3yahUA_L0SkkxJWZ6iY_yUZBBL5Tpco7z2l_0ZrySt-48QEEvGhfMPUB4W57A6DmuG1WNFDNtKRBa1QjNBQF_x_ElWDwI4v5NicXL9hDHvqK68sI1t5Nk-9sQme5aWl9UjV7p7arqt19ICVLg0stTSu14Oq2VDrNqB0bsigp7gpu_3ub73l_0V73KyJyJ5ZWSXbrLOQoLf0M37-CcSzvHIayzc6m0IqWI88aoD6yxOTYvxRiqjpRVoJjtm9ztEeBvW4yfX2D-Q4cFfxANdMQchf7mgxamvcYXH5wu121HvZ1kbHrHQNk85xgZ61lT4xSrYRgjl4GwINQ6nGuk6B5psQ7jpulfOpbegmFwRSbFRgX3Y1acVh40a29FOMa7N0gvdTcTM3imQeALdwbMxNxvltoTn_Os2tPP4JJx2aY7UFMI0jngXAHp9rut0e6YMTjGnquvV8Cqr9dgKWp0giuPv7ZEwlYOmXW66rk_IJBlPjacCWnXbk9EzpA184nB04UAmu0YnL7-fawnnGsZx6Gbzq45WNqnhZ0irkGWMSJzdGCPNr9n846qJ8yfsGk4-L_uWweBHMRHSvbqxUzeApmr75DM
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
advert.gif
mc.yandex.ru/metrika/ Frame FDA9
43 B
511 B
Image
General
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: videocdnmetrika.com
URL: https://videocdnmetrika.com/f.php?sid=212040&rand=62541577
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://videocdnmetrika.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:22 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 05 May 2023 15:14:23 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"6454f31f-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Mon, 15 May 2023 07:34:22 GMT
1
mc.yandex.ru/watch/90175160/ Frame FDA9
Redirect Chain
  • https://mc.yandex.ru/watch/90175160?wmode=7&page-url=https%3A%2F%2Fvideocdnmetrika.com%2Ff.php%3Fsid%3D212040%26rand%3D62541577&page-ref=https%3A%2F%2Ftestingmetriksbre.ru%2F&charset=utf-8&uah=chm%...
  • https://mc.yandex.ru/watch/90175160/1?wmode=7&page-url=https%3A%2F%2Fvideocdnmetrika.com%2Ff.php%3Fsid%3D212040%26rand%3D62541577&page-ref=https%3A%2F%2Ftestingmetriksbre.ru%2F&charset=utf-8&uah=ch...
435 B
518 B
XHR
General
Full URL
https://mc.yandex.ru/watch/90175160/1?wmode=7&page-url=https%3A%2F%2Fvideocdnmetrika.com%2Ff.php%3Fsid%3D212040%26rand%3D62541577&page-ref=https%3A%2F%2Ftestingmetriksbre.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73idgcr0qjmn%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1031%3Acn%3A1%3Adp%3A0%3Als%3A135783218577%3Ahid%3A236826711%3Az%3A0%3Ai%3A20230515063422%3Aet%3A1684132463%3Ac%3A1%3Arn%3A786198912%3Arqn%3A1%3Au%3A168413246333813388%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A15%2C18%2C62%2C1%2C0%2C0%2C%2C24%2C0%2C%2C%2C%2C121%3Aco%3A0%3Acpf%3A1%3Ans%3A1684132462438%3Arqnl%3A1%3Ast%3A1684132463%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
60eb7f9a105f812fdae22991315fc6ffbfb10c35690c2fd089ddccefc55057c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://videocdnmetrika.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Mon, 15-May-2023 06:34:22 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://videocdnmetrika.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
435
x-xss-protection
1; mode=block
expires
Mon, 15-May-2023 06:34:22 GMT

Redirect headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:22 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 15-May-2023 06:34:22 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/90175160/1?wmode=7&page-url=https%3A%2F%2Fvideocdnmetrika.com%2Ff.php%3Fsid%3D212040%26rand%3D62541577&page-ref=https%3A%2F%2Ftestingmetriksbre.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73idgcr0qjmn%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1031%3Acn%3A1%3Adp%3A0%3Als%3A135783218577%3Ahid%3A236826711%3Az%3A0%3Ai%3A20230515063422%3Aet%3A1684132463%3Ac%3A1%3Arn%3A786198912%3Arqn%3A1%3Au%3A168413246333813388%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A15%2C18%2C62%2C1%2C0%2C0%2C%2C24%2C0%2C%2C%2C%2C121%3Aco%3A0%3Acpf%3A1%3Ans%3A1684132462438%3Arqnl%3A1%3Ast%3A1684132463%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin
https://videocdnmetrika.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Mon, 15-May-2023 06:34:22 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F899
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstkWHh3wJeEawRGqxibVL6c9mEhTpewO5z39vb8DJLIAL27-A-FKW_sPDGD8BeqSRid41udF0wFeNVcG6qi4ElCw9joGQYcFa83ky1OiyPIk75xN6YL-enesvfsvL8bzZ6bqomPVvBMb5jyX_GCrU-8Q0hXofCIs8Ob&sai=AMfl-YToPRpIqwHDKYb0k3KKZgRxY6lejCUv8gARqt4bsSveEd8MledWnJJ_X9gqTwnaEkCw6MB-DcNi-VJcNSC2luM4UcvNEoTKRGOt7oH4q_nnx6Q7vDZIsMpEnyjO&sig=Cg0ArKJSzNdCOeQTIfLQEAE&cid=CAQSPABygQiD70ceAbhYbjXH_BdZOhTwqkadl22z-qkftwc9xaUrivP9uxkd7UTxeFRCo74isr9guwOkJjYoPRgB&id=lidarv&acvw=sv%3D951%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D20,500,358,1100%26tos%3D2125,0,0,0,0%26mtos%3D2125,2125,2125,2125,2125%26amtos%3D0,0,0,0,0%26mcvt%3D2125%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2125%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D492%26pst%3D511%26dur%3D30000%26vmtime%3D2097%26dtos%3D2125%26dtoss%3D1%26dvs%3D2088%26dfvs%3D2088%26dvpt%3D2088%26is%3D33554707%26i0%3D33554707%26ic%3D16777217%26cs%3D50336019%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D2749%26femvt%3D0%26emc%3D13%26emuc%3D0%26emb%3D11,0,0,0,0%26avms%3Dexc%26qi%3D267232123%26psm%3D-2147483641%26psv%3D-2147483641%26psfv%3D-2147483641%26psa%3D0%26ptlt%3D6068%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,2125,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.1%26t%3D1684132461601
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305110101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
887339722f8f23241256859c5ae29f97e1b1a740e2f5c8d631c8369d48efe3f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11093
x-xss-protection
0
syncframe
gum.criteo.com/ Frame BE02
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=eqywj.katerionews.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.134.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://eqywj.katerionews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 15 May 2023 06:34:24 GMT
server
Kestrel
server-processing-duration-in-ticks
1426316
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame BE02
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=katerionews.com&sn=ChromeSyncframe&so=0&topUrl=eqywj.katerionews.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=y61QfHwvenQzOXE1WUc5YzArOUd5R3h5TCtjdTZ1QUhaVGwrZEpXMEs5TlYzVmxoL3oyNHExL1QwaGNvWVl4NmhDWjlvZm1Rc21JRUlVaytnM3NDQ1poT0o3d0VYMGRYWGN0TVNaaDViUWZWeHhXdjlJY3AxMmRZbDRYRV...
446 B
657 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=y61QfHwvenQzOXE1WUc5YzArOUd5R3h5TCtjdTZ1QUhaVGwrZEpXMEs5TlYzVmxoL3oyNHExL1QwaGNvWVl4NmhDWjlvZm1Rc21JRUlVaytnM3NDQ1poT0o3d0VYMGRYWGN0TVNaaDViUWZWeHhXdjlJY3AxMmRZbDRYRVJmWFlFT2E2UG9XVzFVWEYwVXZEdVVSSHlzcnBBL0loUytyQ1VLRE9SekhUWTR1Y3h5M1dQOWVpTEMxZW1uWEFsRXNUaEszc2Z3NXBOTnp2Q3J3Z1Y4aTBCVmM1Y3F6cGJLamFxTnptS0lxaHFORXF4N3ZlcERqNnUwM2JnalV4eDE1QUpNa1FMeko0ZGdScjdFV0kzNnppWlcxM2lWdz09fA&cppv=2
Protocol
H2
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e06d127b46a9e51866d04fa8b8c33485107dafb2ddc0befe5dbd5c510de4201f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:24 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1041245
expires
0

Redirect headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:24 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=y61QfHwvenQzOXE1WUc5YzArOUd5R3h5TCtjdTZ1QUhaVGwrZEpXMEs5TlYzVmxoL3oyNHExL1QwaGNvWVl4NmhDWjlvZm1Rc21JRUlVaytnM3NDQ1poT0o3d0VYMGRYWGN0TVNaaDViUWZWeHhXdjlJY3AxMmRZbDRYRVJmWFlFT2E2UG9XVzFVWEYwVXZEdVVSSHlzcnBBL0loUytyQ1VLRE9SekhUWTR1Y3h5M1dQOWVpTEMxZW1uWEFsRXNUaEszc2Z3NXBOTnp2Q3J3Z1Y4aTBCVmM1Y3F6cGJLamFxTnptS0lxaHFORXF4N3ZlcERqNnUwM2JnalV4eDE1QUpNa1FMeko0ZGdScjdFV0kzNnppWlcxM2lWdz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
341100
content-length
0
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 15 May 2023 06:34:24 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E66E
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eqywj.katerionews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
19369
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 15 May 2023 01:11:35 GMT
expires
Tue, 14 May 2024 01:11:35 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame EF02
783 B
765 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
20297bd522e226f15407572bb3331b78fc12e306fe85d716a1f0c935f68df51f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-dX1F1REPiSzqJq3roSpVsQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eqywj.katerionews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-dX1F1REPiSzqJq3roSpVsQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 15 May 2023 06:34:24 GMT
expires
Mon, 15 May 2023 06:34:24 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js
pagead2.googlesyndication.com/bg/ Frame E66E
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03a0e4a85c470c697b9cab256a97ff2704a034b9394b9d67c4aaf6c5d421b5d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 21:19:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
33285
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14779
x-xss-protection
0
last-modified
Mon, 08 May 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 May 2024 21:19:39 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame EF02
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305110101&jk=230824176954640&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

bid
aax.amazon-adsystem.com/e/dtb/
23 B
466 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Feqywj.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4&pr=https%3A%2F%2Fwaaw.to%2F&pid=6UaJVEuMtYSoZ&cb=1&ws=1600x1200&v=23.505.1627&t=1900&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1684132464932-0%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22%2F21939239661%2C22893780809%2Fapl%2Faplmcm%2Fdynamic%2Fadx22893379435%22%7D%5D&sg=%7B%22ortb2%22%3A%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22browsers%22%3A%5B%5D%7D%7D%7D%7D&schain=1.0%2C1!adipolo.com%2C22893780809%2C1%2C%2C%2C&pubid=00ed17ab-4189-4639-9d5e-15acd40affde&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-4.fra56.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:24 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 d9523e44e96d2539081596bb1d268d44.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
8E674EQQEDD0VS64CNVZ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://eqywj.katerionews.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
MHcTPtNQ2Souw5n9cS1ZnbDXfUlxgcxCt-yA9_NmqmcK6VMVxxtC_w==
integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=eqywj.katerionews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=eqywj.katerionews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
23 KB
11 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=230824176954640&correlator=2581327334492186&hxva=1&scor=1823980316218534&eid=31074535%2C31074540%2C31074558&output=ldjh&gdfp_req=1&vrg=202305110101&ptt=17&impl=fifs&iu_parts=21939239661%3A22893780809%2Capl%2Caplmcm%2Cdynamic%2Cadx22893379435&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=160x600&ifi=2&adks=620445137&didk=1837313462&sfv=1-0-40&prev_scp=refresh%3Dtrue%26test%3Devent%26hb_rfBid%3D0%26amznbid%3D1%26amznp%3D1%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3Dec0379141404ca4e-224b7ba3d4dd002d%3AT%3D1684132457%3ART%3D1684132458%3AS%3DALNI_MbbxTW3mlRQUeuppWxH8CvnxaQdlw&gpic=UID%3D00000c15a859b47b%3AT%3D1684132457%3ART%3D1684132457%3AS%3DALNI_MZmx8bWl0OM1B6CUucaUW_qbJIgyA&abxe=1&dt=1684132464944&lmt=1684132464&dlt=1684132456199&idt=657&adxs=-160&adys=311&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Feqywj.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4&ref=https%3A%2F%2Fwaaw.to%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=160&psts=ABHeCvhpKxBPejfhBg7QH1ZPHWdMvVyfP-oKatL9S8ZKiY4OqGkHghReeGTUCaExbil9EKDqx_luSbqsD6-O4NYoI0Bh6ZknUAmzsqCdRmNwrw&ga_vid=1957477600.1684132457&ga_sid=1684132457&ga_hid=42405692&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5c1df6b8b8400f77a0057374d202cfc2f4d71eeda679691148f7b8482db8e76d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:25 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10778
x-xss-protection
0
google-lineitem-id
5504336788
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138326289731
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://eqywj.katerionews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame E66E
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?sCiF9g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:25 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6A02
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?cslots=0&dispcorr=1&streamcorr=1&isgptpresent=1&loc=https%3A%2F%2Feqywj.katerionews.com&ref&gcasclass=1&vpaidadapter=f&ifstate=0&lid=70&sdkv=h.3.572.0&e=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&id=ima_html5&c=3738951884441982&domain
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6A02
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?csrvinit=1&lid=151&sdkv=h.3.572.0&e=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&id=ima_html5&c=3738951884441982&domain
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A89D
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst6yEDUUBFmHDdSuJBcr2cRhEC6vj2LGUV_v_b8rKX3JlFTitYl9gf1RmEvUpSzi9Bmdf6WZqN_72wBjoctdK5Y5GVksipM_si4xT12KFJYEqnt9zdnJbsbGxcrXubfaHX24xFyCSgAkMDDt7_chwXGQ6lCrj8_PkE61nbpR321l1JlYSuSVWk3AdnwDz9u0gMNaHizFJbIkogqM_-cRM1dORXIoGy2fNUSFflofx6aCsy02iePv2zAn9p6AdjwIGabCjFwpamoidSt0ESWeQ9syFGnhRRg0GRfEQNcHzExpYKWEqImmErITafREGIjNQmk7Q6J0InMCfwmFw5P55lZA7zGKFemmBjyPnEW_YY&sai=AMfl-YR79YFe8tDsog-UZFhPRfO_-4P0ewX3pYeQf1Ofw1zKI8gaWLqpewlWkHI-98k5q_KVGhX6KHCX99oW5DRFNeWz5vILPgnpOFHqaOK2ExBdBgcoT7rXeTKSWsCoq7M&sig=Cg0ArKJSzEp6TzPOxd3xEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: waaw.to
URL: https://waaw.to/f/lQbgDcfHP0gT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
prebid.js
acdn.adnxs.com/prebid/not-for-prod/ Frame A89D
2 MB
651 KB
Script
General
Full URL
https://acdn.adnxs.com/prebid/not-for-prod/prebid.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
5cf86ea3904f96ce75441057cc58106eedc9f049d34e2a7ed5023a87d916ec6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Unused62
8096267
Date
Mon, 15 May 2023 06:34:25 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Feb 2022 18:43:39 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62055cdb-23771c"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Length
666704
Expires
Tue, 16 May 2023 06:34:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A89D
169 KB
52 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 15 May 2023 06:34:25 GMT
truncated
/ Frame A89D
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f5120653ae4d93ed7e2c99e55ae575522c3cc14908e5c1a91d301f88ef74d56

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame A89D
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstICBSKCMjfolgJuqx936b2zzBjtV8aq7VFJT36AQA1w4Tx28psjixEGgJjYZHhGGDZ290-GXXK207thrzh7jhGQuXyvMk0QFEFKNnULmCOfXSqhG94m0J03XvC5FzV1aBN7fYi6mCFY_bJCqeYdnseSqqnUyujBHLz4qtrfybiZtew8usEmKQwBVNPsH1nzB4-JdXSRaWG1B6J7IHhiBj5CqdH4O0zAmiKWkImFHibJ8_uLJFqvGEJEzFhSiZkLtIqZwt0sQfD2S9zIaaFmXl6al9Ur3wjHBpI_yxM6LdDDstonUq4aWUVV3qbC-Wcr0uwyoRXLQKJRzFYi71JmEMN_ADPnmGjmtrqllVK4J30Ig&sai=AMfl-YSS3LJmhwjl_n_I1VXRHJvUTgWpUfEtvtRsdFGRwlNHbQyXnj0Kx3zT1qohxTu4APus_dhXxLtZ55Cz-RkAJ6r3a3vALc8qMWwM0zKJjVToVw0LfATNLC1NPf4BVeE&sig=Cg0ArKJSzHCsEnVjKZp5EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 15 May 2023 06:34:25 GMT
wrapper.html
wrappers.geoedge.be/ Frame A89D
3 KB
3 KB
XHR
General
Full URL
https://wrappers.geoedge.be/wrapper.html
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/not-for-prod/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:8c00:2:d490:4d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb

Request headers

Referer
https://eqywj.katerionews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

x-amz-version-id
gVDFxbxIIKkKTV40SMjG._OTMed_.wGK
date
Mon, 15 May 2023 00:07:38 GMT
via
1.1 3431ec594cac61983aae2d9ffaf23980.cloudfront.net (CloudFront)
last-modified
Mon, 12 Apr 2021 12:46:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
23208
etag
"4a6c546fe449447f2a620613c0655458"
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
3121
x-amz-cf-id
VlEQtm2MUpauzmYZvwx2tbXJwXPmau-hUZG-XwKlyTnK6MaenVnR-Q==
freewheel-mapping.json
cdn.jsdelivr.net/gh/prebid/category-mapping-file@1/ Frame A89D
14 KB
1 KB
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/category-mapping-file@1/freewheel-mapping.json
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/not-for-prod/prebid.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
60d0cdf0b18fc47a4d55b4a2aeccd0b2bcc71063ca21ec0eb538bea39833dda4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://eqywj.katerionews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 15 May 2023 06:34:25 GMT
x-content-type-options
nosniff
content-encoding
br
age
18927
x-jsd-version
1.0.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1162
x-served-by
cache-fra-eddf8230106-FRA
x-jsd-version-type
version
etag
W/"36b6-ffkBzh2j6c/gCM5tBPQMcNXdZI8"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
localstore.js
script.4dex.io/ Frame A89D
483 B
1022 B
Script
General
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/not-for-prod/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Mon, 15 May 2023 06:34:25 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
903575
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=juI3V%2Fg%2B9eJS34gNOe4pgjYTF2jjtNChr0nhQGxrALlAJ9teU2VaR4y659fyMCqgIFyx%2FHe6DC%2Bne1lhhFfXP0TqOF5vYolQ6NonKqeo4%2FNokwxYU4QrZklf21TW9H2q2lJZ7mCfPZbkt6ky"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7c795ae4eb5b3611-FRA
bid
ap.lijit.com/rtb/ Frame A89D
23 B
407 B
XHR
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.11.0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/not-for-prod/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e17bfb97abef7bacbd700b58fc35bf4596514d0b565cb53a9187690a9acb4f81

Request headers

Referer
https://eqywj.katerionews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 15 May 2023 06:34:25 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://eqywj.katerionews.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
23
syncframe
gum.criteo.com/ Frame 8917
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=eqywj.katerionews.com
Requested by
Host: waaw.to
URL: https://waaw.to/f/lQbgDcfHP0gT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://eqywj.katerionews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 15 May 2023 06:34:25 GMT
server
Kestrel
server-processing-duration-in-ticks
1212069
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cdb
bidder.criteo.com/ Frame A89D
2 KB
2 KB
XHR
General
Full URL
https://bidder.criteo.com/cdb?ptv=134&profileId=185&av=34&wv=6.11.0&bundle=44uHDF9DSjNnZSUyQjYzR0x5T2dkTVYyU3FEVWtYd1VhS0dBRFYwWSUyRnklMkZmY21OTWNHeFR1d3RIdkhqUmNSdGJQJTJCVDRGSHVEZlJYWSUyQlVRSUpFSER5RXU1THBrMFhDdUdJNnZXZFRvQVpiT3pZOGdVMUt1TGpxS0JlNCUyRlBOJTJCTjZWbHlkTTFoaEVLZyUyQk91QUZUUjdveWVQSzlla3FRJTNEJTNE&cb=66373144449
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/not-for-prod/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
f66beb19aea05f9018729b637564db44a2a5d77b8b754f4538b43ebfca402fe8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://eqywj.katerionews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 15 May 2023 06:34:25 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://eqywj.katerionews.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1601
prebid-request
onetag-sys.com/ Frame A89D
15 B
368 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/not-for-prod/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://eqywj.katerionews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://eqywj.katerionews.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
sid
mug.criteo.com/ Frame 8917
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=katerionews.com&sn=ChromeSyncframe&so=3&topUrl=eqywj.katerionews.com&bundle=44uHDF9DSjNnZSUyQjYzR0x5T2dkTVYyU3FEVWtYd1VhS0dBRFYwWSUyRnklMk...
  • https://mug.criteo.com/sid?cpp=PyGJSHxTTHZNMTF4OVlDeUZyQVhDR1FpS0tUVjI2TnJjZDZIampJSkh4M0tvUHZGdUh6b0pXYzMyRVA3WTJ3bjdydCtDR2E5MTNiY3NmU0NvZFREY0c1OGE3WTdDajlYYzJKbzZyZ1hMOGhFOEJ0b0FYbWRCcWxUNFFWME...
435 B
649 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=PyGJSHxTTHZNMTF4OVlDeUZyQVhDR1FpS0tUVjI2TnJjZDZIampJSkh4M0tvUHZGdUh6b0pXYzMyRVA3WTJ3bjdydCtDR2E5MTNiY3NmU0NvZFREY0c1OGE3WTdDajlYYzJKbzZyZ1hMOGhFOEJ0b0FYbWRCcWxUNFFWMEFmT2hlQlQyWTNpUHJTeFVpMXhpanFrUDQ1Y2UwMExacHJReER1ak43UC9HVVJObDVMNy9sWHFSb0h2ZVRuaERZaW1RdVlOVndyNFpQMlRpU2Ftbi8va3lkNWFKZnNtQTMxNHNYQ0N6aHlkdE9jc3grLzZPeWsrK2pUbTBuemJBcHB6ZDg2TVJOUThVVlM5bGRxTVpxWnRNa2RJa29tV1lJWU5UT1dNSXBLV0VLajhjeitVWT18&cppv=2
Protocol
H2
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
0d0ec5b8ef463873f76f8ad68243a7943f3e5d9627c0e033d5ae08b95910350b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:24 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1154049
expires
0

Redirect headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:24 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=PyGJSHxTTHZNMTF4OVlDeUZyQVhDR1FpS0tUVjI2TnJjZDZIampJSkh4M0tvUHZGdUh6b0pXYzMyRVA3WTJ3bjdydCtDR2E5MTNiY3NmU0NvZFREY0c1OGE3WTdDajlYYzJKbzZyZ1hMOGhFOEJ0b0FYbWRCcWxUNFFWMEFmT2hlQlQyWTNpUHJTeFVpMXhpanFrUDQ1Y2UwMExacHJReER1ak43UC9HVVJObDVMNy9sWHFSb0h2ZVRuaERZaW1RdVlOVndyNFpQMlRpU2Ftbi8va3lkNWFKZnNtQTMxNHNYQ0N6aHlkdE9jc3grLzZPeWsrK2pUbTBuemJBcHB6ZDg2TVJOUThVVlM5bGRxTVpxWnRNa2RJa29tV1lJWU5UT1dNSXBLV0VLajhjeitVWT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
407573
content-length
0
expires
0
events
bidder.criteo.com/csm/ Frame A89D
0
222 B
Ping
General
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: waaw.to
URL: https://waaw.to/f/lQbgDcfHP0gT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://eqywj.katerionews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 15 May 2023 06:34:25 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://eqywj.katerionews.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
pixels
ssp-sync.criteo.com/user-sync/ Frame A89D
678 B
787 B
XHR
General
Full URL
https://ssp-sync.criteo.com/user-sync/pixels
Requested by
Host: waaw.to
URL: https://waaw.to/f/lQbgDcfHP0gT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
22441c926b4139bec035dd7ee92e43134328ca6c1fc1ed204476f0a80b964cd8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://eqywj.katerionews.com
cache-control
no-store,max-age=0
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
afr.php
ads.eu.criteo.com/delivery/r/ Frame 475A
48 KB
19 KB
Document
General
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CYlkSPF0jqCnL3YUdj3%2Fs9DEsNmT3rgr08ridTeHhEq4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2gFWAbcleS0YYn8MLHHNtwWGFCevxDI6sVIw6zJZ134MKZaDldNsSbgzXEoJSo_vJ_4v6gZ-iiY30Q-wmbYHMrDz63RtBOHoQgi-y03Cjh7JsTOVIO5fIRjAvy_vEl23_fiaD_ETxNNah9Dg9j8thKFmmiXyw-m-7tNYw1mu4J8fVMVYetJDfkIlqhIHXK3XA7GHx6YIDpS0IrjODWlJASBCg9TcuhNoVFDzhoGYCtP_TYTiOyth8S2Dz_XE3TMEW7NA99wXtlhx0dbNdjSBoD3KOWTQnmi_fb3dvL0HFotv433clYIkq5RtfmyTyikbMIACGnxWNEOY5rkUTLLh7kje-2LbI_QGBKTDHXjPETsnAhZR_uykHnQo8RYpVk0uaOF9V9gbxf3LaMv_GS8eEfTxvddsHT3ZmQjnmju98r2OvxkwWlxKxw9GlelKGilRAx0IqZZ9eL18SJSuBxkfo0Yw-fpfZZA7kgXO2HOtLNHsOp9zdDEVtqxDd2HHbvlc0QwMZ85kixsW75wPq1h1FUgb-RAzqI68G2SVnsXmEaNgnG39_nL2a0bsOtpQdoMI28kdhnL3YzhgXQIUkDWmDHw
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/not-for-prod/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
aa933cc3d88e3079d4d09b2ebe9258485111beb2369f99540fef5a8f8b9add7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://eqywj.katerionews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 15 May 2023 06:34:25 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=S1yS61yOH8E7d4tR-NZwEB2r1BvhX2t3LAuHZ32B5aEvNrbvye39FXlZSzuDKJ2_iqPK-ITX0ZYlbBaMg8EaZgT9CvSbJ7C0MoWXG1lhndH0P0PdFRJ_Dt5qzX7s16kV3iNRNyf7DuvhmbP0SEcZWGXCvYdLuAAsfIRAhtVcwbpUOx3o14iYbuuUKSY_biQJUW1Gkp9vQ3MyCArsFM8YA-870-s39Zh60d3FroQyluGByK54EqwXGTMcxqE"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
4883677
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
tpd
cat.nl3.eu.criteo.com/ Frame 741E
43 B
462 B
Image
General
Full URL
https://cat.nl3.eu.criteo.com/tpd?dd=i14kCl9aNVVNbnF4VG9zRFI4JTJGYm9jSGRYU0pybWJRbmg0eUtybmdDMSUyRnF1NjZxZXVuNnJzMVklMkZVdUdGaFlzcVc1SnJsUyUyRjMyZnRpVFhtcXpsdW9QU2d0R3RjN1FvbXVabVlaaXZ4TTBGOEdDQ0FkeEVXenpuQSUyQnpzM3ZtUXhrWERXSUsyaVltTVFGcDRDd1duWnBlZ0VTU0ZXR0o1dHBYU1BGenBuaVNIZllKek44YVdHZmNscmNuaEQzQllJeSUyRkxTRFBid0hhMlExb3lnalIwSk11bUlsTzZxdzN4Q1ZKR3VWUWRMeDBBUTVqa2NVZmhkTk83QThMM1MyTFFXYXp2MDRjdFNTbXJ6RWw2UHB4TUIyUlZHQjVJaVcwOUNOYjhUbkJobWYlMkJTU2pqRk9VOTZWQTVYUDZUY0lOUWZtdlFiZ0kwZ0I4eVFUakppcEt3ZExWMHJaNmxMMkQ1RUxDJTJCY3hOV1p2cEc2SDcwVG1jcTh2Q3Z5aVVHOFhTakF1enMlMkZOVmQlMkY0bFpndXFZJTJGRFBwZ25UVkdmNTNlalglMkZFeTZESjNtOUc3NkZMOSUyRnBaWkElM0Q
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:25 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-max-age
1000
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
272901
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305110101&jk=230824176954640&bg=!tLelt-PNAAYldGN0BXQ7ADkAdvg8WpWoi42-IqA6f0GuCTqFq3y_VJ16Do_PnIxnwnW4yQaAxLDhYyogCBH8QTFdJlCvbhAwQmUCAAAAb1IAAAADaAEHmQKyBodvndkYAHgl022wbw1-E1_QHurLa3Ibxcc5jrIBz_a6PxXRATCzl3P0arg3pCFLpWu79yBQFBhG83kSm1813UaN3DSLz3lxSz2X6NJvIsRnVf2UhtJsUxc_Ys0pcCKzHxoIMB0ckeu2_drFqMk4IwV7Z7rG-Cqkwf11eentYttalj6u0d1N-wGJfWSD4CgMjfMNDasnjhEN3O1kpyd8-rnXlKUO2tp8MpsWC57IdeuogzvEiN6r7sC0fCIgWkqGt9lMPDG6XLHjPjoNs3jQNVig4y-KfpuvLULZIcx47kMe-OxMiTesiPtdLYlYDX9NnH23gRbZ0rfz1sHdwLNK7jjNq6h_bePVYT9n2OHdYA7qaFYt82yW6G7vP-Dbd0U7_ULJ0w5mpH9ZZt8jsMCfXBhPhmuT266nobnWY9IwjCuerM-11mTtRbSBLqbFs0PpKtkY8pSJrrrss8Kf1p_MCkDhbhLC2eN44fnd9NeArAiNu-nc3QwSIhQNWkdDpif1dG8PYgJecY2Ln-T838_6b1115dTH1B5t6ZjlTm28Miajah8Vemff61EzkPIwp6QlzmUwgSau0FfKp5KEuylJc_hC-wVeekIX765Y75EldRkoK5HsqfuTZsWIlJoNJc8jIBlOTUXClSFI1no5OJDKW7EnuHX8DpeVEKjYdc2HH_oAG5Ukpb_-JRKMR5UDY0VIXpVhhg3dYBJhf06btg9_bZD8Wf9lyRLvVeCKVwxXIYXNURswX0CKZgMkZGu4bFwXnnb5bOsBLtAzVd2GdCXSiIoNmK20_LPrVbvZjwyaFF3mcmaZwywxMDufE8HneX0kc3ulsPhGJpDVxpt4g1HWkoJOXGYv3ULI-HYjBogR3aiO4zp4VQR92TQEboFWCySmSaNh7s1sAzlHq-whTkNIoYRb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

adagio.js
script.4dex.io/ Frame A89D
74 KB
23 KB
Fetch
General
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Mon, 15 May 2023 06:34:25 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
104575
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 23 Nov 2022 15:43:17 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iSdKmMQFJSOQCr%2FJ9aVFu7X917%2FWQlyZbx16AnM1%2Fkr4rJjFV6w%2Fc6ktYwNbqRllO1%2BxPkigKIl%2FnWT0X26SjXeeCvmwbRwSJ2R%2Fu3945ymUeFJdq%2BawNDwI3a1M0dgHXPrC0G5%2FPAigqc8K"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7c795ae6297a043a-FRA
privacy_small.svg
static.criteo.net/flash/icon/ Frame 475A
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CYlkSPF0jqCnL3YUdj3%2Fs9DEsNmT3rgr08ridTeHhEq4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2gFWAbcleS0YYn8MLHHNtwWGFCevxDI6sVIw6zJZ134MKZaDldNsSbgzXEoJSo_vJ_4v6gZ-iiY30Q-wmbYHMrDz63RtBOHoQgi-y03Cjh7JsTOVIO5fIRjAvy_vEl23_fiaD_ETxNNah9Dg9j8thKFmmiXyw-m-7tNYw1mu4J8fVMVYetJDfkIlqhIHXK3XA7GHx6YIDpS0IrjODWlJASBCg9TcuhNoVFDzhoGYCtP_TYTiOyth8S2Dz_XE3TMEW7NA99wXtlhx0dbNdjSBoD3KOWTQnmi_fb3dvL0HFotv433clYIkq5RtfmyTyikbMIACGnxWNEOY5rkUTLLh7kje-2LbI_QGBKTDHXjPETsnAhZR_uykHnQo8RYpVk0uaOF9V9gbxf3LaMv_GS8eEfTxvddsHT3ZmQjnmju98r2OvxkwWlxKxw9GlelKGilRAx0IqZZ9eL18SJSuBxkfo0Yw-fpfZZA7kgXO2HOtLNHsOp9zdDEVtqxDd2HHbvlc0QwMZ85kixsW75wPq1h1FUgb-RAzqI68G2SVnsXmEaNgnG39_nL2a0bsOtpQdoMI28kdhnL3YzhgXQIUkDWmDHw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:25 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 09 May 2024 06:34:25 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 475A
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CYlkSPF0jqCnL3YUdj3%2Fs9DEsNmT3rgr08ridTeHhEq4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2gFWAbcleS0YYn8MLHHNtwWGFCevxDI6sVIw6zJZ134MKZaDldNsSbgzXEoJSo_vJ_4v6gZ-iiY30Q-wmbYHMrDz63RtBOHoQgi-y03Cjh7JsTOVIO5fIRjAvy_vEl23_fiaD_ETxNNah9Dg9j8thKFmmiXyw-m-7tNYw1mu4J8fVMVYetJDfkIlqhIHXK3XA7GHx6YIDpS0IrjODWlJASBCg9TcuhNoVFDzhoGYCtP_TYTiOyth8S2Dz_XE3TMEW7NA99wXtlhx0dbNdjSBoD3KOWTQnmi_fb3dvL0HFotv433clYIkq5RtfmyTyikbMIACGnxWNEOY5rkUTLLh7kje-2LbI_QGBKTDHXjPETsnAhZR_uykHnQo8RYpVk0uaOF9V9gbxf3LaMv_GS8eEfTxvddsHT3ZmQjnmju98r2OvxkwWlxKxw9GlelKGilRAx0IqZZ9eL18SJSuBxkfo0Yw-fpfZZA7kgXO2HOtLNHsOp9zdDEVtqxDd2HHbvlc0QwMZ85kixsW75wPq1h1FUgb-RAzqI68G2SVnsXmEaNgnG39_nL2a0bsOtpQdoMI28kdhnL3YzhgXQIUkDWmDHw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:25 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 09 May 2024 06:34:25 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 475A
308 B
636 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CYlkSPF0jqCnL3YUdj3%2Fs9DEsNmT3rgr08ridTeHhEq4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2gFWAbcleS0YYn8MLHHNtwWGFCevxDI6sVIw6zJZ134MKZaDldNsSbgzXEoJSo_vJ_4v6gZ-iiY30Q-wmbYHMrDz63RtBOHoQgi-y03Cjh7JsTOVIO5fIRjAvy_vEl23_fiaD_ETxNNah9Dg9j8thKFmmiXyw-m-7tNYw1mu4J8fVMVYetJDfkIlqhIHXK3XA7GHx6YIDpS0IrjODWlJASBCg9TcuhNoVFDzhoGYCtP_TYTiOyth8S2Dz_XE3TMEW7NA99wXtlhx0dbNdjSBoD3KOWTQnmi_fb3dvL0HFotv433clYIkq5RtfmyTyikbMIACGnxWNEOY5rkUTLLh7kje-2LbI_QGBKTDHXjPETsnAhZR_uykHnQo8RYpVk0uaOF9V9gbxf3LaMv_GS8eEfTxvddsHT3ZmQjnmju98r2OvxkwWlxKxw9GlelKGilRAx0IqZZ9eL18SJSuBxkfo0Yw-fpfZZA7kgXO2HOtLNHsOp9zdDEVtqxDd2HHbvlc0QwMZ85kixsW75wPq1h1FUgb-RAzqI68G2SVnsXmEaNgnG39_nL2a0bsOtpQdoMI28kdhnL3YzhgXQIUkDWmDHw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:25 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 09 May 2024 06:34:25 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 475A
293 B
621 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CYlkSPF0jqCnL3YUdj3%2Fs9DEsNmT3rgr08ridTeHhEq4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2gFWAbcleS0YYn8MLHHNtwWGFCevxDI6sVIw6zJZ134MKZaDldNsSbgzXEoJSo_vJ_4v6gZ-iiY30Q-wmbYHMrDz63RtBOHoQgi-y03Cjh7JsTOVIO5fIRjAvy_vEl23_fiaD_ETxNNah9Dg9j8thKFmmiXyw-m-7tNYw1mu4J8fVMVYetJDfkIlqhIHXK3XA7GHx6YIDpS0IrjODWlJASBCg9TcuhNoVFDzhoGYCtP_TYTiOyth8S2Dz_XE3TMEW7NA99wXtlhx0dbNdjSBoD3KOWTQnmi_fb3dvL0HFotv433clYIkq5RtfmyTyikbMIACGnxWNEOY5rkUTLLh7kje-2LbI_QGBKTDHXjPETsnAhZR_uykHnQo8RYpVk0uaOF9V9gbxf3LaMv_GS8eEfTxvddsHT3ZmQjnmju98r2OvxkwWlxKxw9GlelKGilRAx0IqZZ9eL18SJSuBxkfo0Yw-fpfZZA7kgXO2HOtLNHsOp9zdDEVtqxDd2HHbvlc0QwMZ85kixsW75wPq1h1FUgb-RAzqI68G2SVnsXmEaNgnG39_nL2a0bsOtpQdoMI28kdhnL3YzhgXQIUkDWmDHw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:25 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 09 May 2024 06:34:25 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 475A
43 B
347 B
Image
General
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=cCucj9VIhUcIU3L5OWi427cYQn8MIZVACiZEprRoCsUPlmSU6hIpcIaZf8yZ3l0zJrdGWax8XgZjDA5U3_X4mUgpfAZM7NYwqmsif4xULdB2M5v2LCgwN4hDsnhPVUO02difwo2jxbh9G7oMGq__5tpArabnHvw8h9YPvk_ItP-keqCtNTycEaGXPhMktT9NMXJ6_sRuRJlVQJbm_7gzFicijPJ_-EhjgLAPi6DDe3jmOFt85rZFXvdf5rMV4lfc_Ba5sPNHKB4nCqLYKrh42n5EgXkuT1r_lNDK5n6L8WQtn5r9869OfhEaY0iOdc5lyXjB6ck9YO073HqbLGziLxEj14K1zJFDyXwHrxrUYZZSLxFU4Ix0rCWvdpYOfGnhPav3apks0tjGK1QutQ__BYz811aC1lBDbiOElfQLZNAMjj61jLtgAXyGsTNtke8fbkowIdKTmsgqwvWFwI-16TLdHP8
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CYlkSPF0jqCnL3YUdj3%2Fs9DEsNmT3rgr08ridTeHhEq4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2gFWAbcleS0YYn8MLHHNtwWGFCevxDI6sVIw6zJZ134MKZaDldNsSbgzXEoJSo_vJ_4v6gZ-iiY30Q-wmbYHMrDz63RtBOHoQgi-y03Cjh7JsTOVIO5fIRjAvy_vEl23_fiaD_ETxNNah9Dg9j8thKFmmiXyw-m-7tNYw1mu4J8fVMVYetJDfkIlqhIHXK3XA7GHx6YIDpS0IrjODWlJASBCg9TcuhNoVFDzhoGYCtP_TYTiOyth8S2Dz_XE3TMEW7NA99wXtlhx0dbNdjSBoD3KOWTQnmi_fb3dvL0HFotv433clYIkq5RtfmyTyikbMIACGnxWNEOY5rkUTLLh7kje-2LbI_QGBKTDHXjPETsnAhZR_uykHnQo8RYpVk0uaOF9V9gbxf3LaMv_GS8eEfTxvddsHT3ZmQjnmju98r2OvxkwWlxKxw9GlelKGilRAx0IqZZ9eL18SJSuBxkfo0Yw-fpfZZA7kgXO2HOtLNHsOp9zdDEVtqxDd2HHbvlc0QwMZ85kixsW75wPq1h1FUgb-RAzqI68G2SVnsXmEaNgnG39_nL2a0bsOtpQdoMI28kdhnL3YzhgXQIUkDWmDHw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:25 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1933788
expires
Mon, 26 Jul 1997 05:00:00 GMT
e709bf0260ef4cb9a6a2f63dd1c3d52a_image_ad_300x600.gif
static.criteo.net/design/dt/98009/230424/ Frame 475A
95 KB
96 KB
Image
General
Full URL
https://static.criteo.net/design/dt/98009/230424/e709bf0260ef4cb9a6a2f63dd1c3d52a_image_ad_300x600.gif
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CYlkSPF0jqCnL3YUdj3%2Fs9DEsNmT3rgr08ridTeHhEq4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2gFWAbcleS0YYn8MLHHNtwWGFCevxDI6sVIw6zJZ134MKZaDldNsSbgzXEoJSo_vJ_4v6gZ-iiY30Q-wmbYHMrDz63RtBOHoQgi-y03Cjh7JsTOVIO5fIRjAvy_vEl23_fiaD_ETxNNah9Dg9j8thKFmmiXyw-m-7tNYw1mu4J8fVMVYetJDfkIlqhIHXK3XA7GHx6YIDpS0IrjODWlJASBCg9TcuhNoVFDzhoGYCtP_TYTiOyth8S2Dz_XE3TMEW7NA99wXtlhx0dbNdjSBoD3KOWTQnmi_fb3dvL0HFotv433clYIkq5RtfmyTyikbMIACGnxWNEOY5rkUTLLh7kje-2LbI_QGBKTDHXjPETsnAhZR_uykHnQo8RYpVk0uaOF9V9gbxf3LaMv_GS8eEfTxvddsHT3ZmQjnmju98r2OvxkwWlxKxw9GlelKGilRAx0IqZZ9eL18SJSuBxkfo0Yw-fpfZZA7kgXO2HOtLNHsOp9zdDEVtqxDd2HHbvlc0QwMZ85kixsW75wPq1h1FUgb-RAzqI68G2SVnsXmEaNgnG39_nL2a0bsOtpQdoMI28kdhnL3YzhgXQIUkDWmDHw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
3674ab1a2aa53d5ed8dcf402eed60cfc18c0bccf563ef2da5dee9a6488df31bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:25 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Apr 2023 09:05:14 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6446464a-17dd1"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
97745
expires
Thu, 09 May 2024 06:34:25 GMT
dis.aspx
widget.nl3.eu.criteo.com/dis/ Frame 945E
6 KB
3 KB
Document
General
Full URL
https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=198666&cb=6461d2718edf655af10fb14c688900a2&r=https%3a%2f%2feqywj.katerionews.com%2f&crossorigin=false
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CYlkSPF0jqCnL3YUdj3%2Fs9DEsNmT3rgr08ridTeHhEq4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2gFWAbcleS0YYn8MLHHNtwWGFCevxDI6sVIw6zJZ134MKZaDldNsSbgzXEoJSo_vJ_4v6gZ-iiY30Q-wmbYHMrDz63RtBOHoQgi-y03Cjh7JsTOVIO5fIRjAvy_vEl23_fiaD_ETxNNah9Dg9j8thKFmmiXyw-m-7tNYw1mu4J8fVMVYetJDfkIlqhIHXK3XA7GHx6YIDpS0IrjODWlJASBCg9TcuhNoVFDzhoGYCtP_TYTiOyth8S2Dz_XE3TMEW7NA99wXtlhx0dbNdjSBoD3KOWTQnmi_fb3dvL0HFotv433clYIkq5RtfmyTyikbMIACGnxWNEOY5rkUTLLh7kje-2LbI_QGBKTDHXjPETsnAhZR_uykHnQo8RYpVk0uaOF9V9gbxf3LaMv_GS8eEfTxvddsHT3ZmQjnmju98r2OvxkwWlxKxw9GlelKGilRAx0IqZZ9eL18SJSuBxkfo0Yw-fpfZZA7kgXO2HOtLNHsOp9zdDEVtqxDd2HHbvlc0QwMZ85kixsW75wPq1h1FUgb-RAzqI68G2SVnsXmEaNgnG39_nL2a0bsOtpQdoMI28kdhnL3YzhgXQIUkDWmDHw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
528230b6f35e2225760e6ffbc79d3c06ae192515b74e44f04f2cbe0363ed8580
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html
date
Mon, 15 May 2023 06:34:25 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
2177183
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
vary
Accept-Encoding
all
csm.eu.criteo.net/ Frame 475A
0
128 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=S1yS61yOH8E7d4tR-NZwEB2r1BvhX2t3LAuHZ32B5aEvNrbvye39FXlZSzuDKJ2_iqPK-ITX0ZYlbBaMg8EaZgT9CvSbJ7C0MoWXG1lhndH0P0PdFRJ_Dt5qzX7s16kV3iNRNyf7DuvhmbP0SEcZWGXCvYdLuAAsfIRAhtVcwbpUOx3o14iYbuuUKSY_biQJUW1Gkp9vQ3MyCArsFM8YA-870-s39Zh60d3FroQyluGByK54EqwXGTMcxqE&sds=2&rev=86118.2&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CYlkSPF0jqCnL3YUdj3%2Fs9DEsNmT3rgr08ridTeHhEq4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2gFWAbcleS0YYn8MLHHNtwWGFCevxDI6sVIw6zJZ134MKZaDldNsSbgzXEoJSo_vJ_4v6gZ-iiY30Q-wmbYHMrDz63RtBOHoQgi-y03Cjh7JsTOVIO5fIRjAvy_vEl23_fiaD_ETxNNah9Dg9j8thKFmmiXyw-m-7tNYw1mu4J8fVMVYetJDfkIlqhIHXK3XA7GHx6YIDpS0IrjODWlJASBCg9TcuhNoVFDzhoGYCtP_TYTiOyth8S2Dz_XE3TMEW7NA99wXtlhx0dbNdjSBoD3KOWTQnmi_fb3dvL0HFotv433clYIkq5RtfmyTyikbMIACGnxWNEOY5rkUTLLh7kje-2LbI_QGBKTDHXjPETsnAhZR_uykHnQo8RYpVk0uaOF9V9gbxf3LaMv_GS8eEfTxvddsHT3ZmQjnmju98r2OvxkwWlxKxw9GlelKGilRAx0IqZZ9eL18SJSuBxkfo0Yw-fpfZZA7kgXO2HOtLNHsOp9zdDEVtqxDd2HHbvlc0QwMZ85kixsW75wPq1h1FUgb-RAzqI68G2SVnsXmEaNgnG39_nL2a0bsOtpQdoMI28kdhnL3YzhgXQIUkDWmDHw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 15 May 2023 06:34:25 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 475A
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CYlkSPF0jqCnL3YUdj3%2Fs9DEsNmT3rgr08ridTeHhEq4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2gFWAbcleS0YYn8MLHHNtwWGFCevxDI6sVIw6zJZ134MKZaDldNsSbgzXEoJSo_vJ_4v6gZ-iiY30Q-wmbYHMrDz63RtBOHoQgi-y03Cjh7JsTOVIO5fIRjAvy_vEl23_fiaD_ETxNNah9Dg9j8thKFmmiXyw-m-7tNYw1mu4J8fVMVYetJDfkIlqhIHXK3XA7GHx6YIDpS0IrjODWlJASBCg9TcuhNoVFDzhoGYCtP_TYTiOyth8S2Dz_XE3TMEW7NA99wXtlhx0dbNdjSBoD3KOWTQnmi_fb3dvL0HFotv433clYIkq5RtfmyTyikbMIACGnxWNEOY5rkUTLLh7kje-2LbI_QGBKTDHXjPETsnAhZR_uykHnQo8RYpVk0uaOF9V9gbxf3LaMv_GS8eEfTxvddsHT3ZmQjnmju98r2OvxkwWlxKxw9GlelKGilRAx0IqZZ9eL18SJSuBxkfo0Yw-fpfZZA7kgXO2HOtLNHsOp9zdDEVtqxDd2HHbvlc0QwMZ85kixsW75wPq1h1FUgb-RAzqI68G2SVnsXmEaNgnG39_nL2a0bsOtpQdoMI28kdhnL3YzhgXQIUkDWmDHw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:25 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 09 May 2024 06:34:25 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 475A
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CYlkSPF0jqCnL3YUdj3%2Fs9DEsNmT3rgr08ridTeHhEq4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2gFWAbcleS0YYn8MLHHNtwWGFCevxDI6sVIw6zJZ134MKZaDldNsSbgzXEoJSo_vJ_4v6gZ-iiY30Q-wmbYHMrDz63RtBOHoQgi-y03Cjh7JsTOVIO5fIRjAvy_vEl23_fiaD_ETxNNah9Dg9j8thKFmmiXyw-m-7tNYw1mu4J8fVMVYetJDfkIlqhIHXK3XA7GHx6YIDpS0IrjODWlJASBCg9TcuhNoVFDzhoGYCtP_TYTiOyth8S2Dz_XE3TMEW7NA99wXtlhx0dbNdjSBoD3KOWTQnmi_fb3dvL0HFotv433clYIkq5RtfmyTyikbMIACGnxWNEOY5rkUTLLh7kje-2LbI_QGBKTDHXjPETsnAhZR_uykHnQo8RYpVk0uaOF9V9gbxf3LaMv_GS8eEfTxvddsHT3ZmQjnmju98r2OvxkwWlxKxw9GlelKGilRAx0IqZZ9eL18SJSuBxkfo0Yw-fpfZZA7kgXO2HOtLNHsOp9zdDEVtqxDd2HHbvlc0QwMZ85kixsW75wPq1h1FUgb-RAzqI68G2SVnsXmEaNgnG39_nL2a0bsOtpQdoMI28kdhnL3YzhgXQIUkDWmDHw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:25 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 09 May 2024 06:34:25 GMT
match
ssp-sync.criteo.com/user-sync/ Frame A89D
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/cri?r=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dZkfRMl96cUJzSVByUkYydEFQUngzZ090Ym02R2l3bWFQeUpDTkJJYTZYdUpRR0M4JTNE%26u%3d%24%7bUSER_ID%7d&...
  • https://match.prod.bidr.io/cookie-sync/cri?r=https%3A%2F%2Fssp-sync.criteo.com%2Fuser-sync%2Fmatch%3Fp%3DZkfRMl96cUJzSVByUkYydEFQUngzZ090Ym02R2l3bWFQeUpDTkJJYTZYdUpRR0M4JTNE%26u%3D%24%7BUSER_ID%7D&...
  • https://ssp-sync.criteo.com/user-sync/match?p=ZkfRMl96cUJzSVByUkYydEFQUngzZ090Ym02R2l3bWFQeUpDTkJJYTZYdUpRR0M4JTNE&u=AAD_GE7Iw6UAACAnIEAm2Q
0
141 B
Image
General
Full URL
https://ssp-sync.criteo.com/user-sync/match?p=ZkfRMl96cUJzSVByUkYydEFQUngzZ090Ym02R2l3bWFQeUpDTkJJYTZYdUpRR0M4JTNE&u=AAD_GE7Iw6UAACAnIEAm2Q
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H2
Server
2a02:2638:d::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:25 GMT
cache-control
no-store,max-age=0
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Kestrel

Redirect headers

location
https://ssp-sync.criteo.com/user-sync/match?p=ZkfRMl96cUJzSVByUkYydEFQUngzZ090Ym02R2l3bWFQeUpDTkJJYTZYdUpRR0M4JTNE&u=AAD_GE7Iw6UAACAnIEAm2Q
Date
Mon, 15 May 2023 06:34:25 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
match
ssp-sync.criteo.com/user-sync/ Frame A89D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=nErFZ19WajllRENNNXJLdnJQRDQ1cjdKJTJCWjNjd2NRblhaSHhXcEEyUHo5blk5b0klM0Q&gdpr=&gdpr_consent=&us_privacy=&cr_user_id=k-sQJZfixjaKR31hxSLgOEzwjOCcbU...
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=criteo&bsw_custom_parameter=e5064afa-f659-44cc-9f43-67174998427f&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=06b33fa9-49c5-4eed-9bf5-e2e39b957b79&expires=1&user_group=5&ssp=criteo&bsw_param=e5064afa-f659-44cc-9f43-67174998427f&gdpr=&gdpr_consent=&gdpr_pd=
  • https://ssp-sync.criteo.com/user-sync/match?p=nErFZ19WajllRENNNXJLdnJQRDQ1cjdKJTJCWjNjd2NRblhaSHhXcEEyUHo5blk5b0klM0Q&u=e5064afa-f659-44cc-9f43-67174998427f
0
141 B
Image
General
Full URL
https://ssp-sync.criteo.com/user-sync/match?p=nErFZ19WajllRENNNXJLdnJQRDQ1cjdKJTJCWjNjd2NRblhaSHhXcEEyUHo5blk5b0klM0Q&u=e5064afa-f659-44cc-9f43-67174998427f
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H2
Server
2a02:2638:d::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:25 GMT
cache-control
no-store,max-age=0
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Kestrel

Redirect headers

location
//ssp-sync.criteo.com/user-sync/match?p=nErFZ19WajllRENNNXJLdnJQRDQ1cjdKJTJCWjNjd2NRblhaSHhXcEEyUHo5blk5b0klM0Q&u=e5064afa-f659-44cc-9f43-67174998427f
date
Mon, 15 May 2023 06:34:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
match
ssp-sync.criteo.com/user-sync/ Frame A89D
Redirect Chain
  • https://sync.taboola.com/sg/criteoscod/1/cm?redirect=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dM5yKcl9vWVUlMkI2JTJCRVphSFZTQWZxTWklMkZHeHhtYXB2SmVtYjY1bmg4eVpodzZqYmpvJTNE%26u%3d%...
  • https://ssp-sync.criteo.com/user-sync/match?p=M5yKcl9vWVUlMkI2JTJCRVphSFZTQWZxTWklMkZHeHhtYXB2SmVtYjY1bmg4eVpodzZqYmpvJTNE&u=3ec48869-a3f4-41cb-9c0b-381a0880f266-tuctb5b57f1
0
141 B
Image
General
Full URL
https://ssp-sync.criteo.com/user-sync/match?p=M5yKcl9vWVUlMkI2JTJCRVphSFZTQWZxTWklMkZHeHhtYXB2SmVtYjY1bmg4eVpodzZqYmpvJTNE&u=3ec48869-a3f4-41cb-9c0b-381a0880f266-tuctb5b57f1
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H2
Server
2a02:2638:d::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:25 GMT
cache-control
no-store,max-age=0
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Kestrel

Redirect headers

location
https://ssp-sync.criteo.com/user-sync/match?p=M5yKcl9vWVUlMkI2JTJCRVphSFZTQWZxTWklMkZHeHhtYXB2SmVtYjY1bmg4eVpodzZqYmpvJTNE&u=3ec48869-a3f4-41cb-9c0b-381a0880f266-tuctb5b57f1
date
Mon, 15 May 2023 06:34:25 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12593
csi
csi.gstatic.com/
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=2~lhogzg3j&c=5392965397098&slotId=2696482698549&met.4=hvd_lc.lhogzg3i~hvd_ad.lhogzg3i~hvd_mad.lhogzg3i~hvd_admu.lhogzg3i~hvd_src.lhogzg3i&ps=600x338
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400f:804::2003 Boulder, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:25 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame 291C
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-sQJZfixjaKR31hxSLgOEzwjOCcbUY0HtRHu5Tw&expires=30
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CYlkSPF0jqCnL3YUdj3%2Fs9DEsNmT3rgr08ridTeHhEq4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2gFWAbcleS0YYn8MLHHNtwWGFCevxDI6sVIw6zJZ134MKZaDldNsSbgzXEoJSo_vJ_4v6gZ-iiY30Q-wmbYHMrDz63RtBOHoQgi-y03Cjh7JsTOVIO5fIRjAvy_vEl23_fiaD_ETxNNah9Dg9j8thKFmmiXyw-m-7tNYw1mu4J8fVMVYetJDfkIlqhIHXK3XA7GHx6YIDpS0IrjODWlJASBCg9TcuhNoVFDzhoGYCtP_TYTiOyth8S2Dz_XE3TMEW7NA99wXtlhx0dbNdjSBoD3KOWTQnmi_fb3dvL0HFotv433clYIkq5RtfmyTyikbMIACGnxWNEOY5rkUTLLh7kje-2LbI_QGBKTDHXjPETsnAhZR_uykHnQo8RYpVk0uaOF9V9gbxf3LaMv_GS8eEfTxvddsHT3ZmQjnmju98r2OvxkwWlxKxw9GlelKGilRAx0IqZZ9eL18SJSuBxkfo0Yw-fpfZZA7kgXO2HOtLNHsOp9zdDEVtqxDd2HHbvlc0QwMZ85kixsW75wPq1h1FUgb-RAzqI68G2SVnsXmEaNgnG39_nL2a0bsOtpQdoMI28kdhnL3YzhgXQIUkDWmDHw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.144.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-144-147.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 291C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-m4VIrixjaKR31hxSLgOEzwjOCcZeA9e81Do1YQ&google_cm&google_hm=ay1tNFZJcml4amFLUjMxaHhTTGdPRXp3ak9DY1plQTllO...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-m4VIrixjaKR31hxSLgOEzwjOCcZeA9e81Do1YQ&google_gid=CAESEJC8iZFKP8FbCZiWiEsgGww&google_cver=1&google_ula=913071,0
43 B
369 B
Image
General
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-m4VIrixjaKR31hxSLgOEzwjOCcZeA9e81Do1YQ&google_gid=CAESEJC8iZFKP8FbCZiWiEsgGww&google_cver=1&google_ula=913071,0
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H2
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:25 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
683851
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-m4VIrixjaKR31hxSLgOEzwjOCcZeA9e81Do1YQ&google_gid=CAESEJC8iZFKP8FbCZiWiEsgGww&google_cver=1&google_ula=913071,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 291C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7062505060153592632
43 B
370 B
Image
General
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7062505060153592632
Requested by
Host: eqywj.katerionews.com
URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Protocol
H2
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:24 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1028732
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Mon, 15 May 2023 06:34:25 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.146; 185.213.155.146; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
1a1af2fd-6d55-4b99-95b1-3b74d03e9010
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7062505060153592632
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
secure.adnxs.com/ Frame 291C
43 B
1 KB
Image
General
Full URL
https://secure.adnxs.com/setuid?entity=52&code=k-wl8JKSxjaKR31hxSLgOEzwjOCcZX-h75Zx-Bxg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CYlkSPF0jqCnL3YUdj3%2Fs9DEsNmT3rgr08ridTeHhEq4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2gFWAbcleS0YYn8MLHHNtwWGFCevxDI6sVIw6zJZ134MKZaDldNsSbgzXEoJSo_vJ_4v6gZ-iiY30Q-wmbYHMrDz63RtBOHoQgi-y03Cjh7JsTOVIO5fIRjAvy_vEl23_fiaD_ETxNNah9Dg9j8thKFmmiXyw-m-7tNYw1mu4J8fVMVYetJDfkIlqhIHXK3XA7GHx6YIDpS0IrjODWlJASBCg9TcuhNoVFDzhoGYCtP_TYTiOyth8S2Dz_XE3TMEW7NA99wXtlhx0dbNdjSBoD3KOWTQnmi_fb3dvL0HFotv433clYIkq5RtfmyTyikbMIACGnxWNEOY5rkUTLLh7kje-2LbI_QGBKTDHXjPETsnAhZR_uykHnQo8RYpVk0uaOF9V9gbxf3LaMv_GS8eEfTxvddsHT3ZmQjnmju98r2OvxkwWlxKxw9GlelKGilRAx0IqZZ9eL18SJSuBxkfo0Yw-fpfZZA7kgXO2HOtLNHsOp9zdDEVtqxDd2HHbvlc0QwMZ85kixsW75wPq1h1FUgb-RAzqI68G2SVnsXmEaNgnG39_nL2a0bsOtpQdoMI28kdhnL3YzhgXQIUkDWmDHw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 06:34:25 GMT
AN-X-Request-Uuid
068edd5b-832b-408d-86d8-e712c95689a0
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.146; 185.213.155.146; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 291C
61 B
804 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-eTjjZyxjaKR31hxSLgOEzwjOCcYLhTaK37H3jw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CYlkSPF0jqCnL3YUdj3%2Fs9DEsNmT3rgr08ridTeHhEq4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2gFWAbcleS0YYn8MLHHNtwWGFCevxDI6sVIw6zJZ134MKZaDldNsSbgzXEoJSo_vJ_4v6gZ-iiY30Q-wmbYHMrDz63RtBOHoQgi-y03Cjh7JsTOVIO5fIRjAvy_vEl23_fiaD_ETxNNah9Dg9j8thKFmmiXyw-m-7tNYw1mu4J8fVMVYetJDfkIlqhIHXK3XA7GHx6YIDpS0IrjODWlJASBCg9TcuhNoVFDzhoGYCtP_TYTiOyth8S2Dz_XE3TMEW7NA99wXtlhx0dbNdjSBoD3KOWTQnmi_fb3dvL0HFotv433clYIkq5RtfmyTyikbMIACGnxWNEOY5rkUTLLh7kje-2LbI_QGBKTDHXjPETsnAhZR_uykHnQo8RYpVk0uaOF9V9gbxf3LaMv_GS8eEfTxvddsHT3ZmQjnmju98r2OvxkwWlxKxw9GlelKGilRAx0IqZZ9eL18SJSuBxkfo0Yw-fpfZZA7kgXO2HOtLNHsOp9zdDEVtqxDd2HHbvlc0QwMZ85kixsW75wPq1h1FUgb-RAzqI68G2SVnsXmEaNgnG39_nL2a0bsOtpQdoMI28kdhnL3YzhgXQIUkDWmDHw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 15 May 2023 06:34:25 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Mon, 15 May 2023 06:34:25 GMT
tap.php
pixel.rubiconproject.com/ Frame 291C
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-32LoxSxjaKR31hxSLgOEzwjOCcYAhek6N8pCZQ&expires=30
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CYlkSPF0jqCnL3YUdj3%2Fs9DEsNmT3rgr08ridTeHhEq4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2gFWAbcleS0YYn8MLHHNtwWGFCevxDI6sVIw6zJZ134MKZaDldNsSbgzXEoJSo_vJ_4v6gZ-iiY30Q-wmbYHMrDz63RtBOHoQgi-y03Cjh7JsTOVIO5fIRjAvy_vEl23_fiaD_ETxNNah9Dg9j8thKFmmiXyw-m-7tNYw1mu4J8fVMVYetJDfkIlqhIHXK3XA7GHx6YIDpS0IrjODWlJASBCg9TcuhNoVFDzhoGYCtP_TYTiOyth8S2Dz_XE3TMEW7NA99wXtlhx0dbNdjSBoD3KOWTQnmi_fb3dvL0HFotv433clYIkq5RtfmyTyikbMIACGnxWNEOY5rkUTLLh7kje-2LbI_QGBKTDHXjPETsnAhZR_uykHnQo8RYpVk0uaOF9V9gbxf3LaMv_GS8eEfTxvddsHT3ZmQjnmju98r2OvxkwWlxKxw9GlelKGilRAx0IqZZ9eL18SJSuBxkfo0Yw-fpfZZA7kgXO2HOtLNHsOp9zdDEVtqxDd2HHbvlc0QwMZ85kixsW75wPq1h1FUgb-RAzqI68G2SVnsXmEaNgnG39_nL2a0bsOtpQdoMI28kdhnL3YzhgXQIUkDWmDHw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
match.sharethrough.com/sync/ Frame 291C
0
361 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-F9dbfixjaKR31hxSLgOEzwjOCcZ0hRHy96QLmA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CYlkSPF0jqCnL3YUdj3%2Fs9DEsNmT3rgr08ridTeHhEq4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2gFWAbcleS0YYn8MLHHNtwWGFCevxDI6sVIw6zJZ134MKZaDldNsSbgzXEoJSo_vJ_4v6gZ-iiY30Q-wmbYHMrDz63RtBOHoQgi-y03Cjh7JsTOVIO5fIRjAvy_vEl23_fiaD_ETxNNah9Dg9j8thKFmmiXyw-m-7tNYw1mu4J8fVMVYetJDfkIlqhIHXK3XA7GHx6YIDpS0IrjODWlJASBCg9TcuhNoVFDzhoGYCtP_TYTiOyth8S2Dz_XE3TMEW7NA99wXtlhx0dbNdjSBoD3KOWTQnmi_fb3dvL0HFotv433clYIkq5RtfmyTyikbMIACGnxWNEOY5rkUTLLh7kje-2LbI_QGBKTDHXjPETsnAhZR_uykHnQo8RYpVk0uaOF9V9gbxf3LaMv_GS8eEfTxvddsHT3ZmQjnmju98r2OvxkwWlxKxw9GlelKGilRAx0IqZZ9eL18SJSuBxkfo0Yw-fpfZZA7kgXO2HOtLNHsOp9zdDEVtqxDd2HHbvlc0QwMZ85kixsW75wPq1h1FUgb-RAzqI68G2SVnsXmEaNgnG39_nL2a0bsOtpQdoMI28kdhnL3YzhgXQIUkDWmDHw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.66.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-66-197.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:25 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 291C
43 B
163 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-HaOMAyxjaKR31hxSLgOEzwjOCcZ7hi1NchX1jw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CYlkSPF0jqCnL3YUdj3%2Fs9DEsNmT3rgr08ridTeHhEq4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2gFWAbcleS0YYn8MLHHNtwWGFCevxDI6sVIw6zJZ134MKZaDldNsSbgzXEoJSo_vJ_4v6gZ-iiY30Q-wmbYHMrDz63RtBOHoQgi-y03Cjh7JsTOVIO5fIRjAvy_vEl23_fiaD_ETxNNah9Dg9j8thKFmmiXyw-m-7tNYw1mu4J8fVMVYetJDfkIlqhIHXK3XA7GHx6YIDpS0IrjODWlJASBCg9TcuhNoVFDzhoGYCtP_TYTiOyth8S2Dz_XE3TMEW7NA99wXtlhx0dbNdjSBoD3KOWTQnmi_fb3dvL0HFotv433clYIkq5RtfmyTyikbMIACGnxWNEOY5rkUTLLh7kje-2LbI_QGBKTDHXjPETsnAhZR_uykHnQo8RYpVk0uaOF9V9gbxf3LaMv_GS8eEfTxvddsHT3ZmQjnmju98r2OvxkwWlxKxw9GlelKGilRAx0IqZZ9eL18SJSuBxkfo0Yw-fpfZZA7kgXO2HOtLNHsOp9zdDEVtqxDd2HHbvlc0QwMZ85kixsW75wPq1h1FUgb-RAzqI68G2SVnsXmEaNgnG39_nL2a0bsOtpQdoMI28kdhnL3YzhgXQIUkDWmDHw
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:25 GMT
transfer-encoding
chunked
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 291C
0
99 B
Image
General
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-TE2RRixjaKR31hxSLgOEzwjOCcYWI-qPeXqwAA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CYlkSPF0jqCnL3YUdj3%2Fs9DEsNmT3rgr08ridTeHhEq4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2gFWAbcleS0YYn8MLHHNtwWGFCevxDI6sVIw6zJZ134MKZaDldNsSbgzXEoJSo_vJ_4v6gZ-iiY30Q-wmbYHMrDz63RtBOHoQgi-y03Cjh7JsTOVIO5fIRjAvy_vEl23_fiaD_ETxNNah9Dg9j8thKFmmiXyw-m-7tNYw1mu4J8fVMVYetJDfkIlqhIHXK3XA7GHx6YIDpS0IrjODWlJASBCg9TcuhNoVFDzhoGYCtP_TYTiOyth8S2Dz_XE3TMEW7NA99wXtlhx0dbNdjSBoD3KOWTQnmi_fb3dvL0HFotv433clYIkq5RtfmyTyikbMIACGnxWNEOY5rkUTLLh7kje-2LbI_QGBKTDHXjPETsnAhZR_uykHnQo8RYpVk0uaOF9V9gbxf3LaMv_GS8eEfTxvddsHT3ZmQjnmju98r2OvxkwWlxKxw9GlelKGilRAx0IqZZ9eL18SJSuBxkfo0Yw-fpfZZA7kgXO2HOtLNHsOp9zdDEVtqxDd2HHbvlc0QwMZ85kixsW75wPq1h1FUgb-RAzqI68G2SVnsXmEaNgnG39_nL2a0bsOtpQdoMI28kdhnL3YzhgXQIUkDWmDHw
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:25 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12674
um
criteo-sync.teads.tv/ Frame 291C
23 B
172 B
Image
General
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-YrhkGyxjaKR31hxSLgOEzwjOCcb-DRHQVS3aOw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CYlkSPF0jqCnL3YUdj3%2Fs9DEsNmT3rgr08ridTeHhEq4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2gFWAbcleS0YYn8MLHHNtwWGFCevxDI6sVIw6zJZ134MKZaDldNsSbgzXEoJSo_vJ_4v6gZ-iiY30Q-wmbYHMrDz63RtBOHoQgi-y03Cjh7JsTOVIO5fIRjAvy_vEl23_fiaD_ETxNNah9Dg9j8thKFmmiXyw-m-7tNYw1mu4J8fVMVYetJDfkIlqhIHXK3XA7GHx6YIDpS0IrjODWlJASBCg9TcuhNoVFDzhoGYCtP_TYTiOyth8S2Dz_XE3TMEW7NA99wXtlhx0dbNdjSBoD3KOWTQnmi_fb3dvL0HFotv433clYIkq5RtfmyTyikbMIACGnxWNEOY5rkUTLLh7kje-2LbI_QGBKTDHXjPETsnAhZR_uykHnQo8RYpVk0uaOF9V9gbxf3LaMv_GS8eEfTxvddsHT3ZmQjnmju98r2OvxkwWlxKxw9GlelKGilRAx0IqZZ9eL18SJSuBxkfo0Yw-fpfZZA7kgXO2HOtLNHsOp9zdDEVtqxDd2HHbvlc0QwMZ85kixsW75wPq1h1FUgb-RAzqI68G2SVnsXmEaNgnG39_nL2a0bsOtpQdoMI28kdhnL3YzhgXQIUkDWmDHw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-35-84.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

expires
Mon, 15 May 2023 06:34:25 GMT
pragma
no-cache
date
Mon, 15 May 2023 06:34:25 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif
xuid
eb2.3lift.com/ Frame 291C
37 B
140 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-4teHtyxjaKR31hxSLgOEzwjOCcZljWA-fX2-ww&dongle=013b
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CYlkSPF0jqCnL3YUdj3%2Fs9DEsNmT3rgr08ridTeHhEq4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2gFWAbcleS0YYn8MLHHNtwWGFCevxDI6sVIw6zJZ134MKZaDldNsSbgzXEoJSo_vJ_4v6gZ-iiY30Q-wmbYHMrDz63RtBOHoQgi-y03Cjh7JsTOVIO5fIRjAvy_vEl23_fiaD_ETxNNah9Dg9j8thKFmmiXyw-m-7tNYw1mu4J8fVMVYetJDfkIlqhIHXK3XA7GHx6YIDpS0IrjODWlJASBCg9TcuhNoVFDzhoGYCtP_TYTiOyth8S2Dz_XE3TMEW7NA99wXtlhx0dbNdjSBoD3KOWTQnmi_fb3dvL0HFotv433clYIkq5RtfmyTyikbMIACGnxWNEOY5rkUTLLh7kje-2LbI_QGBKTDHXjPETsnAhZR_uykHnQo8RYpVk0uaOF9V9gbxf3LaMv_GS8eEfTxvddsHT3ZmQjnmju98r2OvxkwWlxKxw9GlelKGilRAx0IqZZ9eL18SJSuBxkfo0Yw-fpfZZA7kgXO2HOtLNHsOp9zdDEVtqxDd2HHbvlc0QwMZ85kixsW75wPq1h1FUgb-RAzqI68G2SVnsXmEaNgnG39_nL2a0bsOtpQdoMI28kdhnL3YzhgXQIUkDWmDHw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync
ups.analytics.yahoo.com/ups/58301/ Frame 291C
0
323 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-UBpLQyxjaKR31hxSLgOEzwjOCcbPte7ICvRGcw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CYlkSPF0jqCnL3YUdj3%2Fs9DEsNmT3rgr08ridTeHhEq4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2gFWAbcleS0YYn8MLHHNtwWGFCevxDI6sVIw6zJZ134MKZaDldNsSbgzXEoJSo_vJ_4v6gZ-iiY30Q-wmbYHMrDz63RtBOHoQgi-y03Cjh7JsTOVIO5fIRjAvy_vEl23_fiaD_ETxNNah9Dg9j8thKFmmiXyw-m-7tNYw1mu4J8fVMVYetJDfkIlqhIHXK3XA7GHx6YIDpS0IrjODWlJASBCg9TcuhNoVFDzhoGYCtP_TYTiOyth8S2Dz_XE3TMEW7NA99wXtlhx0dbNdjSBoD3KOWTQnmi_fb3dvL0HFotv433clYIkq5RtfmyTyikbMIACGnxWNEOY5rkUTLLh7kje-2LbI_QGBKTDHXjPETsnAhZR_uykHnQo8RYpVk0uaOF9V9gbxf3LaMv_GS8eEfTxvddsHT3ZmQjnmju98r2OvxkwWlxKxw9GlelKGilRAx0IqZZ9eL18SJSuBxkfo0Yw-fpfZZA7kgXO2HOtLNHsOp9zdDEVtqxDd2HHbvlc0QwMZ85kixsW75wPq1h1FUgb-RAzqI68G2SVnsXmEaNgnG39_nL2a0bsOtpQdoMI28kdhnL3YzhgXQIUkDWmDHw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:25 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.adform.net/ Frame 291C
43 B
162 B
Image
General
Full URL
https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-_qk7OixjaKR31hxSLgOEzwjOCcZy5dXE6mLfog
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CYlkSPF0jqCnL3YUdj3%2Fs9DEsNmT3rgr08ridTeHhEq4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2gFWAbcleS0YYn8MLHHNtwWGFCevxDI6sVIw6zJZ134MKZaDldNsSbgzXEoJSo_vJ_4v6gZ-iiY30Q-wmbYHMrDz63RtBOHoQgi-y03Cjh7JsTOVIO5fIRjAvy_vEl23_fiaD_ETxNNah9Dg9j8thKFmmiXyw-m-7tNYw1mu4J8fVMVYetJDfkIlqhIHXK3XA7GHx6YIDpS0IrjODWlJASBCg9TcuhNoVFDzhoGYCtP_TYTiOyth8S2Dz_XE3TMEW7NA99wXtlhx0dbNdjSBoD3KOWTQnmi_fb3dvL0HFotv433clYIkq5RtfmyTyikbMIACGnxWNEOY5rkUTLLh7kje-2LbI_QGBKTDHXjPETsnAhZR_uykHnQo8RYpVk0uaOF9V9gbxf3LaMv_GS8eEfTxvddsHT3ZmQjnmju98r2OvxkwWlxKxw9GlelKGilRAx0IqZZ9eL18SJSuBxkfo0Yw-fpfZZA7kgXO2HOtLNHsOp9zdDEVtqxDd2HHbvlc0QwMZ85kixsW75wPq1h1FUgb-RAzqI68G2SVnsXmEaNgnG39_nL2a0bsOtpQdoMI28kdhnL3YzhgXQIUkDWmDHw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:25 GMT
last-modified
Wed, 17 Apr 2019 14:00:27 GMT
server
nginx
accept-ranges
bytes
etag
"5cb7317b-2b"
content-length
43
content-type
image/gif
sync
visitor.omnitagjs.com/visitor/ Frame 291C
49 B
235 B
Image
General
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-zKKGsixjaKR31hxSLgOEzwjOCcYlq85KBkT2cQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CYlkSPF0jqCnL3YUdj3%2Fs9DEsNmT3rgr08ridTeHhEq4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2gFWAbcleS0YYn8MLHHNtwWGFCevxDI6sVIw6zJZ134MKZaDldNsSbgzXEoJSo_vJ_4v6gZ-iiY30Q-wmbYHMrDz63RtBOHoQgi-y03Cjh7JsTOVIO5fIRjAvy_vEl23_fiaD_ETxNNah9Dg9j8thKFmmiXyw-m-7tNYw1mu4J8fVMVYetJDfkIlqhIHXK3XA7GHx6YIDpS0IrjODWlJASBCg9TcuhNoVFDzhoGYCtP_TYTiOyth8S2Dz_XE3TMEW7NA99wXtlhx0dbNdjSBoD3KOWTQnmi_fb3dvL0HFotv433clYIkq5RtfmyTyikbMIACGnxWNEOY5rkUTLLh7kje-2LbI_QGBKTDHXjPETsnAhZR_uykHnQo8RYpVk0uaOF9V9gbxf3LaMv_GS8eEfTxvddsHT3ZmQjnmju98r2OvxkwWlxKxw9GlelKGilRAx0IqZZ9eL18SJSuBxkfo0Yw-fpfZZA7kgXO2HOtLNHsOp9zdDEVtqxDd2HHbvlc0QwMZ85kixsW75wPq1h1FUgb-RAzqI68G2SVnsXmEaNgnG39_nL2a0bsOtpQdoMI28kdhnL3YzhgXQIUkDWmDHw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.152 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:25 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
5
content-length
49
expires
0
rum
r.casalemedia.com/ Frame 291C
43 B
632 B
Image
General
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-8Hid_CxjaKR31hxSLgOEzwjOCcbb1zJe6iRRRg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CYlkSPF0jqCnL3YUdj3%2Fs9DEsNmT3rgr08ridTeHhEq4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2gFWAbcleS0YYn8MLHHNtwWGFCevxDI6sVIw6zJZ134MKZaDldNsSbgzXEoJSo_vJ_4v6gZ-iiY30Q-wmbYHMrDz63RtBOHoQgi-y03Cjh7JsTOVIO5fIRjAvy_vEl23_fiaD_ETxNNah9Dg9j8thKFmmiXyw-m-7tNYw1mu4J8fVMVYetJDfkIlqhIHXK3XA7GHx6YIDpS0IrjODWlJASBCg9TcuhNoVFDzhoGYCtP_TYTiOyth8S2Dz_XE3TMEW7NA99wXtlhx0dbNdjSBoD3KOWTQnmi_fb3dvL0HFotv433clYIkq5RtfmyTyikbMIACGnxWNEOY5rkUTLLh7kje-2LbI_QGBKTDHXjPETsnAhZR_uykHnQo8RYpVk0uaOF9V9gbxf3LaMv_GS8eEfTxvddsHT3ZmQjnmju98r2OvxkwWlxKxw9GlelKGilRAx0IqZZ9eL18SJSuBxkfo0Yw-fpfZZA7kgXO2HOtLNHsOp9zdDEVtqxDd2HHbvlc0QwMZ85kixsW75wPq1h1FUgb-RAzqI68G2SVnsXmEaNgnG39_nL2a0bsOtpQdoMI28kdhnL3YzhgXQIUkDWmDHw
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 06:34:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0
demconf.jpg
dpm.demdex.net/ Frame 291C
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=nxlCssJyZLBoR4ixkEX4zKbMzTGW77b9
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=nxlCssJyZLBoR4ixkEX4zKbMzTGW77b9
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=nxlCssJyZLBoR4ixkEX4zKbMzTGW77b9
Protocol
HTTP/1.1
Server
52.49.215.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-215-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v048-08ae13595.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
mmJAgXQTQMk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v048-0ec12bf84.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
Acgp4K6BTgI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=nxlCssJyZLBoR4ixkEX4zKbMzTGW77b9
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
9.gif
id5-sync.com/s/966/ Frame 291C
43 B
1 KB
Image
General
Full URL
https://id5-sync.com/s/966/9.gif?puid=k-M-MdFCxjaKR31hxSLgOEzwjOCcbI7bIR6eQavw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CYlkSPF0jqCnL3YUdj3%2Fs9DEsNmT3rgr08ridTeHhEq4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2gFWAbcleS0YYn8MLHHNtwWGFCevxDI6sVIw6zJZ134MKZaDldNsSbgzXEoJSo_vJ_4v6gZ-iiY30Q-wmbYHMrDz63RtBOHoQgi-y03Cjh7JsTOVIO5fIRjAvy_vEl23_fiaD_ETxNNah9Dg9j8thKFmmiXyw-m-7tNYw1mu4J8fVMVYetJDfkIlqhIHXK3XA7GHx6YIDpS0IrjODWlJASBCg9TcuhNoVFDzhoGYCtP_TYTiOyth8S2Dz_XE3TMEW7NA99wXtlhx0dbNdjSBoD3KOWTQnmi_fb3dvL0HFotv433clYIkq5RtfmyTyikbMIACGnxWNEOY5rkUTLLh7kje-2LbI_QGBKTDHXjPETsnAhZR_uykHnQo8RYpVk0uaOF9V9gbxf3LaMv_GS8eEfTxvddsHT3ZmQjnmju98r2OvxkwWlxKxw9GlelKGilRAx0IqZZ9eL18SJSuBxkfo0Yw-fpfZZA7kgXO2HOtLNHsOp9zdDEVtqxDd2HHbvlc0QwMZ85kixsW75wPq1h1FUgb-RAzqI68G2SVnsXmEaNgnG39_nL2a0bsOtpQdoMI28kdhnL3YzhgXQIUkDWmDHw
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Mon, 15 May 2023 06:34:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
match
ad.360yield.com/ Frame 291C
43 B
449 B
Image
General
Full URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-8kAgYyxjaKR31hxSLgOEzwjOCcZ_DXZ4BvqDlA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CYlkSPF0jqCnL3YUdj3%2Fs9DEsNmT3rgr08ridTeHhEq4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2gFWAbcleS0YYn8MLHHNtwWGFCevxDI6sVIw6zJZ134MKZaDldNsSbgzXEoJSo_vJ_4v6gZ-iiY30Q-wmbYHMrDz63RtBOHoQgi-y03Cjh7JsTOVIO5fIRjAvy_vEl23_fiaD_ETxNNah9Dg9j8thKFmmiXyw-m-7tNYw1mu4J8fVMVYetJDfkIlqhIHXK3XA7GHx6YIDpS0IrjODWlJASBCg9TcuhNoVFDzhoGYCtP_TYTiOyth8S2Dz_XE3TMEW7NA99wXtlhx0dbNdjSBoD3KOWTQnmi_fb3dvL0HFotv433clYIkq5RtfmyTyikbMIACGnxWNEOY5rkUTLLh7kje-2LbI_QGBKTDHXjPETsnAhZR_uykHnQo8RYpVk0uaOF9V9gbxf3LaMv_GS8eEfTxvddsHT3ZmQjnmju98r2OvxkwWlxKxw9GlelKGilRAx0IqZZ9eL18SJSuBxkfo0Yw-fpfZZA7kgXO2HOtLNHsOp9zdDEVtqxDd2HHbvlc0QwMZ85kixsW75wPq1h1FUgb-RAzqI68G2SVnsXmEaNgnG39_nL2a0bsOtpQdoMI28kdhnL3YzhgXQIUkDWmDHw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.34.128.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-128-152.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 15 May 2023 06:34:25 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
matching.ivitrack.com/ Frame 291C
42 B
274 B
Image
General
Full URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-UkC9WixjaKR31hxSLgOEzwjOCcYHbKSwupAYcA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CYlkSPF0jqCnL3YUdj3%2Fs9DEsNmT3rgr08ridTeHhEq4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2gFWAbcleS0YYn8MLHHNtwWGFCevxDI6sVIw6zJZ134MKZaDldNsSbgzXEoJSo_vJ_4v6gZ-iiY30Q-wmbYHMrDz63RtBOHoQgi-y03Cjh7JsTOVIO5fIRjAvy_vEl23_fiaD_ETxNNah9Dg9j8thKFmmiXyw-m-7tNYw1mu4J8fVMVYetJDfkIlqhIHXK3XA7GHx6YIDpS0IrjODWlJASBCg9TcuhNoVFDzhoGYCtP_TYTiOyth8S2Dz_XE3TMEW7NA99wXtlhx0dbNdjSBoD3KOWTQnmi_fb3dvL0HFotv433clYIkq5RtfmyTyikbMIACGnxWNEOY5rkUTLLh7kje-2LbI_QGBKTDHXjPETsnAhZR_uykHnQo8RYpVk0uaOF9V9gbxf3LaMv_GS8eEfTxvddsHT3ZmQjnmju98r2OvxkwWlxKxw9GlelKGilRAx0IqZZ9eL18SJSuBxkfo0Yw-fpfZZA7kgXO2HOtLNHsOp9zdDEVtqxDd2HHbvlc0QwMZ85kixsW75wPq1h1FUgb-RAzqI68G2SVnsXmEaNgnG39_nL2a0bsOtpQdoMI28kdhnL3YzhgXQIUkDWmDHw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.157.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:25 GMT
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
public, max-age=86400
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
push
exchange.mediavine.com/usersync/ Frame 291C
0
885 B
Image
General
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-cXu4fCxjaKR31hxSLgOEzwjOCcZGmhDSGgiRzQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CYlkSPF0jqCnL3YUdj3%2Fs9DEsNmT3rgr08ridTeHhEq4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2gFWAbcleS0YYn8MLHHNtwWGFCevxDI6sVIw6zJZ134MKZaDldNsSbgzXEoJSo_vJ_4v6gZ-iiY30Q-wmbYHMrDz63RtBOHoQgi-y03Cjh7JsTOVIO5fIRjAvy_vEl23_fiaD_ETxNNah9Dg9j8thKFmmiXyw-m-7tNYw1mu4J8fVMVYetJDfkIlqhIHXK3XA7GHx6YIDpS0IrjODWlJASBCg9TcuhNoVFDzhoGYCtP_TYTiOyth8S2Dz_XE3TMEW7NA99wXtlhx0dbNdjSBoD3KOWTQnmi_fb3dvL0HFotv433clYIkq5RtfmyTyikbMIACGnxWNEOY5rkUTLLh7kje-2LbI_QGBKTDHXjPETsnAhZR_uykHnQo8RYpVk0uaOF9V9gbxf3LaMv_GS8eEfTxvddsHT3ZmQjnmju98r2OvxkwWlxKxw9GlelKGilRAx0IqZZ9eL18SJSuBxkfo0Yw-fpfZZA7kgXO2HOtLNHsOp9zdDEVtqxDd2HHbvlc0QwMZ85kixsW75wPq1h1FUgb-RAzqI68G2SVnsXmEaNgnG39_nL2a0bsOtpQdoMI28kdhnL3YzhgXQIUkDWmDHw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.167.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-167-241.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:25 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
cookie-sync
sync.outbrain.com/ Frame 291C
0
145 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-ErM5nixjaKR31hxSLgOEzwjOCcY_6-2S-vmWgQ&initiator=partner
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CYlkSPF0jqCnL3YUdj3%2Fs9DEsNmT3rgr08ridTeHhEq4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2gFWAbcleS0YYn8MLHHNtwWGFCevxDI6sVIw6zJZ134MKZaDldNsSbgzXEoJSo_vJ_4v6gZ-iiY30Q-wmbYHMrDz63RtBOHoQgi-y03Cjh7JsTOVIO5fIRjAvy_vEl23_fiaD_ETxNNah9Dg9j8thKFmmiXyw-m-7tNYw1mu4J8fVMVYetJDfkIlqhIHXK3XA7GHx6YIDpS0IrjODWlJASBCg9TcuhNoVFDzhoGYCtP_TYTiOyth8S2Dz_XE3TMEW7NA99wXtlhx0dbNdjSBoD3KOWTQnmi_fb3dvL0HFotv433clYIkq5RtfmyTyikbMIACGnxWNEOY5rkUTLLh7kje-2LbI_QGBKTDHXjPETsnAhZR_uykHnQo8RYpVk0uaOF9V9gbxf3LaMv_GS8eEfTxvddsHT3ZmQjnmju98r2OvxkwWlxKxw9GlelKGilRAx0IqZZ9eL18SJSuBxkfo0Yw-fpfZZA7kgXO2HOtLNHsOp9zdDEVtqxDd2HHbvlc0QwMZ85kixsW75wPq1h1FUgb-RAzqI68G2SVnsXmEaNgnG39_nL2a0bsOtpQdoMI28kdhnL3YzhgXQIUkDWmDHw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Mon, 15 May 2023 06:34:25 GMT
Cache-Control
no-cache
X-TraceId
b4879fa38bbede28c87e5dbfb9240443
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 291C
42 B
582 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-rOgF1SxjaKR31hxSLgOEzwjOCcbtro3NqbCvNA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CYlkSPF0jqCnL3YUdj3%2Fs9DEsNmT3rgr08ridTeHhEq4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2gFWAbcleS0YYn8MLHHNtwWGFCevxDI6sVIw6zJZ134MKZaDldNsSbgzXEoJSo_vJ_4v6gZ-iiY30Q-wmbYHMrDz63RtBOHoQgi-y03Cjh7JsTOVIO5fIRjAvy_vEl23_fiaD_ETxNNah9Dg9j8thKFmmiXyw-m-7tNYw1mu4J8fVMVYetJDfkIlqhIHXK3XA7GHx6YIDpS0IrjODWlJASBCg9TcuhNoVFDzhoGYCtP_TYTiOyth8S2Dz_XE3TMEW7NA99wXtlhx0dbNdjSBoD3KOWTQnmi_fb3dvL0HFotv433clYIkq5RtfmyTyikbMIACGnxWNEOY5rkUTLLh7kje-2LbI_QGBKTDHXjPETsnAhZR_uykHnQo8RYpVk0uaOF9V9gbxf3LaMv_GS8eEfTxvddsHT3ZmQjnmju98r2OvxkwWlxKxw9GlelKGilRAx0IqZZ9eL18SJSuBxkfo0Yw-fpfZZA7kgXO2HOtLNHsOp9zdDEVtqxDd2HHbvlc0QwMZ85kixsW75wPq1h1FUgb-RAzqI68G2SVnsXmEaNgnG39_nL2a0bsOtpQdoMI28kdhnL3YzhgXQIUkDWmDHw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 15 May 2023 06:34:25 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
criteo-partners.tremorhub.com/ Frame 291C
43 B
400 B
Image
General
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-ODoT7ixjaKR31hxSLgOEzwjOCcZBAdH9A5qvRw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CYlkSPF0jqCnL3YUdj3%2Fs9DEsNmT3rgr08ridTeHhEq4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2gFWAbcleS0YYn8MLHHNtwWGFCevxDI6sVIw6zJZ134MKZaDldNsSbgzXEoJSo_vJ_4v6gZ-iiY30Q-wmbYHMrDz63RtBOHoQgi-y03Cjh7JsTOVIO5fIRjAvy_vEl23_fiaD_ETxNNah9Dg9j8thKFmmiXyw-m-7tNYw1mu4J8fVMVYetJDfkIlqhIHXK3XA7GHx6YIDpS0IrjODWlJASBCg9TcuhNoVFDzhoGYCtP_TYTiOyth8S2Dz_XE3TMEW7NA99wXtlhx0dbNdjSBoD3KOWTQnmi_fb3dvL0HFotv433clYIkq5RtfmyTyikbMIACGnxWNEOY5rkUTLLh7kje-2LbI_QGBKTDHXjPETsnAhZR_uykHnQo8RYpVk0uaOF9V9gbxf3LaMv_GS8eEfTxvddsHT3ZmQjnmju98r2OvxkwWlxKxw9GlelKGilRAx0IqZZ9eL18SJSuBxkfo0Yw-fpfZZA7kgXO2HOtLNHsOp9zdDEVtqxDd2HHbvlc0QwMZ85kixsW75wPq1h1FUgb-RAzqI68G2SVnsXmEaNgnG39_nL2a0bsOtpQdoMI28kdhnL3YzhgXQIUkDWmDHw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:d169:7838:8d4:d3a9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Mon, 15 May 2023 06:34:26 GMT
server
nginx
content-type
image/gif
getusermatch.php
a.twiago.com/rtb/ Frame 291C
43 B
153 B
Image
General
Full URL
https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-erJKaCxjaKR31hxSLgOEzwjOCcZxZB8AU3h1Lw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CYlkSPF0jqCnL3YUdj3%2Fs9DEsNmT3rgr08ridTeHhEq4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2gFWAbcleS0YYn8MLHHNtwWGFCevxDI6sVIw6zJZ134MKZaDldNsSbgzXEoJSo_vJ_4v6gZ-iiY30Q-wmbYHMrDz63RtBOHoQgi-y03Cjh7JsTOVIO5fIRjAvy_vEl23_fiaD_ETxNNah9Dg9j8thKFmmiXyw-m-7tNYw1mu4J8fVMVYetJDfkIlqhIHXK3XA7GHx6YIDpS0IrjODWlJASBCg9TcuhNoVFDzhoGYCtP_TYTiOyth8S2Dz_XE3TMEW7NA99wXtlhx0dbNdjSBoD3KOWTQnmi_fb3dvL0HFotv433clYIkq5RtfmyTyikbMIACGnxWNEOY5rkUTLLh7kje-2LbI_QGBKTDHXjPETsnAhZR_uykHnQo8RYpVk0uaOF9V9gbxf3LaMv_GS8eEfTxvddsHT3ZmQjnmju98r2OvxkwWlxKxw9GlelKGilRAx0IqZZ9eL18SJSuBxkfo0Yw-fpfZZA7kgXO2HOtLNHsOp9zdDEVtqxDd2HHbvlc0QwMZ85kixsW75wPq1h1FUgb-RAzqI68G2SVnsXmEaNgnG39_nL2a0bsOtpQdoMI28kdhnL3YzhgXQIUkDWmDHw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software
Apache / PHP/7.3.30
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 15 May 2023 06:34:25 GMT
server
Apache
x-powered-by
PHP/7.3.30
content-length
43
content-type
image/gif
m
ad.yieldlab.net/ Frame 291C
0
400 B
Image
General
Full URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-1hjblyxjaKR31hxSLgOEzwjOCcYsKJW9__YeoA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CYlkSPF0jqCnL3YUdj3%2Fs9DEsNmT3rgr08ridTeHhEq4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2gFWAbcleS0YYn8MLHHNtwWGFCevxDI6sVIw6zJZ134MKZaDldNsSbgzXEoJSo_vJ_4v6gZ-iiY30Q-wmbYHMrDz63RtBOHoQgi-y03Cjh7JsTOVIO5fIRjAvy_vEl23_fiaD_ETxNNah9Dg9j8thKFmmiXyw-m-7tNYw1mu4J8fVMVYetJDfkIlqhIHXK3XA7GHx6YIDpS0IrjODWlJASBCg9TcuhNoVFDzhoGYCtP_TYTiOyth8S2Dz_XE3TMEW7NA99wXtlhx0dbNdjSBoD3KOWTQnmi_fb3dvL0HFotv433clYIkq5RtfmyTyikbMIACGnxWNEOY5rkUTLLh7kje-2LbI_QGBKTDHXjPETsnAhZR_uykHnQo8RYpVk0uaOF9V9gbxf3LaMv_GS8eEfTxvddsHT3ZmQjnmju98r2OvxkwWlxKxw9GlelKGilRAx0IqZZ9eL18SJSuBxkfo0Yw-fpfZZA7kgXO2HOtLNHsOp9zdDEVtqxDd2HHbvlc0QwMZ85kixsW75wPq1h1FUgb-RAzqI68G2SVnsXmEaNgnG39_nL2a0bsOtpQdoMI28kdhnL3YzhgXQIUkDWmDHw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.215.16.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-16-120.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 06:34:25 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Sun, 14 May 2023 06:34:25 GMT
sync
sync-criteo.ads.yieldmo.com/ Frame 291C
0
38 B
Image
General
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-DjdMkixjaKR31hxSLgOEzwjOCcZaVwCzAz3hYg&pn_id=criteo&ext=1
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CYlkSPF0jqCnL3YUdj3%2Fs9DEsNmT3rgr08ridTeHhEq4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2gFWAbcleS0YYn8MLHHNtwWGFCevxDI6sVIw6zJZ134MKZaDldNsSbgzXEoJSo_vJ_4v6gZ-iiY30Q-wmbYHMrDz63RtBOHoQgi-y03Cjh7JsTOVIO5fIRjAvy_vEl23_fiaD_ETxNNah9Dg9j8thKFmmiXyw-m-7tNYw1mu4J8fVMVYetJDfkIlqhIHXK3XA7GHx6YIDpS0IrjODWlJASBCg9TcuhNoVFDzhoGYCtP_TYTiOyth8S2Dz_XE3TMEW7NA99wXtlhx0dbNdjSBoD3KOWTQnmi_fb3dvL0HFotv433clYIkq5RtfmyTyikbMIACGnxWNEOY5rkUTLLh7kje-2LbI_QGBKTDHXjPETsnAhZR_uykHnQo8RYpVk0uaOF9V9gbxf3LaMv_GS8eEfTxvddsHT3ZmQjnmju98r2OvxkwWlxKxw9GlelKGilRAx0IqZZ9eL18SJSuBxkfo0Yw-fpfZZA7kgXO2HOtLNHsOp9zdDEVtqxDd2HHbvlc0QwMZ85kixsW75wPq1h1FUgb-RAzqI68G2SVnsXmEaNgnG39_nL2a0bsOtpQdoMI28kdhnL3YzhgXQIUkDWmDHw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.13.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-13-171.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:26 GMT
content-length
0
multitracking
ghb.aplhb.adipolo.com/adunit/
0
232 B
XHR
General
Full URL
https://ghb.aplhb.adipolo.com/adunit/multitracking
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/x467814/hbw_master_741094_17335.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.173.226 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eqywj.katerionews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://eqywj.katerionews.com
Date
Mon, 15 May 2023 06:34:25 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
usermatch.gif
beacon.krxd.net/ Frame 291C
Redirect Chain
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=tTIqTmfV7jJ8WylCo5vJFCkJ2O9wVA7a
0
338 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=tTIqTmfV7jJ8WylCo5vJFCkJ2O9wVA7a
Protocol
H2
Server
3.248.4.155 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-4-155.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-served-by
beacon-n008-dub-prod.krxd.net
date
Mon, 15 May 2023 06:34:26 GMT
cache-control
private, no-cache, no-store
x-request-time
D=154 t=1684132466
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=tTIqTmfV7jJ8WylCo5vJFCkJ2O9wVA7a
date
Mon, 15 May 2023 06:34:25 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
825696
content-length
0
cs
s.thebrighttag.com/ Frame 291C
Redirect Chain
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=Oiy-4gLMC1AVNs8R1HX7aIW6FriYQVv7
35 B
268 B
Image
General
Full URL
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=Oiy-4gLMC1AVNs8R1HX7aIW6FriYQVv7
Protocol
H2
Server
3.138.71.54 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 06:34:26 GMT
x-bt-requestid
89b34650-f2ea-11ed-b5f7-0000ac17030f
server
nginx
content-type
image/gif
access-control-allow-origin
p3p
CP=NOI DSP COR NID
cache-control
private, must-revalidate
content-length
35
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=Oiy-4gLMC1AVNs8R1HX7aIW6FriYQVv7
date
Mon, 15 May 2023 06:34:25 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
938625
content-length
0
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame A89D
87 KB
28 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/not-for-prod/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eqywj.katerionews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:34:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:13:32 GMT
server
nginx
etag
W/"642e8d3c-15c1d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 16 May 2023 06:34:26 GMT
/
pebed.dm-event.net/ Frame 4871
15 B
363 B
XHR
General
Full URL
https://pebed.dm-event.net/
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.photon_vendor.4581297c3e0fb53a3eb4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.59 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed2.dm.gg
Software
edward-ed/2.2.2 /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Accept
application/json, text/plain, */*
Referer
https://geo.dailymotion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

Date
Mon, 15 May 2023 06:34:26 GMT
Server
edward-ed/2.2.2
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length
15

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/track/analytics/adcall.php?id_site=22469&id_format=24&id_device=1
Domain
waaw.to
URL
https://waaw.to/ad/api/popunder.js
Domain
waaw.to
URL
https://waaw.to/player/embed_player.php?vpn=1&vid=1
Domain
track1.aniview.com
URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=eqywj.katerionews.com&rs=eqywj.katerionews.com&sid=3380&t=1684132458&cip=185.213.155.146&sn=&tgt=1&osv=10&bv=113.0&brn=Chrome&wi=480&he=270&app=&AV_PUBLISHERID=5ef4bc022e79664d2b473869&test=&d64=457386a273d3c540db849c51b6a3ba15&d63=457386a273d3c540db849c51b6a3ba15&aafaid=&proto=https&uid=1684132458537-966106332148-001204-005-006940&cha=0.05&stagid=&stplid=&d35=&d36=6.2.98&cb=70628946280&d39=&d65=&d66=&d73=&apppkg=&d9=0000&d37=realtime&AV_WIDTH=480&AV_HEIGHT=270

Verdicts & Comments Add Verdict or Comment

136 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 boolean| credentialless function| $ function| jQuery object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate object| wp function| wpAutoTermsDomReady object| icwp_wpsf_vars_lpantibot object| iCWP_WPSF_LoginGuard_Gasp function| create_pixel_ad_sw function| getRandomInt function| insert_script_js function| insert_stylesheet_css function| insert_check_script_sw string| content_script_dar function| insertAfter function| sw_script_async function| seq function| scriptsDone function| insertScript function| runScripts object| sw_script_passback_type undefined| sw_stop_stats string| domaine_sw boolean| sw_stats_video string| sw_consent_string object| swv object| wpcf7 object| sm_tag_tag_5f40f04e-17fa-49cf-ae12-28a8f5bc005c object| googletag object| gptAdSlots object| interstitialSlot undefined| staticSlot object| anchorSlot object| vmpbjs object| vpb object| adipolo object| time object| apstag object| vmpbjsChunk object| _pbjsGlobals string| nobidVersion object| nobid object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator object| google_js_reporting_queue function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent boolean| apstagLOADED object| apscustom object| _aps object| ggeac object| google_tag_data object| _dmpesplayer function| _dmDynamicImportPolyfill object| dailymotion undefined| google_measure_js_timing object| google_reactive_ads_global_state object| Criteo string| config_corner_video_json boolean| sw_imp_corner_video object| canAutoplay object| closure_lm_639883 function| processGoogleToken object| googleToken object| googleIMState number| google_unique_id object| gaGlobal object| closure_lm_608955 object| playersAb function| NewSMPlayer object| google_ad_modifications object| google_prev_clients object| closure_lm_459241 object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_134 object| Criteo_prebid_134 object| sw_player_dm_x80idv5 object| event_noad object| GoogleGcLKhOms object| ADAGIO object| invibes object| realvu_aa_fifo object| realvu_aa number| boost_poll object| google_image_requests object| _ADAGIO

116 Cookies

Domain/Path Name / Value
.dailymotion.com/ Name: dmvk
Value: 6461d268b7b4a
.dailymotion.com/ Name: ts
Value: 953616
.dailymotion.com/ Name: v1st
Value: 57a8aa54-71c4-4cfe-af38-8243cd3a9029
eqywj.katerionews.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.katerionews.com/ Name: _pubcid
Value: ee1a010d-8556-44c4-9d35-d1bbfb9f456d
.prebid.a-mo.net/ Name: __amc
Value: 1_1684132456_1684132456
.spotxchange.com/ Name: audience
Value: 8434f3ec-f2ea-11ed-802b-1f932c7f0006
waaw.to/ Name: uid
Value: EfAyIx9QC36chYB*W4XTLTNl957kO6cp
.doubleclick.net/ Name: IDE
Value: AHWqTUnpz9deF38KZfbtHLouYex0h9Mhe4YKoExJiTjI6gMbMZE_LNXQLH3M-iBJpFc
.katerionews.com/ Name: __gpi
Value: UID=00000c15a859b47b:T=1684132457:RT=1684132457:S=ALNI_MZmx8bWl0OM1B6CUucaUW_qbJIgyA
.katerionews.com/ Name: __gads
Value: ID=ec0379141404ca4e-224b7ba3d4dd002d:T=1684132457:RT=1684132458:S=ALNI_MbbxTW3mlRQUeuppWxH8CvnxaQdlw
.aniview.com/ Name: aniC
Value:
.adnxs.com/ Name: uuid2
Value: 7062505060153592632
.csync.loopme.me/ Name: viewer_token
Value: d3a4721e-7984-4c0e-96f3-c849e4754319
.ads.stickyadstv.com/ Name: UID
Value: 6e7cdac7f718e1accf935222f35b498
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 709f027884222a00
.aniview.com/ Name: 1_C_200
Value: OPTOUT
sync.aniview.com/ Name: 1_C_200
Value: OPTOUT
.rubiconproject.com/ Name: khaos
Value: LHOGZFF0-6-K7O6
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qpZR+3J75SsD9b+8mjCvW7WQZ1rSld0tib5S2o5xJ+sO0L5awWL5rEw7RQXdHG6gNqIrbQLRWeIDyYbB5SW5XQ3xGZYjkQKTLSma+WVcS1g3g==
.yahoo.com/ Name: A3
Value: d=AQABBGzSYWQCEPXwj4osbiIobjUveB8n2sMFEgEBAQEjY2RrZOANyiMA_eMAAA&S=AQAAAnsVBW_GhVXBy_26B7fbLaQ
.casalemedia.com/ Name: CMID
Value: ZGHSbN7sFlbIJxRK63vT8QAA
.casalemedia.com/ Name: CMPS
Value: 5183
.casalemedia.com/ Name: CMPRO
Value: 5183
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2MjMxMTE2NwAyhPgMdcu9_Z3cfUtD8w2CvAAi8QYuJQAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_zslzmtoZmFiaGxkYmZgaWAKAKvNQj4QAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2MjMxMTE2NwAyhPgMdcu9_Z3cfUtD8w2CvAAi8QYuJQAAAA
.smartadserver.com/ Name: pid
Value: 1350542721399933549
.gumgum.com/ Name: vst
Value: e_25e8b37f-59b0-4390-af76-7cb7cbc85db8
.lijit.com/ Name: ljt_reader
Value: GpfKARZHWOPaTxP6RkGCnPoY
.servenobid.com/ Name: pid_312
Value: 7062505060153592632
.servenobid.com/ Name: pid_327
Value: ba596a21-f2cf-4506-b936-f44005f70ce3
.servenobid.com/ Name: pid_353
Value: 0000EEA
.bidswitch.net/ Name: tuuid
Value: e5064afa-f659-44cc-9f43-67174998427f
.bidswitch.net/ Name: c
Value: 1684132461
.bidswitch.net/ Name: tuuid_lu
Value: 1684132461
.servenobid.com/ Name: pid_324
Value: 5124322326444370326
.servenobid.com/ Name: pid_317
Value: 1350542721399933549
.servenobid.com/ Name: pid_333
Value: ZGHSbN7sFlbIJxRK63vT8QAAFD8AAAIB
.servenobid.com/ Name: pid_339
Value: y-CPALOV9E2uHOmrppWzfXortDSn3pxreeBpDNYhs-~A
.servenobid.com/ Name: pid_337
Value: y-CPALOV9E2uHOmrppWzfXortDSn3pxreeBpDNYhs-~A
.turn.com/ Name: uid
Value: 8201070212447686353
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-51b3b8b4-c9e4-3476-94aa-9949837be7a5
.servenobid.com/ Name: pid_309
Value: e_25e8b37f-59b0-4390-af76-7cb7cbc85db8
.openx.net/ Name: i
Value: 49e88efe-2e29-4d74-b3c9-1043b3e29b42|1684132461
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-faa4deea-7eb5-424d-b4ce-bd89ac87ac9a-003%22%2C%22nxtrdr%22%3Afalse%7D
.criteo.com/ Name: uid
Value: f284b9b8-f563-48be-83f6-e03a83c2b56a
.servenobid.com/ Name: pid_310
Value: GpfKARZHWOPaTxP6RkGCnPoY
.mathtag.com/ Name: uuid
Value: 8c7c6461-d26e-4000-8ddf-5ebda9ff0433
.servenobid.com/ Name: pid_346
Value: ua-51b3b8b4-c9e4-3476-94aa-9949837be7a5
.brand-display.com/ Name: _knxq_
Value: 38a5f184-94f7-c6b8-2393bdea.1684132461.0.1684132461.1684132461
.creativecdn.com/ Name: u
Value: CAlwCvVEjpTy5orMAo2m
.creativecdn.com/ Name: ts
Value: 1684132461
.go.sonobi.com/ Name: HAPLB8S
Value: s8755|ZGHSc
.360yield.com/ Name: tuuid
Value: 60214c66-21ed-45a3-a225-dbd78e0721fd
.360yield.com/ Name: tuuid_lu
Value: 1684132461
.smartadserver.com/ Name: csync
Value: 79:f284b9b8-f563-48be-83f6-e03a83c2b56a
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-faa4deea-7eb5-424d-b4ce-bd89ac87ac9a-003%22%7D
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZGHSbQAKHGEBrQBS
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.outbrain.com/ Name: obuid
Value: efe69f73-0fbc-44ac-902d-730475e28d28
.adnxs.com/ Name: icu
Value: ChgIqYdmEAoYAiACKAIw7aSHowY4AkACSAIQ7aSHowYYAQ..
.ipredictive.com/ Name: cu
Value: 1fe4df1f-79e7-424d-843e-a98874fd718b|1684132461508
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-9b39b16f-72b6-5a09-7ee3-43059088ebc4.AvWvseaN3SUPgmsPxz8SaXnGY1AiKGRNh%2BJTe6IvhEY
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Amzmxb3K2Wgl-40MFkIjrxLnVm5I.1iZ4VIUDevCOYU66XqgTvZNG2wgU%2FuxtXAvNgBN3JAA
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Amzmxb3K2Wgl-40MFkIjrxLnVm5I.1iZ4VIUDevCOYU66XqgTvZNG2wgU%2FuxtXAvNgBN3JAA
.zemanta.com/ Name: zuid
Value: SuLxhhGJAjRzb0rmI-7i
.linkedin.com/ Name: bcookie
Value: "v=2&1957e474-90ad-4f5b-8fd7-01a0c83544a8"
.linkedin.com/ Name: li_gc
Value: MTswOzE2ODQxMzI0NjE7MjswMjHTbM4BQVYRwlv7ivSe1R2KrB6+osJ99/n4hnm9/P1vAA==
.linkedin.com/ Name: lidc
Value: "b=OGST02:s=O:r=O:a=O:p=O:g=2935:u=1:x=1:i=1684132461:t=1684218861:v=2:sig=AQGq-CUQjuLwtDb0KXfoJB2YJvJn2Ru7"
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.amazon-adsystem.com/ Name: ad-id
Value: AyHf2LRhR0Uzm9fQL2uF_14
.dailymotion.com/ Name: usprivacy
Value: 1---
.bluekai.com/ Name: bku
Value: ikG99sluRVuZi1Gj
.bluekai.com/ Name: bkpa
Value: KJhz06+FQM9z9wOwDtdTIa5yaf/youN5Y0G+PuTng6pZRTqY1Fp600TffwpnqtqqFoAOU30K7+FSEy4h4EoHc7pLcIVXr6qm3oN6E5Ntd37FfhqC99aOx13acVdP2BaziN+4EvFwvy/0tvSpTbNYx1gn6J0naQsoiLrknvgpfXmAH7QEFyYnkCFaGAw3rDnJns4DWTZDO83T/oRrsOO3WfFZ7b21rODQ18wvUOhkgmASv0SNjdTKP6prM0pzXktRSyDSjl0doe+R1XTeGfDYsHNjiaX865iAUsPJFe6WuXVE4sKGhN6SZCHWBcZFf86d7yptf5bNU6DNIQFczUTs9/mUU5z=
.videocdnmetrika.com/ Name: _ym_uid
Value: 168413246333813388
.videocdnmetrika.com/ Name: _ym_d
Value: 1684132463
.videocdnmetrika.com/ Name: _ym_isad
Value: 2
mc.yandex.ru/ Name: yabs-sid
Value: 1057767751684132462
.yandex.ru/ Name: i
Value: BxQIs+CUe9MIP49ZvlP75GHdgVFIBOolSZxAcYdW+OqTfedgSKi1bCApJmDjGHVns/AHlJBML25DjqpB/ocq5n3pGyc=
.yandex.ru/ Name: yandexuid
Value: 9404921741684132462
.yandex.ru/ Name: yuidss
Value: 9404921741684132462
.yandex.ru/ Name: ymex
Value: 1715668462.yc.1684132462#1715668462.yrts.1684132462#1715668462.yrtsi.1684132462
.yandex.ru/ Name: bh
Value: KgI/MA==
.katerionews.com/ Name: cto_bundle
Value: VSnP619DSjNnZSUyQjYzR0x5T2dkTVYyU3FEVWdNcTk4ZyUyRm5zQ0NLWUVwMklhOG56UiUyQjkzc3ZuUGJxM2k0UVpZMTNZWDFqSTM5TmR0OWhkZUllNHRjVkgyTVFDZFgwTDZkWW5SZyUyRk10T1c2JTJGaDVIZ0pqZmZ2QXY3cUpGd0RqQzVqdUc4b1hpTGhpd0tSaHlNS3lzN2lLQm8ybE9RJTNEJTNE
.nrich.ai/ Name: _nauid
Value: 06b33fa9-49c5-4eed-9bf5-e2e39b957b79
.adnxs.com/ Name: anj
Value: dTM7k!M4/rCxrEQF']wIg2E?jEHb-d!A#FR.TSyx/AFZ3=0`_Q7RKAc74LMgi9$K'3ZbnI0k-`k[baNc6F<UY5tJI0[cBA>/%o0jT7qp5(j#iP(Md+>)fy+'i5OSv
match.sharethrough.com/ Name: AWSALBCORS
Value: 59eKBSuSLIsO71t2fUvLnXZ01LzcHxi0igXN+M18MH5lEDYAWJlyCYIJYCxF+Fq0ddkpAssOst9dB4E7PPrcbS7IiJ4ovyiK+Wz70U/fG+9Q959khEpaMfSZJfeV
.analytics.yahoo.com/ Name: IDSYNC
Value: "198o~2bni:18zh~2bni"
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.360yield.com/ Name: um
Value: !38,eOlo41XBPJzUji17drVOUJIzFkF9gvpcGSGkcT9jWl-nxu3qelDCcFjRn5fQZaAxGFQMJYBz,1691908465
.360yield.com/ Name: umeh
Value: !38,0,1746340465,-1
.media.net/ Name: visitor-id
Value: 3271340658395486000V10
.media.net/ Name: data-c-ts
Value: 1684132465
.media.net/ Name: data-c
Value: k-eTjjZyxjaKR31hxSLgOEzwjOCcYLhTaK37H3jw~~3
exchange.mediavine.com/ Name: mv_tokens
Value: %7B%22mv_uuid%22%3A%2289576ab0-f2ea-11ed-bdb2-af2abffd2a6d%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: mv_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%2289576ab0-f2ea-11ed-bdb2-af2abffd2a6d%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens
Value: %7B%22mv_uuid%22%3A%2289576ab0-f2ea-11ed-bdb2-af2abffd2a6d%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%2289576ab0-f2ea-11ed-bdb2-af2abffd2a6d%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: criteo
Value: %7B%22id%22%3A%22k-cXu4fCxjaKR31hxSLgOEzwjOCcZGmhDSGgiRzQ%22%2C%22version%22%3A%22criteo%22%7D
.bidr.io/ Name: bito
Value: AAD_GE7Iw6UAACAnIEAm2Q
.bidr.io/ Name: bitoIsSecure
Value: ok
.pubmatic.com/ Name: KRTBCOOKIE_97
Value: 3385-uid:k-rOgF1SxjaKR31hxSLgOEzwjOCcbtro3NqbCvNA&KRTB&23144-uid:k-rOgF1SxjaKR31hxSLgOEzwjOCcbtro3NqbCvNA&KRTB&23286-uid:k-rOgF1SxjaKR31hxSLgOEzwjOCcbtro3NqbCvNA&KRTB&23287-uid:k-rOgF1SxjaKR31hxSLgOEzwjOCcbtro3NqbCvNA
.pubmatic.com/ Name: PugT
Value: 1684132465
.demdex.net/ Name: demdex
Value: 43113080442855285053381134048597687181
.dpm.demdex.net/ Name: dpm
Value: 43113080442855285053381134048597687181
.krxd.net/ Name: _kuid_
Value: PjizQy82
.tremorhub.com/ Name: tvid
Value: 1c97d255ff3b47b7be13457143f070b1
.tremorhub.com/ Name: tv_UICR
Value: k-ODoT7ixjaKR31hxSLgOEzwjOCcZBAdH9A5qvRw

13 Console Messages

Source Level URL
Text
javascript error URL: https://eqywj.katerionews.com/hot-news/?data=def50200b88fb298bfdcbb13985392caadeea69cc9163d2d89d87f450889750e3bfb56035ec4e2111eb0a143e5518356fd126b9afbb5a8a98f15b33158b9af8b5ee836a7aede83ba293bdb6a2c035fdf20caeefaf7871fcccbf6f1c97f96e0c9b6c763f2ec5063cfa85421745ea8bcbb52badeb100bc1b134630ab4bd0a618db788936bd0a5b11ec39c5da4308d0b8af4b013f0924878aa551ffe16b3f44ce06af8cd0beacd80cf59db827d78a3494c5c499e6601713d50a49d3ebab03680c5171de8624e48e1c83ec3b4bf180dae94d608bacdcbfec645b027039a627cac1e01ae992ac4fef8e67872d46b90796ff5f6c152037d1130f2caf0ac9006cd5efbcbfbb07f1bdcf1126cf6ea286efd0719def7dbcec8940be246abc5206d1b347c96859983f2cb781ab95f7dcaf5e074dd85bf59d47c24391a21b5d1c8933943637af83eb14dbf964d882dd4a6445d4a227c7e9731d390f5a7c560dec7729a4146ae604e5a11cac1dee60d7ae2f40a2ae5d664583cfbb6e9aa2e0bd82c02d63a24c50484fe924ef1e07eaf6a91a3410fdebecea8a42dbdfae43e1adbe41679c8f0579fb14c9a0b86b6a0eb85f40e858aaf1ae920cc49480ffd59c37c3d1e5b28bb60e0ddaf1d65b81875660c9f08bec6402c997f4
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/track/analytics/adcall.php?id_site=22469&id_format=24&id_device=1' from origin 'https://eqywj.katerionews.com' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains multiple values 'https://eqywj.katerionews.com, https://eqywj.katerionews.com', but only one is allowed.
network error URL: https://prebid.smilewanted.com/track/analytics/adcall.php?id_site=22469&id_format=24&id_device=1
Message:
Failed to load resource: net::ERR_FAILED
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 464)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://commentsmodule.com/js/js.load.1.js?4487228859782182
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://geo.dailymotion.com/libs/player/xa2et.js(Line 56)
Message:
Allow attribute will take precedence over 'allowfullscreen'.
other warning URL: https://static1.dmcdn.net/playerv5/dmp.photon_player.10ae2b2d193ea2ccd438.js
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
network error URL: https://waaw.to/cdn-cgi/trace
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://testingmetriksbre.ru/netu.php(Line 3)
Message:
Unrecognized feature: 'bluetooth'.
other warning URL: https://testingmetriksbre.ru/netu.php(Line 3)
Message:
Unrecognized feature: 'document-domain'.
other warning URL: https://testingmetriksbre.ru/netu.php(Line 3)
Message:
Unrecognized feature: 'web-share'.
network error URL: https://cs.iqzone.com/e9d4ff858b5e32317e843f5ed11b2659.gif?puid=e_25e8b37f-59b0-4390-af76-7cb7cbc85db8&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diqz
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
other warning URL: https://acdn.adnxs.com/prebid/not-for-prod/prebid.js(Line 8)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
javascript warning URL: https://geo.dailymotion.com/player/xa2et.html?video=x80idv5&syndicationKey=273773&mute=true&ads_params=main
Message:
The resource https://imasdk.googleapis.com/js/sdkloader/ima3.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.twiago.com
a1fb36eb5e79c4c336a78c85999d0db3.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
ad.yieldlab.net
ads.eu.criteo.com
ads.pubmatic.com
ads.servenobid.com
ads.stickyadstv.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
ap.lijit.com
b1sync.zemanta.com
beacon.krxd.net
bh.contextweb.com
bidder.criteo.com
c.amazon-adsystem.com
cat.nl3.eu.criteo.com
cdn.jsdelivr.net
ce.lijit.com
cm.adform.net
cm.g.doubleclick.net
commentsmodule.com
contextual.media.net
creativecdn.com
criteo-partners.tremorhub.com
criteo-sync.teads.tv
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
cs.iqzone.com
csi.gstatic.com
csm.eu.criteo.net
csync.loopme.me
dis.criteo.com
dmp.brand-display.com
dmxleo.dailymotion.com
dns.google
dpm.demdex.net
dsp.nrich.ai
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eqywj.katerionews.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
geo.dailymotion.com
ghb.aplhb.adipolo.com
googleads.g.doubleclick.net
gov.aniview.com
gum.criteo.com
hbx.media.net
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
imasdk.googleapis.com
jscdn.greeter.me
katerionews.com
lb.eu-1-id5-sync.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matching.ivitrack.com
mc.yandex.ru
mug.criteo.com
odr.mookie1.com
onetag-sys.com
optimized-by.rubiconproject.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pebed.dm-event.net
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
player.adipolosolutions.com
player.adtelligent.com
player.aniview.com
player.aplhb.adipolo.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.smilewanted.com
proxy-045.dc3.dailymotion.com
pubads.g.doubleclick.net
public.servenobid.com
px.ads.linkedin.com
r.casalemedia.com
rr1---sn-5hneknes.googlevideo.com
rtb-csync.smartadserver.com
rtb.openx.net
s.amazon-adsystem.com
s.thebrighttag.com
s0.2mdn.net
script.4dex.io
search.spotxchange.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
serv-selectmedia.com
simage2.pubmatic.com
speedtest.dailymotion.com
ssbsync.smartadserver.com
ssp-sync.criteo.com
ssp.disqus.com
ssum-sec.casalemedia.com
st.pubmatic.com
stags.bluekai.com
static.criteo.net
static1.dmcdn.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.aniview.com
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tags-videos.smilewanted.com
tags.smilewanted.com
testingmetriksbre.ru
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
track-selectmedia.com
track1.aniview.com
u.openx.net
unpkg.com
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
vast.aniview.com
vendorlist.dmcdn.net
vid.vidoomy.com
video-ads.rubiconproject.com
videocdnmetrika.com
visitor.omnitagjs.com
vpaid.pubmatic.com
vpaid.vidoomy.com
waaw.to
widget.nl3.eu.criteo.com
wrappers.geoedge.be
www.dailymotion.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
x.bidswitch.net
prebid.smilewanted.com
track1.aniview.com
waaw.to
104.102.35.84
124.146.215.49
141.226.228.48
142.250.186.98
147.75.84.158
151.101.66.49
162.19.138.118
162.19.138.82
169.197.150.8
172.67.10.198
176.34.128.152
178.250.1.6
178.250.1.9
178.250.7.11
178.250.7.13
178.79.242.16
18.159.144.147
18.194.110.75
18.66.112.30
185.184.8.90
185.239.173.226
185.255.84.152
185.29.132.241
185.64.189.221
185.64.190.78
185.64.190.80
185.80.39.216
185.86.138.154
185.94.180.124
188.65.124.59
188.65.124.66
188.65.124.90
188.65.124.91
188.65.126.210
190.115.19.71
193.0.160.130
198.148.27.139
2.16.186.16
2.23.197.190
2001:4860:4860::8888
2001:678:cb4:bbbb::11
205.185.216.10
213.19.147.45
216.52.2.39
23.201.255.110
23.21.77.250
23.212.88.20
23.215.16.120
23.35.236.188
23.35.236.201
23.56.202.187
2600:1f18:612b:4280:d169:7838:8d4:d3a9
2600:9000:223e:8c00:2:d490:4d80:93a1
2600:9000:223f:e400:1f:4c18:bd40:93a1
2603:c020:400d:3000:f50:982a:7877:65bd
2606:4700:20::ac43:4bf1
2606:4700:3033::ac43:8aeb
2606:4700:3037::ac43:aa2d
2606:4700::6810:7aaf
2606:4700:e4::ac40:a910
2607:f8b0:400f:804::2003
2620:1ec:21::14
2a00:1450:4001:800::200a
2a00:1450:4001:801::200e
2a00:1450:4001:806::2001
2a00:1450:4001:806::2002
2a00:1450:4001:808::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2006
2a00:1450:400e:10::6
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:2638:d::7
2a02:26f0:3500:595::2c79
2a02:6b8::1:119
2a02:6ea0:c700::10
2a02:6ea0:c700::19
2a04:4e42:600::485
2a05:d018:d29:3601:d7cb:5937:4ade:2566
2a06:98c1:3121::3
3.138.71.54
3.248.4.155
3.75.62.37
34.107.214.50
34.111.151.213
34.117.157.22
34.117.33.6
34.160.236.64
34.247.205.196
34.250.118.165
34.250.48.151
34.95.81.168
34.98.64.218
35.186.253.211
35.214.153.92
37.157.3.28
37.252.173.215
44.206.122.152
45.133.44.3
45.133.44.4
51.255.68.171
51.38.120.206
52.222.208.154
52.222.209.4
52.223.40.198
52.30.242.179
52.46.128.147
52.49.215.81
52.57.167.241
52.59.66.197
54.194.11.185
54.205.93.130
54.211.104.237
54.225.103.173
54.235.234.56
54.239.33.158
54.76.13.171
54.80.185.211
64.74.236.159
69.16.175.42
69.166.1.12
69.173.144.138
69.173.144.165
70.42.32.95
76.223.111.18
77.245.57.72
8.2.111.13
8.43.72.98
80.77.87.162
85.215.5.31
95.101.148.20
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
032f68a2c878b1ddcf04bc6aee774a8ea165de501cf2e37b2a701ff7e01f6870
03a0e4a85c470c697b9cab256a97ff2704a034b9394b9d67c4aaf6c5d421b5d8
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06c28a97e6d5b7ad0e007763bea847ae2867c1ef5a426d04bc6a07caf54ea1f7
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d0ec5b8ef463873f76f8ad68243a7943f3e5d9627c0e033d5ae08b95910350b
0f5c7a7fa9d3024dc2ca19a856ea61d7d31c9a82743dcabd61ee3bce7c26147d
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
166c7c3bb5f76f977a9f2a5490589b3466374eb2b3f064802e56f08bad71fbf0
1724b4bef54c6783a92933aad501fd9fe01ceb5225301c744ff0883030e72f00
17997f1a091040fd4917dc1acffc708b66ac2caede39a2619b03d5cab4801166
183ec2e1c7754f34bfc550f60cedba4553d7de4f6f8e9df3ab1e947dad0b97a9
184f716d8d9ebd697c7dce0b2e76fa56fafec48daff5cb5bf558b0e9e0622e40
18e9ccbc67754abad217ae76d948206f225b8ce9baf6687ce64f1844e9fd10ef
19d5db70a2d32ec4442f2493b20e5ccd416a1b72b29e1b041149ee1115c88a57
1a4c150d2e5c0aac609c6ba139fed94c48ff61894df87eebe5f98564ed00e583
1b6d3eb6c61dbc3983ce0842d475d4c4e6174c9ac87baefec2e4b3ea11284d04
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
1c6a02c929c61e2cbc3b7ed13d56ba53cd3508d986c42853f432e2b9b67492e7
1d85956e60f098d0e36bd9c3e3457ea595d083561c95edf8ddffb37a577dcb55
1e89034b59683eade7e285ec3d5369f1c9c94931485443d02e8dc5909157b004
1f8696a278ea0b75f3f71619645651d9af13ac3959f18f888464f3b805534ba4
20297bd522e226f15407572bb3331b78fc12e306fe85d716a1f0c935f68df51f
20b608e9acc2503aa48a61182c4ccac4b95be292e5df01776dc1b61012e30c8e
22441c926b4139bec035dd7ee92e43134328ca6c1fc1ed204476f0a80b964cd8
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
226d63070977daaa2f82aad016a0207efaecfe2b818a4373b4675a0e1b5d0345
23ba7f6d6b7429f5b450ecbe67907f7f384e9145d846664daa7dd4682a0787b9
2581ed2d4bc43877fbd2f16ea5da6db6a3e798f40f79facf61d93d9ced68fb19
2721cb3be7704be75a403489d609671fab74269a881ca8b62f1b47f118c02a76
283b80e955b55d85b258f43bb361ff43aff7f6bc6525228bd168b1acf749070b
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
28b061905058b158a72cd1956f0ab8f9fefd5769031efa7e9e179f5df75502c1
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2937afada54f23175669f7f8c41801f0de537707dad7d309b31d61a1f5559d8b
2a54e29a4b1f0cdf4f5cb2e77963987ff5051d96515bf7ee4cf0a17a28756539
2a750a5c4cd53d770d99cfd648aab9587e12c2fe9e2f6d0a52b699d2e88e5615
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b9882b1d4950f6e9ec65efbef9636a76a43b423302695035cf88b8c44474acd
2d230b0c420f85b1a5024fc55cb97b64f5a4919a19f20f9fca856fe5972bada0
2d7e04f93797dca868560733bfe7342aabd013ae8bba52073a35bc5fd99e830b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f7bafa8c851ebd19002c6800701bad1729c46307ec72ef33ef8d6be928a8753
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
31185c8b5e4ef1a9e83fcb0b1c82d60a32f4553a9bd4325639922b94a2badcb8
3278dc214a7ce0f416b7cdcf436537508aa95be0b953bf98c9272fdac2fc9d79
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3674ab1a2aa53d5ed8dcf402eed60cfc18c0bccf563ef2da5dee9a6488df31bd
36f94bb3b6ec671c552607da23527c6a08e2453f00e7b6c2941fd6b278ddd00b
392d77cffdff39dc3f1a1b0f8f75dc53a84b0329bdb9d43908ead698ed004e9e
3af9d7b861c124a7438694ae9a96c58d9ae88785afbd66b44ffc2789bf6a849c
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3c5eaeadeae2ed0bb83f2c5afa942cf6a48c5f6736e55bc85b65dfd99fe8e846
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3ffcaf1952587ab361109eaa43bfc5d1cb964cc5f639f5487eef6101daafaff4
407c0ea74212ba3a966ae1d7cf3c8ecf68e6071c8b6194fa830e4560ec13635b
419b600e2a3d2523ed458633a946a9a07fcf046077f0ea79f3e435f154f04ee7
43cf947b8b7cae654a40eb72005b289d2e2c7b4107b312a65029997bc8fbd56d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4424acd23ea2142e2b60075703aa8a3df1ef3aee192807e3da9ffb3f3d9e7fda
458cc3be215bef898d5e6a41e25f0c022e6d5d5e61add13f13c01898bb53b9bc
45bc2ebb82341b0beb20bf20f0318c5f520e782e2c23da5280d26ab94e046013
4672b37f99a355152ea5257ba3187597fb9a12fb33a06492131461f469f5dd09
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
472c6cbba96888170546c60275bbbdc10ce7ce297489deb283d1d4db8a7e5d75
474776eb17d0e4ca038f4994076ede6f4017ecdf91eff0d3d074c3b7bb6a5a97
4845a5b19380a0700abe45089b8ff749e993af40683d817c4717bcc193d421e1
4865394c997ec6daa7530ce6d4e6c21e149a09d8d7058f0ffcc7a7771e36a6e4
4a196b3f9f8d9b123d9f7e1d35a5dd11a4912f2638316916e5bb2a0d43f6ef9b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ca967a334cf8ed383014265fb71072c274c27e42caafceb3da90477ba1a4a7f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eab2eff2d1b563fef614caf4ea8054c48bf0d435a6e0a4c93281af5345f61ff
525fc0f0bbae2989ae5c6c462203965b22f0a6aab3805038c4050f6e0000201c
528230b6f35e2225760e6ffbc79d3c06ae192515b74e44f04f2cbe0363ed8580
52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84
531278a3ace8dcd7e7c86086a174d4779bd1c1042e51798e6801aad0cb96f766
5480fc596dda1a851a385048fc9952f59b0fa46286267ca80bbccfa6a580fa9d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5624a88713c68344740b801d8dab70d5daf32d5c1636fa151197dd69839b7be3
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5776d146edfa1de32f5c74f409ced004eac80e4f8e2b981ab44dfd46ebba1712
5836e342b13c5e478c0587befc676af479166eefb14a1887f73783f2716cc31f
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
5b3d371d468b3c78f4f75bb0395c0335eba859ecb6c9a66c0b4a6f8002f5a1c9
5c1df6b8b8400f77a0057374d202cfc2f4d71eeda679691148f7b8482db8e76d
5cd425896ccfd119ee720821af6a832189231c40d52ae8cad03480886967b984
5cf86ea3904f96ce75441057cc58106eedc9f049d34e2a7ed5023a87d916ec6a
5d88a09aa109b7bac1e729cd73e9272423b7e43d3c5af2fa3716c512f2f51d91
5e24b61f7ae7a4e552208ab7eb54601da5fd5af5a24a5cf542839398a33a9630
60d0cdf0b18fc47a4d55b4a2aeccd0b2bcc71063ca21ec0eb538bea39833dda4
60eb7f9a105f812fdae22991315fc6ffbfb10c35690c2fd089ddccefc55057c7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
632132c2c0ceec6d89d832b18865c1d622472ea793213019cf1714699cd013cf
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67033b6a599c714d8f8890117430cd49030ad32a2906005b2248532163f10e1b
6952d75a2aaa80c38068102af0b81541c127ce80a62b183f9a6d4197a4c2e31f
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d5f9ebd2914b0131567c5cd6b16f2c7cf21694e8d9be800c8436b6bad12db53
6df215b9a2f1b4f5e10092923bb034bd581f40596071bfba89f3168e204d031d
71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
72b2181e58d5c45800d66d36702794ca5ae5bf1fbc20f106442b7eac3191a623
73cdea3ea0691f9ac4150be0c937dc2ee7eaa10205168a84e41ef5c9e05784b7
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7724e3d047bd094825f7e457996cb1f75a8fae6f99b38ae8a68baa65d667ed6a
785b3c6cc775a90a0c69c4ca9228dce8d19e91fdbea991ce3ed438f3e77e38c2
788e83f577fb6cab6cbea678a8fa56ec24dcf960108971fa2f6d7f61bcd414c1
789c309db6cd9d6d31cbe19ae0adf1ceb07fc8b4f485f45bf3e444dd0de457ac
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d
7a5e40c41a359f601b100331ed08088e4bfec229c2b9cc70c67ae27fb642dd3b
7b6f1dccfc0e8dda865993cb2078daea1d74b19c7d74b06155fc43a6481b1dc3
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7f5120653ae4d93ed7e2c99e55ae575522c3cc14908e5c1a91d301f88ef74d56
80d3da84d93b3bca156a7a356f3a739edd4a6a15cdcfd60c8d058f4322d6e526
8158ef9b95cd261be4d1ae9495472c1ce8e470c43d1a782367ae24d0d5aac39a
81a4bd27e957576653d3059ac699bf25e16698b98a98e26a6a84cf1d6d9660b5
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c
824b856ba4cfec276cdc77b2f33fb95a5fe9082b982b697f463f7b46ffbbbb23
8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
82eaf517e5fb5d1444558c84efe22d9fd3c6c20a2bc124484df797a3779db6d1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83e91914f886619fc86233b80949e6734c17c0f6c3c169aa2c4847d7f04fed86
851f07728f20f097bea1cd996b80ea9448e4a695b5d16503ba445f77f8ed5560
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
887339722f8f23241256859c5ae29f97e1b1a740e2f5c8d631c8369d48efe3f9
889727ca9e58ccddfc9c0df7031ea9b5fd19b42a15286cc5c380eef5bea350ab
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8bbed2b8ca4e0a8532496fbeaac3ba7f97c964f5ccf704224da0263e79f9a185
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e20317c5f13ccae4cade19399ac549a443cfef0263c520832c6d491b0dc4117
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
937c3f261c7776b7264c9a0fcd2b2ffa585905cf783c130b6aa909cb33ce4bd8
975021afa1047e3ff95663bec51055dcccb9fb3b542dafac4293fb2e0eb1897d
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a55287e2b8125e31a6a71700a12f4600a5b5b76766400003c371919e4da466f
9cee03cab156eb46062ee87ba8cc14f0e04d34c86bc40474c93cca78ab05085a
9cfa1fa1186f1bea7c08fc2de38d413cbd11e706504fc7739efc023e0df34050
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a499068cf858aa2cd9b077e2e354b6bf8435eaa8e44c2047f403c7283031977f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5bb06f7aad58dfb341479a6b2e90feb35288b9f7b4c0b31cfce85c8bd2b4966
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
aa14289548c31945ef9ba83d88314ebe10e3de6e1e619fc20033c99efd60be58
aa933cc3d88e3079d4d09b2ebe9258485111beb2369f99540fef5a8f8b9add7d
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b144069da3f1709d073fdb3895992e36a79a45b9f8db3a8bc3f52b54bc86115a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b24b19152e92ee2240cdf53444b33a1b8ec286e9a44072890c5490c9d8ddfa3d
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
b7e64e5f08381aeefcf26852adc8e4212a37783f7161b0f9e229d7a46ccfd75c
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc407b6b3fbd5020ef439472c3adb6aab02e76066e1aa040d2f47ea6a5c4e77a
bf5de2a37e1b850ca9cc3b1a55bccd36def2be3524d0c5acb67b61f26aac8a96
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d
c1e73f8f646a816e70ed819bee6c37bf1f01f29e11b273e14711b5b5831443d5
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c84610f1791a022a8fba661dab5ef6adb6d2305f704d5a88dc28fae6b29ae49b
c8a2e26051508d58bf9fd678d53238d1274420fa683ceb393d1c41b8df65abb0
c8d7ace64894d227e9a65ae13f7fffa8feac2de602f7271e2b6b5c0c0f1e4823
c9551ff3b8ac9719180578dc3714daa0287524ff826b1d00fcc461cc6233fe58
cae765e89c38588186de4b36811acb8e873a674a2ca9223dca8fb391a012082b
cb38f5bea71951c90c392e31dae6d409932b0bb3a59426e3414261bc1673319d
cc0db0297d1c3aebb37d57589a3a4173d57037d784a5e53435e6af47b226b3a3
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6
ce33815b4c0f7c15686c773ff8b0e5092b36696a6c758ef499dc32e5a8f01e9a
cf9975742e815c4d3f5c33d9c18f09681b2ed299025ed022973ff91a18e9fec6
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d2f759732212e67ffa0b6e9b3a2107d4e4b37adfc249f02d5247013a1533283a
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d5cc76ca75c8dfd1f7de9fc1c14086ad4bded8ecdc82a091a890636a63f25c82
d874ba7d932f73df5bc8501b80fdc1afeef566768248b7f06e392571f562b8ad
da44646f2878b555f954e40049ebe013b17358c48caa69dc0cb5292e9e1e595e
da668ad11dd15f5219fb90f60691312ca692c398ca9d69dc3d8a0b77f83e7c90
dbc793cdac7a8b2818b7e7be3ffb60f3824caecde7e8ea271c800e2d14f60021
dc3e5b363ee720089ba447abefefc3354882a3c290c187e19c221cce88dc6754
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddf8be177e7b79aaeb98ffa04b2c4f8a1c05058cb59a55387ad22612c968ee32
dfd8bf00cc57b6f60e742c4465d8f7c2099c71dc9e33d424fc23dc307e491006
e04d0598c51e29073fcb36a81ab4db31d5e90875dacd0ead7be1e56aacd02632
e06d127b46a9e51866d04fa8b8c33485107dafb2ddc0befe5dbd5c510de4201f
e17bfb97abef7bacbd700b58fc35bf4596514d0b565cb53a9187690a9acb4f81
e2f1967bd0ff37182a4c0d4af0ae9cb04cdcbd189cec906bc2e2d9e0a36209e7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e5c27d0d4f88d0ad490f3a92e9d7c387987952eb7e713d150208a4af31a45ac5
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda
eb101c955280ac21b258db80a9b214cf1e717231cf72937a6b769999fead41a0
eba8f958f96c2043d58e7ac7b785d69c2388905b6178f0382dcb5dc9c80dd98b
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
f3c474724239d651fa1cc6b85d69083ea4eb92237083e319ec4f29650bb94c13
f58e30ab562e4d580aa3af24b123c2c296906742de518a749215e13d6bd2f0db
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f66beb19aea05f9018729b637564db44a2a5d77b8b754f4538b43ebfca402fe8
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f826765655e6a3e039bda8ec43370f2c9247a931e3e33129175e48ca0690b1e2
f88aa464ecf3027497dace126754601cdf7c47db2779106d4dadff0a47463cd2
fa5370a6a3c4759254cc12e8b1a4e37d2cbee3aa96d160ccd5129af43b0632e2
fb242b5f299cd08ee579ad1b46e13cb235bb595dd10b03fab7dfadfc61103be6
fd45bb46808611318ab74c39100ef0aa9aa78e5ad508e6219d0ec8d4d52f2a46
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
fe5a8544ab484c9078c57809519fa909a4c7803e4382d85e774ba64cdfb4eb0c