Submitted URL: https://u12097671.ct.sendgrid.net/ls/click?upn=4PC2wo0fWhUBQdJDPL-2Fxerma-2FiNLXrBX17zncJLRZJPXA8G7sUxDH5xXSKJJtKMLd3p77Ki-2BeyIey...
Effective URL: https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Submission: On September 05 via api from US — Scanned from DE

Summary

This website contacted 57 IPs in 7 countries across 43 domains to perform 160 HTTP transactions. The main IP is 2.16.186.218, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.eonline.com. The Cisco Umbrella rank of the primary domain is 49374.
TLS certificate: Issued by DigiCert TLS Hybrid ECC SHA384 2020 CA1 on April 16th 2022. Valid for: a year.
This is the only time www.eonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.115.121 11377 (SENDGRID)
2 2 2606:4700::68... 13335 (CLOUDFLAR...)
11 2.16.186.218 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 199.27.170.201 14042 (COMCAST-C...)
7 96.16.134.100 16625 (AKAMAI-AS)
10 2606:4700::68... 13335 (CLOUDFLAR...)
9 2a02:26f0:ea:... 20940 (AKAMAI-ASN1)
1 2a04:4e42:e00... 54113 (FASTLY)
2 2.18.168.29 16625 (AKAMAI-AS)
9 2600:9000:214... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
5 3.248.125.227 16509 (AMAZON-02)
2 2600:9000:205... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 52.31.4.32 16509 (AMAZON-02)
2 52.208.60.7 16509 (AMAZON-02)
13 2a02:26f0:10e... 20940 (AKAMAI-ASN1)
2 23.208.242.66 16625 (AKAMAI-AS)
4 23.35.237.151 16625 (AKAMAI-AS)
1 23.35.236.247 16625 (AKAMAI-AS)
3 3 2.23.97.19 20940 (AKAMAI-ASN1)
1 2 18.134.84.22 16509 (AMAZON-02)
1 2a04:4e42:200... 54113 (FASTLY)
1 3 2600:1f18:659... 14618 (AMAZON-AES)
1 99.86.4.22 16509 (AMAZON-02)
1 34.207.38.202 14618 (AMAZON-AES)
1 2a02:2638::3 44788 (ASN-CRITE...)
1 34.234.134.156 14618 (AMAZON-AES)
2 15.197.193.217 16509 (AMAZON-02)
1 34.120.133.55 15169 (GOOGLE)
5 52.18.181.114 16509 (AMAZON-02)
3 2600:9000:223... 16509 (AMAZON-02)
2 2606:4700:440... 13335 (CLOUDFLAR...)
1 52.18.219.233 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 65.9.66.34 16509 (AMAZON-02)
2 99.83.154.140 16509 (AMAZON-02)
6 15.236.176.210 16509 (AMAZON-02)
2 2 18.198.126.47 16509 (AMAZON-02)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 99.86.4.101 16509 (AMAZON-02)
2 52.29.207.110 16509 (AMAZON-02)
2 104.18.19.126 13335 (CLOUDFLAR...)
2 37.252.172.123 29990 (ASN-APPNEX)
2 18.194.70.236 16509 (AMAZON-02)
2 35.211.168.6 15169 (GOOGLE)
1 18.66.147.113 16509 (AMAZON-02)
2 2 142.250.184.226 15169 (GOOGLE)
2 99.86.4.2 16509 (AMAZON-02)
2 2.21.20.137 20940 (AKAMAI-ASN1)
2 184.24.77.188 20940 (AKAMAI-ASN1)
4 178.250.0.165 44788 (ASN-CRITE...)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 52.215.255.196 16509 (AMAZON-02)
1 1 2600:1f18:659... 14618 (AMAZON-AES)
2 104.18.18.126 13335 (CLOUDFLAR...)
1 54.235.52.143 14618 (AMAZON-AES)
1 99.86.1.160 16509 (AMAZON-02)
3 199.27.170.198 14042 (COMCAST-C...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 199.27.170.188 14042 (COMCAST-C...)
160 57
Apex Domain
Subdomains
Transfer
26 eonline.com
www.eonline.com — Cisco Umbrella Rank: 49374
akns-images.eonline.com — Cisco Umbrella Rank: 47642
swa.eonline.com — Cisco Umbrella Rank: 87084
766 KB
17 imrworldwide.com
cdn-gl.imrworldwide.com — Cisco Umbrella Rank: 2629
secure-dcr.imrworldwide.com — Cisco Umbrella Rank: 2541
gp8o5ztgz1sxpyw37adjfdyxxljxn1662400493.nuid.imrworldwide.com
secure-sdk.imrworldwide.com — Cisco Umbrella Rank: 6462
2dwbpyqha9wzrlqgjtvbtrhe9ftar1662400494.nuid.imrworldwide.com
b8sik9eqloqwbfrbmmv9xkki4walz1662400494.nuid.imrworldwide.com
203 KB
15 theplatform.com
player.theplatform.com — Cisco Umbrella Rank: 56305
pdk.theplatform.com — Cisco Umbrella Rank: 31369
link.theplatform.com — Cisco Umbrella Rank: 13370 Failed
east.manifest.na.theplatform.com — Cisco Umbrella Rank: 87863
feed.theplatform.com — Cisco Umbrella Rank: 42345
566 KB
10 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 730
195 KB
9 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 553
118 KB
6 fwmrm.net
1f2e7.v.fwmrm.net — Cisco Umbrella Rank: 4715
29773.v.fwmrm.net — Cisco Umbrella Rank: 11785
dmp.v.fwmrm.net — Cisco Umbrella Rank: 17009
3 KB
6 omtrdc.net
eonline.tt.omtrdc.net — Cisco Umbrella Rank: 99328
comcastentertainmentgroup.hb.omtrdc.net — Cisco Umbrella Rank: 86043
2 KB
6 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 297
eo.demdex.net — Cisco Umbrella Rank: 95426
8 KB
5 moatads.com
z.moatads.com — Cisco Umbrella Rank: 592
mb.moatads.com — Cisco Umbrella Rank: 914
84 KB
5 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 226
cm.g.doubleclick.net — Cisco Umbrella Rank: 303
158 KB
4 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 834
1 KB
4 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 755
as-sec.casalemedia.com — Cisco Umbrella Rank: 2163
2 KB
4 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 871
script.hotjar.com — Cisco Umbrella Rank: 1152
vars.hotjar.com — Cisco Umbrella Rank: 1247
in.hotjar.com — Cisco Umbrella Rank: 2418
69 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 120
imasdk.googleapis.com — Cisco Umbrella Rank: 456
349 KB
3 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 2436
load77.exelator.com — Cisco Umbrella Rank: 4165
2 KB
3 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
587 B
3 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 1002
3 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1628
mab.chartbeat.com — Cisco Umbrella Rank: 3129
25 KB
2 akamaized.net
eonlinevideos.akamaized.net — Cisco Umbrella Rank: 121848
34 KB
2 akamaihd.net
pmd205470tn-a.akamaihd.net — Cisco Umbrella Rank: 55544
eonlinetc-vh.akamaihd.net Failed
546 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 223
107 KB
2 trustx.org
sofia.trustx.org — Cisco Umbrella Rank: 6584
736 B
2 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 863
1013 B
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 329
1 KB
2 kargo.com
krk.kargo.com — Cisco Umbrella Rank: 3077
1 KB
2 sail-personalize.com
api.sail-personalize.com — Cisco Umbrella Rank: 4115
495 B
2 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 1040
498 B
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 486
654 B
2 nbcudigitaladops.com
www.nbcudigitaladops.com — Cisco Umbrella Rank: 47392
2 KB
2 gstatic.com
fonts.gstatic.com
91 KB
2 nbcuni.com
mps.nbcuni.com — Cisco Umbrella Rank: 15619
88 KB
2 cision.com
app2.cision.com
1 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 350
17 KB
1 cloudfront.net
d28nxrgt4y7pn6.cloudfront.net
523 B
1 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 691
491 B
1 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 1084
360 B
1 rkdms.com
id.sv.rkdms.com — Cisco Umbrella Rank: 5408
167 B
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 782
39 KB
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1356
201 B
1 sail-horizon.com
ak.sail-horizon.com — Cisco Umbrella Rank: 4003
43 KB
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 942
41 KB
1 polyfill.io
polyfill.io — Cisco Umbrella Rank: 2107
4 KB
1 sendgrid.net
u12097671.ct.sendgrid.net
247 B
160 43
Domain Requested by
13 akns-images.eonline.com www.eonline.com
11 www.eonline.com www.eonline.com
10 cdn.cookielaw.org www.eonline.com
cdn.cookielaw.org
9 cdn-gl.imrworldwide.com www.eonline.com
cdn-gl.imrworldwide.com
eonlinevideos.akamaized.net
9 assets.adobedtm.com www.eonline.com
assets.adobedtm.com
7 pdk.theplatform.com www.eonline.com
player.theplatform.com
5 dpm.demdex.net assets.adobedtm.com
www.eonline.com
4 comcastentertainmentgroup.hb.omtrdc.net pmd205470tn-a.akamaihd.net
4 bidder.criteo.com www.eonline.com
static.criteo.net
4 z.moatads.com mps.nbcuni.com
pdk.theplatform.com
www.eonline.com
3 imasdk.googleapis.com pdk.theplatform.com
imasdk.googleapis.com
3 east.manifest.na.theplatform.com pdk.theplatform.com
3 pagead2.googlesyndication.com www.eonline.com
imasdk.googleapis.com
3 secure-dcr.imrworldwide.com www.eonline.com
3 29773.v.fwmrm.net 1 redirects www.eonline.com
3 ads.stickyadstv.com 3 redirects
3 securepubads.g.doubleclick.net mps.nbcuni.com
securepubads.g.doubleclick.net
www.eonline.com
3 player.theplatform.com 1 redirects www.eonline.com
2 as-sec.casalemedia.com www.eonline.com
2 secure-sdk.imrworldwide.com www.eonline.com
2 eonlinevideos.akamaized.net pdk.theplatform.com
2 pmd205470tn-a.akamaihd.net pdk.theplatform.com
2 sb.scorecardresearch.com pdk.theplatform.com
2 cm.g.doubleclick.net 2 redirects
2 sofia.trustx.org www.eonline.com
2 tlx.3lift.com www.eonline.com
2 ib.adnxs.com www.eonline.com
2 htlb.casalemedia.com www.eonline.com
2 krk.kargo.com www.eonline.com
2 loadm.exelator.com 2 redirects
2 swa.eonline.com www.eonline.com
2 api.sail-personalize.com ak.sail-horizon.com
2 geolocation.onetrust.com cdn.cookielaw.org
2 match.adsrvr.org www.eonline.com
2 1f2e7.v.fwmrm.net 1 redirects www.eonline.com
2 www.nbcudigitaladops.com mps.nbcuni.com
2 eonline.tt.omtrdc.net www.eonline.com
2 static.chartbeat.com www.eonline.com
2 fonts.gstatic.com fonts.googleapis.com
2 mps.nbcuni.com www.eonline.com
mps.nbcuni.com
2 app2.cision.com 2 redirects
1 feed.theplatform.com pdk.theplatform.com
1 s0.2mdn.net imasdk.googleapis.com
1 b8sik9eqloqwbfrbmmv9xkki4walz1662400494.nuid.imrworldwide.com
1 d28nxrgt4y7pn6.cloudfront.net www.eonline.com
1 2dwbpyqha9wzrlqgjtvbtrhe9ftar1662400494.nuid.imrworldwide.com www.eonline.com
1 dmp.v.fwmrm.net 1 redirects
1 link.theplatform.com pdk.theplatform.com
1 in.hotjar.com www.eonline.com
1 pixel.quantserve.com 1 redirects
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 load77.exelator.com www.eonline.com
1 static.hotjar.com www.eonline.com
1 mb.moatads.com z.moatads.com
1 gp8o5ztgz1sxpyw37adjfdyxxljxn1662400493.nuid.imrworldwide.com www.eonline.com
1 api.rlcdn.com www.eonline.com
1 id.sv.rkdms.com www.eonline.com
1 static.criteo.net js-sec.indexww.com
1 ping.chartbeat.net www.eonline.com
1 ak.sail-horizon.com assets.adobedtm.com
1 mab.chartbeat.com www.eonline.com
1 js-sec.indexww.com mps.nbcuni.com
1 eo.demdex.net assets.adobedtm.com
1 polyfill.io www.eonline.com
1 fonts.googleapis.com www.eonline.com
1 u12097671.ct.sendgrid.net 1 redirects
0 eonlinetc-vh.akamaihd.net Failed
160 68
Subject Issuer Validity Valid
*.eonline.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-04-16 -
2023-04-19
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-08-15 -
2022-11-07
3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3
2022-05-01 -
2023-05-01
a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1
2022-07-19 -
2023-08-19
a year crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2022 Q1
2022-03-08 -
2023-04-09
a year crt.sh
*.nbcuni.com
DigiCert SHA2 Secure Server CA
2022-02-28 -
2023-02-28
a year crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1
2022-01-04 -
2023-02-03
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-08-15 -
2022-11-07
3 months crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1
2021-10-19 -
2022-11-19
a year crt.sh
*.chartbeat.com
Thawte RSA CA 2018
2022-05-06 -
2023-06-03
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-08-15 -
2022-11-07
3 months crt.sh
*.tt.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1
2021-10-11 -
2022-10-12
a year crt.sh
player.theplatform.com
Entrust Certification Authority - L1K
2022-01-05 -
2023-02-04
a year crt.sh
www.nbcudigitaladops.com
DigiCert TLS RSA SHA256 2020 CA1
2022-04-09 -
2023-04-12
a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA
2021-11-27 -
2022-11-29
a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2021-12-12 -
2022-12-13
a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1
2021-11-29 -
2022-12-30
a year crt.sh
ak.sail-horizon.com
Amazon
2022-01-06 -
2023-02-02
a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018
2021-12-01 -
2022-12-30
a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-09-01 -
2022-11-30
3 months crt.sh
securedvisit.com
Amazon
2021-11-30 -
2022-12-27
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2022-02-03 -
2023-02-25
a year crt.sh
*.nuid.imrworldwide.com
Amazon
2022-05-12 -
2023-06-10
a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3
2022-01-12 -
2023-01-12
a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1
2022-06-13 -
2023-07-05
a year crt.sh
*.hotjar.com
Amazon
2021-11-25 -
2022-12-23
a year crt.sh
api.sail-personalize.com
Amazon
2022-05-25 -
2023-06-23
a year crt.sh
swa.eonline.com
DigiCert TLS RSA SHA256 2020 CA1
2022-08-27 -
2023-09-27
a year crt.sh
*.dev.kargo.com
Amazon
2022-03-01 -
2023-03-29
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-22 -
2023-06-21
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2022-02-11 -
2023-03-14
a year crt.sh
*.3lift.com
Amazon
2022-05-13 -
2023-06-11
a year crt.sh
sofia.trustx.org
Sectigo RSA Domain Validation Secure Server CA
2021-12-29 -
2022-12-29
a year crt.sh
pdk.theplatform.com
GeoTrust RSA CA 2018
2021-10-05 -
2022-10-04
a year crt.sh
*.scorecardresearch.com
Amazon
2022-01-29 -
2023-02-27
a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1
2022-06-28 -
2023-06-30
a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-08-27 -
2022-11-22
3 months crt.sh
*.hb.omtrdc.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-12-02 -
2023-01-02
a year crt.sh
link.theplatform.com
Entrust Certification Authority - L1K
2022-03-02 -
2023-04-01
a year crt.sh
*.cloudfront.net
Amazon
2022-02-01 -
2023-01-31
a year crt.sh
east.manifest.na.theplatform.com
Entrust Certification Authority - L1K
2022-05-28 -
2023-06-27
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2022-08-15 -
2022-11-07
3 months crt.sh
feed.theplatform.com
Entrust Certification Authority - L1K
2022-01-06 -
2023-02-05
a year crt.sh

This page contains 9 frames:

Primary Page: https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Frame ID: BDBA9663BE43B279E507D2B1BBF52B49
Requests: 104 HTTP requests in this frame

Frame: https://player.theplatform.com/p/BdHJDC/pdk6PocStable/select/media/P7u___9JIdXC?form=html&playAll=true&playIndex=first&autoPlay=true&logLevel=none&params=csid%3De_online_vod_de%26vcid2%3Dgytce3C3ThpSocruBjJJY%26_fw_h_referer%3Dwww.eonline.com%26fw_gdpr%3D1%26_fw_us_privacy%3D1---%26gdpr_consent%3DCPe3i9KPe3i9KAcABBENCfCgAAAAAAAAACiQAAAAAAChIAIC8xgAEBeY6ACAvMlABAXmUgAgLzAA.YAAAAAAAAAAA
Frame ID: 8EBBCE3F9523E212AD289122D1ED0544
Requests: 51 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 796930F3C8D270D91581F4C863E63AC8
Requests: 3 HTTP requests in this frame

Frame: https://eo.demdex.net/dest5.html?d_nsid=0
Frame ID: AEC94C52D4FD5F1ACC46B50B861B0186
Requests: 6 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-1ada912494ba7fc7aca15fcef1c2a7ae.html
Frame ID: 6FD71EE00717A86EC73644ECABC504E7
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 1FBE0A87D3728104449E8A72F1956714
Requests: 3 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 2F26CCE197E0A1AF13484EB45204A47E
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/2620/ca-video-pub-5672557457834454-tag%26description_url%3Dhttp%253A%252F%252Fwww.eonline.com%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26max_ad_duration%3D15000%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26vpos%3Dpreroll%26vpmute%3D0%26vpa%3Dclick%26type%3Djs%26vad_type%3Dlinear%26channel%3Dvastadp
Frame ID: 1A1A6A87432A14CEE48216D0817AA94B
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Frame ID: 52A5B7DD90CD2255391AD3CC33C3F5B8
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

See Kylie Jenner’s Sweet Response to When She Feels Most Confident - E! Online - CABack ButtonFilter Button

Page URL History Show full URLs

  1. https://u12097671.ct.sendgrid.net/ls/click?upn=4PC2wo0fWhUBQdJDPL-2Fxerma-2FiNLXrBX17zncJLRZJPXA8G7sUxDH5xXSKJ... HTTP 302
    http://app2.cision.com/redir?s=1395386230439 HTTP 302
    https://app2.cision.com/redir?s=1395386230439 HTTP 302
    https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • chartbeat\.js

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • moatads\.com

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Page Statistics

160
Requests

93 %
HTTPS

33 %
IPv6

43
Domains

68
Subdomains

57
IPs

7
Countries

3569 kB
Transfer

9581 kB
Size

58
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://u12097671.ct.sendgrid.net/ls/click?upn=4PC2wo0fWhUBQdJDPL-2Fxerma-2FiNLXrBX17zncJLRZJPXA8G7sUxDH5xXSKJJtKMLd3p77Ki-2BeyIey8huvkxMBQ-3D-3Dkb8A_vab-2BQUqbE5KA1x32hdOJqkXuLngSFWu9m7eUduXhvjYoQJEbYNJpKYoT5cWykD8oKvkHUrh76RczK1UaYn7hDOrB7sTI5i8f4UBPv0Qxj3H7FdJvFulHbYB-2BHs0hHu6ksWZOg1I624B7Jn-2FZi3OZmHCMyYv323oPaWXNzuGqY7GGsiS5uZsQO-2BVP-2BWBYKCW4cxnTSfRiWkSU1v6SprunNtv-2BPBEQ4AH9MG0eXIQZZHlzM1sVQ-2BccTe7M76rdSDSK HTTP 302
    http://app2.cision.com/redir?s=1395386230439 HTTP 302
    https://app2.cision.com/redir?s=1395386230439 HTTP 302
    https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://player.theplatform.com/pdk/BdHJDC/tpPdkController.js HTTP 302
  • https://pdk.theplatform.com/pdk/tpPdkController.js
Request Chain 55
  • https://ads.stickyadstv.com/user-matching?id=185 HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?nw=127719&dpid=127719&token=b8ce708402a6286faf64c964294f2046&gif=1&buid=da96c8abfe2fcd128ba8227a8a7ddd&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 79
  • https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=62320289127808541581693469639902101924 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=62320289127808541581693469639902101924&xl8blockcheck=1 HTTP 302
  • https://load77.exelator.com/pixel.gif
Request Chain 93
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NjIzMjAyODkxMjc4MDg1NDE1ODE2OTM0Njk2Mzk5MDIxMDE5MjQ= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NjIzMjAyODkxMjc4MDg1NDE1ODE2OTM0Njk2Mzk5MDIxMDE5MjQ=&google_tc= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPn9JpPuDmAbVd46Y1e80J8&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 94
  • https://29773.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D796%26dpuuid%3D%23%7Buser.id%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=796&dpuuid=l015a_7139955750289753352
Request Chain 111
  • https://ads.stickyadstv.com/auto-user-sync HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=da96c8abfe2fcd128ba8227a8a7ddd&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l015a_7139955750289753352&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 112
  • https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=6KAlwO2kcZLz93LF5_Y5kOzxJ8DzonCS6vfTAJYK
Request Chain 127
  • https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D796%26dpuuid%3D%23%7Buser.id%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=796&dpuuid=l015a_7139955750289753352&gdpr=0&gdpr_consent=
Request Chain 176
  • https://redirect.manifest.theplatform.com/r/BdHJDC/SwdHfX0qN276,pwvHOHSDRVz9,3d0j87vL_f2a,fxj9COeKs3dL,_Y_gYyT0rGay,kW7gAGELAvZK,m09xcZSwC9rD/aHR0cHM6Ly9lb25saW5ldGMtdmguYWthbWFpaGQubmV0L2kvdHJhbnNjb2RlZC9jb21wbGV0ZS8zNDM3MTQvd29jaGl0XzIwMjIwODIyX2plbm5lcl8zNDM3MTRfLDMwLDQwLDIwLDEyLDgsNCwzLDAwMDAwLm1wNC5jc21pbC9zZWdtZW50MV82X2F2LnRzP251bGw9MCZfYWxpZF89TXNubXl3YmxDTXBtWG41a0Fhc1IxUT09?sid=4744f8c2-21c4-469a-9bf8-bfc23e66b809&policy=162969533&date=1662400497561&ip=37.58.57.2&schema=1.0&cid=6bcedddc-9e1d-4a78-8057-4c58418f1c2d&aid=2225862014&dur=102000&sig=8715aaa07717e69baeb595ed5627ccdea33c409742d31e89b415439ab48ad2f6 HTTP 302
  • https://eonlinetc-vh.akamaihd.net/i/transcoded/complete/343714/wochit_20220822_jenner_343714_,30,40,20,12,8,4,3,00000.mp4.csmil/segment1_6_av.ts?null=0&_alid_=MsnmywblCMpmXn5kAasR1Q==

160 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
www.eonline.com/ca/news/1343461/
Redirect Chain
  • https://u12097671.ct.sendgrid.net/ls/click?upn=4PC2wo0fWhUBQdJDPL-2Fxerma-2FiNLXrBX17zncJLRZJPXA8G7sUxDH5xXSKJJtKMLd3p77Ki-2BeyIey8huvkxMBQ-3D-3Dkb8A_vab-2BQUqbE5KA1x32hdOJqkXuLngSFWu9m7eUduXhvjYoQ...
  • http://app2.cision.com/redir?s=1395386230439
  • https://app2.cision.com/redir?s=1395386230439
  • https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
98 KB
25 KB
Document
General
Full URL
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.218 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-218.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8878f35ea7780d029103672c612f41b05b1bf3d0ff06bcd4256e808f878ed516
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-length
24885
content-type
text/html; charset=utf-8
date
Mon, 05 Sep 2022 17:54:52 GMT
etag
W/"187a2-kRd52FM/l+AWAUEAt8I+q9R0GCo-gzip"
referrer-policy
no-referrer-when-downgrade
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
7460d5236c3a9bb9-FRA
content-length
0
date
Mon, 05 Sep 2022 17:54:52 GMT
location
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
server
cloudflare
server-timing
intid;desc=5cb9531b2ea8f0eb
x-application-context
application:production
css
fonts.googleapis.com/
28 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i&display=swap
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
64e4de71a710bbb6b7bc79ec8e2bf2d9b3132e8330d29b6d50479eb95238e8d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 05 Sep 2022 17:09:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 05 Sep 2022 17:54:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 05 Sep 2022 17:54:52 GMT
articledetail.7080c29d09464f3011a0.css
www.eonline.com/dist/css/
20 KB
4 KB
Stylesheet
General
Full URL
https://www.eonline.com/dist/css/articledetail.7080c29d09464f3011a0.css
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.218 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-218.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
9ae5c20f00c460da157d5b2862736a5950db1ec5297c4dbe590483394e1a828b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

unused62
8096267
strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
br
x-content-type-options
nosniff, nosniff
last-modified
Tue, 18 Jan 2022 23:08:34 GMT
server
Akamai Resource Optimizer
etag
"4e14-5d5669ed9af00-gzip"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
date
Mon, 05 Sep 2022 17:54:52 GMT
accept-ranges
bytes
content-length
3831
referrer-policy
no-referrer-when-downgrade
95.66e8df72aba62b7c19e3.css
www.eonline.com/dist/css/
51 KB
9 KB
Stylesheet
General
Full URL
https://www.eonline.com/dist/css/95.66e8df72aba62b7c19e3.css
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.218 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-218.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
05852903b8547317e695747a1cf55edbb3779a1cac92a8f79a771daa67ad68f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
br
referrer-policy
no-referrer-when-downgrade, no-referrer-when-downgrade
last-modified
Thu, 18 Aug 2022 23:47:48 GMT
server
Akamai Resource Optimizer
etag
"cadd-5e67398383040-gzip"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
date
Mon, 05 Sep 2022 17:54:52 GMT
accept-ranges
bytes
content-length
8556
x-content-type-options
nosniff, nosniff
webpack.runtime.4c3e10999781b4cd98f0.js
www.eonline.com/dist/js/
6 KB
3 KB
Script
General
Full URL
https://www.eonline.com/dist/js/webpack.runtime.4c3e10999781b4cd98f0.js
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.218 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-218.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
3ecf2c02cd15cef1f06a0da17591d8c69a20daea1431fe19961a2b94ebf10397
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
br
referrer-policy
no-referrer-when-downgrade, no-referrer-when-downgrade
last-modified
Thu, 01 Sep 2022 13:41:08 GMT
server
Akamai Resource Optimizer
etag
"181f-5e78c8c4f53c0-gzip"
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
date
Mon, 05 Sep 2022 17:54:52 GMT
accept-ranges
bytes
content-length
2623
x-content-type-options
nosniff, nosniff
16.49a99ac1e0810dd84345.js
www.eonline.com/dist/js/
427 KB
107 KB
Script
General
Full URL
https://www.eonline.com/dist/js/16.49a99ac1e0810dd84345.js
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.218 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-218.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
ebcf9dfc5b5f032124c4bafe98cc21aae9dd8ad4a09a72af622ee3af595610f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
br
referrer-policy
no-referrer-when-downgrade, no-referrer-when-downgrade
last-modified
Thu, 01 Sep 2022 15:56:42 GMT
server
Akamai Resource Optimizer
etag
"6ab5a-5e78c8c4f53c0-gzip"
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
date
Mon, 05 Sep 2022 17:54:52 GMT
accept-ranges
bytes
content-length
108791
x-content-type-options
nosniff, nosniff
494.a06be6d89f145438f4b9.js
www.eonline.com/dist/js/
22 KB
6 KB
Script
General
Full URL
https://www.eonline.com/dist/js/494.a06be6d89f145438f4b9.js
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.218 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-218.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
e20075cfb7ae72fc9a6ad53738afe082145da7586353c4a00b9bc73f3fdde166
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
br
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 18 Jan 2022 03:13:47 GMT
server
Akamai Resource Optimizer
etag
"5657-5d5669ed9af00-gzip"
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
date
Mon, 05 Sep 2022 17:54:52 GMT
accept-ranges
bytes
content-length
5384
x-content-type-options
nosniff, nosniff
455.3cfa176e567652bb6539.js
www.eonline.com/dist/js/
24 KB
5 KB
Script
General
Full URL
https://www.eonline.com/dist/js/455.3cfa176e567652bb6539.js
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.218 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-218.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
69b1fa3acbdba08be1044c245a8a008fcfc0f7565dc42174bb3ebd3a21844f80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
br
referrer-policy
no-referrer-when-downgrade, no-referrer-when-downgrade
last-modified
Sat, 16 Apr 2022 23:42:49 GMT
server
Akamai Resource Optimizer
etag
"6071-5dbffa03c40c0-gzip"
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
date
Mon, 05 Sep 2022 17:54:52 GMT
accept-ranges
bytes
content-length
4378
x-content-type-options
nosniff, nosniff
783.90c0d8ec9afe7df8ba6e.js
www.eonline.com/dist/js/
6 KB
2 KB
Script
General
Full URL
https://www.eonline.com/dist/js/783.90c0d8ec9afe7df8ba6e.js
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.218 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-218.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
e0da565315a090d118f867bf7eccae0ecc9b7424b7434aee6e14ee5d4acd5bf5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

unused62
8096267
strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
br
x-content-type-options
nosniff, nosniff
last-modified
Tue, 18 Jan 2022 05:27:53 GMT
server
Akamai Resource Optimizer
etag
"1600-5d5669ed9af00-gzip"
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
date
Mon, 05 Sep 2022 17:54:52 GMT
accept-ranges
bytes
content-length
1980
referrer-policy
no-referrer-when-downgrade
95.e02ca90e78de4a2c45f8.js
www.eonline.com/dist/js/
95 KB
27 KB
Script
General
Full URL
https://www.eonline.com/dist/js/95.e02ca90e78de4a2c45f8.js
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.218 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-218.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4b18186788562a79dba8831a5675090e642d84fcfff1015705a5930a16a275dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade, no-referrer-when-downgrade
last-modified
Wed, 31 Aug 2022 17:08:39 GMT
server
Apache
etag
"17cb8-5e78c8c4f53c0-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
date
Mon, 05 Sep 2022 17:54:52 GMT
accept-ranges
bytes
content-length
27695
x-content-type-options
nosniff, nosniff
articledetail.83d19581d14a81061b34.js
www.eonline.com/dist/js/
89 KB
29 KB
Script
General
Full URL
https://www.eonline.com/dist/js/articledetail.83d19581d14a81061b34.js
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.218 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-218.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6c116b2015427df74774e1f50bb67fbd1e75404843d39881003a9284f2bf3869
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade, no-referrer-when-downgrade
last-modified
Wed, 31 Aug 2022 17:08:39 GMT
server
Apache
etag
"165f9-5e78c8c4f53c0-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
date
Mon, 05 Sep 2022 17:54:52 GMT
accept-ranges
bytes
content-length
28800
x-content-type-options
nosniff, nosniff
tpPdkController.js
pdk.theplatform.com/pdk/
Redirect Chain
  • https://player.theplatform.com/pdk/BdHJDC/tpPdkController.js
  • https://pdk.theplatform.com/pdk/tpPdkController.js
20 KB
6 KB
Script
General
Full URL
https://pdk.theplatform.com/pdk/tpPdkController.js
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Protocol
HTTP/1.1
Server
96.16.134.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-134-100.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0ec2c2239ca096648cc18d4cda3842ca3db7622cbd5a7ac178f54d43d69ab39f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Unused62
8096267
Date
Mon, 05 Sep 2022 17:54:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Mar 2019 21:34:48 GMT
Server
Apache
ETag
"14e6b2-4ecb-5839bfdfdee00"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5435

Redirect headers

Date
Mon, 05 Sep 2022 17:54:53 GMT, Mon, 05 Sep 2022 17:54:53 GMT
Server
Jetty(8.1.16.2)
Access-Control-Allow-Origin
*
X-Cache
HIT from player.theplatform.com:443
P3P
CP="CUR CUS NOI STA NAV PSAi OUR OTRo IND"
Location
https://pdk.theplatform.com/pdk/tpPdkController.js
Cache-Control
no-cache
Connection
close
Content-Type
text/html;charset=UTF-8
tcf.stub.js
cdn.cookielaw.org/consent/
2 KB
1 KB
Script
General
Full URL
https://cdn.cookielaw.org/consent/tcf.stub.js
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02a8cd07f9b72905689074cfd8852c03cde76a58d1ae30939ee6c05f737d47e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 05 Sep 2022 17:54:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
wWRR1dd+iePr7uQuaw5L+w==
age
997
vary
Accept-Encoding
x-ms-lease-status
unlocked
last-modified
Mon, 05 Sep 2022 12:13:24 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e1c9ac7d-d01e-00ba-3c23-c138ef000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
7460d5283d1b903a-FRA
expires
Mon, 05 Sep 2022 21:54:52 GMT
launch-ENfb0d8c9c83a248f186134c5888716f23.min.js
assets.adobedtm.com/
335 KB
92 KB
Script
General
Full URL
https://assets.adobedtm.com/launch-ENfb0d8c9c83a248f186134c5888716f23.min.js
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:2a4::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
fd30dbf0515ecc6cfc3e80640d3820bc2a2a5f84633ccbc740abf8d2931b58f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:54:52 GMT
content-encoding
gzip
last-modified
Thu, 18 Aug 2022 22:31:37 GMT
server
AkamaiNetStorage
etag
"721b9c27c7fe58bebcb185ac3976f914:1660861897.649148"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.eonline.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
93908
expires
Mon, 05 Sep 2022 18:54:52 GMT
polyfill.min.js
polyfill.io/v3/
16 KB
4 KB
Script
General
Full URL
https://polyfill.io/v3/polyfill.min.js?version=3.52.1&features=Object.assign%2CPromise%2Ces6%2CSymbol%2CMap%2CWeakMap%2CSet%2CWeakSet%2CrequestAnimationFrame%2CUint8Array%2CIntersectionObserver%2CIntersectionObserverEntry%2CResizeObserver%2CCustomEvent%2CArray.prototype.lastIndexOf%2CArray.prototype.find%2CArray.prototype.some%2CArray.from%2CObject.freeze%2Cfetch%2CObject.entries%2CNode.prototype.contains%2CArray.prototype.findIndex%7Cgated%2CArray.prototype.includes%7Cgated%2CString.prototype.includes%7Cgated
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:e00::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e6d30ac453d4a6814c1dc805b634d9d715547665ffcf2ee982ecde4677970b20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:54:53 GMT
content-encoding
br
last-modified
Thu, 25 Aug 2022 05:27:42 GMT
age
0
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser
chrome/105.0.0
server-timing
cache-lax10646, PASS, fastly;desc="Edge time";dur=14
accept-ranges
bytes
content-length
3788
load-e-web.js
mps.nbcuni.com/fetch/ext/
297 KB
70 KB
Script
General
Full URL
https://mps.nbcuni.com/fetch/ext/load-e-web.js?nowrite=2
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.168.29 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-168-29.deploy.static.akamaitechnologies.com
Software
Apache / PHP/7.1.33
Resource Hash
6a28a4a86b30ef9591ce7be44ee96a527925f257de6ba6f8b6971c24f378bc77

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 17:54:52 GMT
Content-Encoding
gzip
Server
Apache
X-Powered-By
PHP/7.1.33
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
71197
Expires
Mon, 05 Sep 2022 17:54:52 GMT
P7B7DDF6C-EBA7-42BE-BEF2-232D0A48C49A.js
cdn-gl.imrworldwide.com/conf/
28 KB
7 KB
Script
General
Full URL
https://cdn-gl.imrworldwide.com/conf/P7B7DDF6C-EBA7-42BE-BEF2-232D0A48C49A.js
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:7400:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cd4b37eda75a7c06de999ebc2634e31f017b49cd04e1a0b13677f1a749344ff9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
Kd3UqfC203eBsD1sQYVdvHkJQFCH97WK
content-encoding
gzip
etag
W/"b3b7374e85e1ac0cc96fc7cf6fd4f7d4"
last-modified
Mon, 05 Sep 2022 13:17:18 GMT
server
AmazonS3
age
2788
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
cache-control
max-age=86400,s-maxage=86400
date
Mon, 05 Sep 2022 17:10:18 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
87QQAiG74taAx15DpPPZIzNvT-YtMys-eFF5mPOtzcb_RrZODcQ2SA==
sprite.d6afaced49593c65e3955e75c27883f9.svg
www.eonline.com/dist/svg/
35 KB
10 KB
Other
General
Full URL
https://www.eonline.com/dist/svg/sprite.d6afaced49593c65e3955e75c27883f9.svg
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.218 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-218.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
0a18fb8288409b59949384dba2d950cf9b8dd95b77f04c3851b33c5f35667976
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
br
referrer-policy
no-referrer-when-downgrade, no-referrer-when-downgrade
last-modified
Fri, 01 Jul 2022 00:43:15 GMT
server
Akamai Resource Optimizer
etag
"8bd1-5e2999ab54d40-gzip"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
date
Mon, 05 Sep 2022 17:54:53 GMT
accept-ranges
bytes
content-length
10265
x-content-type-options
nosniff, nosniff
P7u___9JIdXC
player.theplatform.com/p/BdHJDC/pdk6PocStable/select/media/ Frame 8EBB
0
0

memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.eonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 18:50:24 GMT
x-content-type-options
nosniff
age
601468
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Aug 2023 18:50:24 GMT
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v34/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.eonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 18:50:37 GMT
x-content-type-options
nosniff
age
601455
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47952
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:22:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Aug 2023 18:50:37 GMT
nlsSDK600.bundle.min.js
cdn-gl.imrworldwide.com/novms/js/2/
195 KB
55 KB
Script
General
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/P7B7DDF6C-EBA7-42BE-BEF2-232D0A48C49A.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:7400:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
DrLErfhsYc9Oxds2t7Wz_kyLr0yC.GSp
content-encoding
gzip
etag
W/"81a9e2a298d0019660cb2966f0c24748"
age
1681
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Mon, 02 May 2022 13:40:06 GMT
server
AmazonS3
date
Mon, 05 Sep 2022 17:26:52 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
RCAv6SsEaRE8WPAPXT8qn6Y7PUQ74T2OexPxvkUQKuAECnYovM5ueA==
/
mps.nbcuni.com/request/page/json/params/
79 KB
18 KB
XHR
General
Full URL
https://mps.nbcuni.com/request/page/json/params/?CALLBACK=mpsCallback&cat=topics%7Ccelebrity%20families%7Cnews%20detail&site=e-web&path=%2Fca%2Fnews%2F1343461%2Fkylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart&type=news%20detail&cag%5Bzoneid%5D=intl&cag%5Bdfpnetwork%5D=2620&cag%5Bprimary%5D=celebrity%20families&cag%5Btopics%5D=celebrity%20families%7Ckris%20jenner%7Cceleb%20kids%7Ckardashians%7Ckylie%20jenner%7Ccelebrities%7Cstormi%20webster&content_id=1343461&cag%5Bgeoid%5D=de&NOLOAD=mpstools&USE_OVERLAY=0&IRSOURCE=false&ASYNC=1
Requested by
Host: mps.nbcuni.com
URL: https://mps.nbcuni.com/fetch/ext/load-e-web.js?nowrite=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.168.29 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-168-29.deploy.static.akamaitechnologies.com
Software
Apache / PHP/7.1.33
Resource Hash
10a3029565af3ac373213224681d56fad9e1600f5280f184953699abd54b1118

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 17:54:53 GMT
Content-Encoding
gzip
Server
Apache
X-Powered-By
PHP/7.1.33
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
17030
Expires
Mon, 05 Sep 2022 17:54:53 GMT
id
dpm.demdex.net/
1004 B
1 KB
XHR
General
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=B3ABA272551949410A4C98A2%40AdobeOrg&d_nsid=0&ts=1662400492996
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENfb0d8c9c83a248f186134c5888716f23.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.125.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-125-227.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
3f9b709b464b45f430224399af0b173e5f75fb223394b84c0bf34d9e9c56a5d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-2-v038-00508e2e6.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
dlsZn/0QTmk=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.eonline.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
589
Expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/
33 KB
12 KB
Script
General
Full URL
https://assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENfb0d8c9c83a248f186134c5888716f23.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:2a4::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
92c5b25edbc4647c55be848b92ea22fd4618cc3252a2364025262e18a7430f84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

unused62
8096267
date
Mon, 05 Sep 2022 17:54:53 GMT
content-encoding
gzip
last-modified
Wed, 18 Aug 2021 21:04:01 GMT
server
AkamaiNetStorage
etag
"4635bffccc756e9a52eae8011adb9137:1629320641.842128"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.eonline.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12188
expires
Mon, 05 Sep 2022 18:54:53 GMT
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/
3 KB
2 KB
Script
General
Full URL
https://assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENfb0d8c9c83a248f186134c5888716f23.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:2a4::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0821bd2158b7c2d4165a43a999f30fdc1dc977c6f216ae950298b0237189c0e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

unused62
8096267
date
Mon, 05 Sep 2022 17:54:53 GMT
content-encoding
gzip
last-modified
Wed, 18 Aug 2021 21:04:02 GMT
server
AkamaiNetStorage
etag
"8b210658d66894c896047ae490138f1c:1629320642.068491"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.eonline.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
1593
expires
Mon, 05 Sep 2022 18:54:53 GMT
AppMeasurement_Module_AudienceManagement.min.js
assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/
25 KB
9 KB
Script
General
Full URL
https://assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/AppMeasurement_Module_AudienceManagement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENfb0d8c9c83a248f186134c5888716f23.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:2a4::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
e46dd3fc7af479e4504f24fde2c0f30a7702dd09ad22ad3a6dd84839796292eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

unused62
8096267
date
Mon, 05 Sep 2022 17:54:53 GMT
content-encoding
gzip
last-modified
Wed, 18 Aug 2021 21:04:02 GMT
server
AkamaiNetStorage
etag
"46ddc14338df08a965a4d5269b73d1ad:1629320642.34831"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.eonline.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
8763
expires
Mon, 05 Sep 2022 18:54:53 GMT
chartbeat_mab.js
static.chartbeat.com/js/
23 KB
10 KB
Script
General
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7600:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 16:46:45 GMT
content-encoding
gzip
last-modified
Wed, 20 Jul 2022 00:57:56 GMT
server
nginx
age
4088
etag
W/"62d75314-5d6b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
JA6HOs4Acyw353zWO6wuyS8tnk3_UULkOKGDtdqapuwxl6-xoy8y-A==
expires
Mon, 05 Sep 2022 18:46:45 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
83 KB
28 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: mps.nbcuni.com
URL: https://mps.nbcuni.com/fetch/ext/load-e-web.js?nowrite=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d162942e00d8e9beb4aad8a89aa7cd40336e4c5875d4cce97d4cf4bfd883db21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:54:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28557
x-xss-protection
0
server
sffe
etag
"1324 / 335 of 1000 / last-modified: 1662156382"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 05 Sep 2022 17:54:53 GMT
RC86481b102d774fb195e4d7b627398c98-source.min.js
assets.adobedtm.com/39952453358b/bbeab55061fe/4013ceec1bb6/
499 B
592 B
Script
General
Full URL
https://assets.adobedtm.com/39952453358b/bbeab55061fe/4013ceec1bb6/RC86481b102d774fb195e4d7b627398c98-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENfb0d8c9c83a248f186134c5888716f23.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:2a4::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
cfb46bab8d22b2816338cee23d9c0d9c662a46b3ec088b1d21f0d3472dc34b6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:54:53 GMT
content-encoding
gzip
last-modified
Thu, 18 Aug 2022 22:31:38 GMT
server
AkamaiNetStorage
etag
"bef06e1139fd904e738ae32800b9c8ed:1660861898.652289"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.eonline.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
327
expires
Mon, 05 Sep 2022 18:54:53 GMT
RC35aedf730be44b4ea864c879f6e36648-source.min.js
assets.adobedtm.com/39952453358b/bbeab55061fe/4013ceec1bb6/
681 B
669 B
Script
General
Full URL
https://assets.adobedtm.com/39952453358b/bbeab55061fe/4013ceec1bb6/RC35aedf730be44b4ea864c879f6e36648-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENfb0d8c9c83a248f186134c5888716f23.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:2a4::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
97348af363e8f868241878e4e0f6e41f97c905b1b6518d0cc0bdb436c2c952eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:54:53 GMT
content-encoding
gzip
last-modified
Thu, 18 Aug 2022 22:31:38 GMT
server
AkamaiNetStorage
etag
"bef06e1139fd904e738ae32800b9c8ed:1660861898.652289"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.eonline.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
404
expires
Mon, 05 Sep 2022 18:54:53 GMT
RC224b9642ab9d4f2489130c99e42c9aec-source.min.js
assets.adobedtm.com/39952453358b/bbeab55061fe/4013ceec1bb6/
459 B
553 B
Script
General
Full URL
https://assets.adobedtm.com/39952453358b/bbeab55061fe/4013ceec1bb6/RC224b9642ab9d4f2489130c99e42c9aec-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENfb0d8c9c83a248f186134c5888716f23.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:2a4::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
97ae0f599e5bc08fc0926bce21c4bf8427f78a4e80fb519c276aa5bc842195f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:54:53 GMT
content-encoding
gzip
last-modified
Thu, 18 Aug 2022 22:31:38 GMT
server
AkamaiNetStorage
etag
"bef06e1139fd904e738ae32800b9c8ed:1660861898.652289"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.eonline.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
288
expires
Mon, 05 Sep 2022 18:54:53 GMT
RC14f6544f87c346d89c287f6cc1ab6b07-source.min.js
assets.adobedtm.com/39952453358b/bbeab55061fe/4013ceec1bb6/
629 B
666 B
Script
General
Full URL
https://assets.adobedtm.com/39952453358b/bbeab55061fe/4013ceec1bb6/RC14f6544f87c346d89c287f6cc1ab6b07-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENfb0d8c9c83a248f186134c5888716f23.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:2a4::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
e9096ec91479745771871edfe9afda337c1c2cee4705ee408d2cb3115c317f33

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:54:53 GMT
content-encoding
gzip
last-modified
Thu, 18 Aug 2022 22:31:38 GMT
server
AkamaiNetStorage
etag
"bef06e1139fd904e738ae32800b9c8ed:1660861898.652289"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.eonline.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
402
expires
Mon, 05 Sep 2022 18:54:53 GMT
RCe8452ee1fb624058b323e0e125e2a7b5-source.min.js
assets.adobedtm.com/39952453358b/bbeab55061fe/4013ceec1bb6/
680 B
627 B
Script
General
Full URL
https://assets.adobedtm.com/39952453358b/bbeab55061fe/4013ceec1bb6/RCe8452ee1fb624058b323e0e125e2a7b5-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENfb0d8c9c83a248f186134c5888716f23.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:2a4::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d39615c5c00bc78cdab70b1d18691035540ce4244e2f56bc9278e2637df1f707

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:54:53 GMT
content-encoding
gzip
last-modified
Thu, 18 Aug 2022 22:31:38 GMT
server
AkamaiNetStorage
etag
"bef06e1139fd904e738ae32800b9c8ed:1660861898.652289"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.eonline.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
362
expires
Mon, 05 Sep 2022 18:54:53 GMT
ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame 7969
12 KB
4 KB
Document
General
Full URL
https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:7400:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2118
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Mon, 05 Sep 2022 17:19:36 GMT
etag
W/"7fa83dfc7b78314b137e2eb13834daa7"
last-modified
Mon, 02 May 2022 13:40:06 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
x-amz-cf-id
e3HX9-OT1DP-sNeo-RoFIRM-ne3_ee_DIa2Ahnjd9wL6ax8ycbb8BA==
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
x-amz-version-id
pCvO2RaXRfPysrOm9wpmYmW2HbKONfJo
x-cache
Hit from cloudfront
dest5.html
eo.demdex.net/ Frame AEC9
7 KB
3 KB
Document
General
Full URL
https://eo.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENfb0d8c9c83a248f186134c5888716f23.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.4.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-4-32.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-2-v038-0f7693ade.edge-irl1.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
r/YqKLhyRMk=
content-encoding
gzip
date
Mon, 5 Sep 2022 17:54:53 GMT
last-modified
Wed, 3 Aug 2022 12:12:43 GMT
transfer-encoding
chunked
vary
accept-encoding
delivery
eonline.tt.omtrdc.net/rest/v1/
350 B
716 B
XHR
General
Full URL
https://eonline.tt.omtrdc.net/rest/v1/delivery?client=eonline&sessionId=a2776d6cfb434de09ac76dde649f21ad&version=2.5.0
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/dist/js/16.49a99ac1e0810dd84345.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.60.7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-60-7.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
18598019a57e76179b5f1f2a99031a527d5c7193c3a7ab343554f4185d7a9ea9

Request headers

Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Sep 2022 17:54:53 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.eonline.com
access-control-allow-credentials
true
timing-allow-origin
*
x-request-id
f00467f2a9b85192f65746a9ed154ca4
delivery
eonline.tt.omtrdc.net/rest/v1/
350 B
715 B
XHR
General
Full URL
https://eonline.tt.omtrdc.net/rest/v1/delivery?client=eonline&sessionId=a2776d6cfb434de09ac76dde649f21ad&version=2.5.0
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/dist/js/16.49a99ac1e0810dd84345.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.60.7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-60-7.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f73694a959a015821cbb7eaffffa208c6812161c172f6642125de6ba832e6f89

Request headers

Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Sep 2022 17:54:53 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.eonline.com
access-control-allow-credentials
true
timing-allow-origin
*
x-request-id
7c711191b94ed1cc42440b4cb7cef8fe
otSDKStub.js
cdn.cookielaw.org/consent/f7922f3b-1487-4360-9a55-04a5ff49b019/
13 KB
5 KB
Script
General
Full URL
https://cdn.cookielaw.org/consent/f7922f3b-1487-4360-9a55-04a5ff49b019/otSDKStub.js
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/dist/js/95.e02ca90e78de4a2c45f8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e00caac038d69fd33d1e799dae6141d5faa7b0fd91063277ab4bc3e09e76607f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Origin
https://www.eonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 05 Sep 2022 17:54:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
OlejsekX5A/KRUZGPkDKfQ==
age
6454
vary
Accept-Encoding
content-length
4262
x-ms-lease-status
unlocked
last-modified
Wed, 24 Mar 2021 18:48:45 GMT
server
cloudflare
etag
0x8D8EEF574213C0B
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
606b0187-f01e-0025-4b31-ca4055000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7460d52aaedc5c20-FRA
expires
Mon, 05 Sep 2022 21:54:53 GMT
P7u___9JIdXC
player.theplatform.com/p/BdHJDC/pdk6PocStable/select/media/ Frame 8EBB
18 KB
18 KB
Document
General
Full URL
https://player.theplatform.com/p/BdHJDC/pdk6PocStable/select/media/P7u___9JIdXC?form=html&playAll=true&playIndex=first&autoPlay=true&logLevel=none&params=csid%3De_online_vod_de%26vcid2%3Dgytce3C3ThpSocruBjJJY%26_fw_h_referer%3Dwww.eonline.com%26fw_gdpr%3D0
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/dist/js/16.49a99ac1e0810dd84345.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.27.170.201 Philadelphia, United States, ASN14042 (COMCAST-COMM-MGT-1, US),
Reverse DNS
Software
Jetty(8.1.16.2) /
Resource Hash
805f848cb4ee132ad0f596478724282fc0a19b1c45d820f42b62137cf0799f0d

Request headers

Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
close
Content-Type
text/html;charset=UTF-8
Date
Mon, 05 Sep 2022 17:54:53 GMT Mon, 05 Sep 2022 17:54:53 GMT
P3P
CP="CUR CUS NOI STA NAV PSAi OUR OTRo IND"
Server
Jetty(8.1.16.2)
X-Cache
MISS from player.theplatform.com:443
rs_1200x1200-210418183106-1200-Kylie-jenner-stormi-webster-mp.jpg
akns-images.eonline.com/eol_images/Entire_Site/2021318/
6 KB
6 KB
Image
General
Full URL
https://akns-images.eonline.com/eol_images/Entire_Site/2021318/rs_1200x1200-210418183106-1200-Kylie-jenner-stormi-webster-mp.jpg?fit=around%7C100:100&output-quality=90&crop=100:100;center,top
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10e::6860:5b78 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
98a301d55f0cd69be8290754f071d4427e6f4c8e48d8d905a9a0fc18e897979a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:54:53 GMT
last-modified
Wed, 13 Jul 2022 20:06:17 GMT
server
Akamai Image Manager
etag
"297b0ee3f95d110df9c1a8a2a428379d:1618795869.299246"
content-type
image/jpeg
cache-control
private, no-transform, max-age=2592000
content-length
6366
expires
Wed, 05 Oct 2022 17:54:53 GMT
rs_634x1024-220825043838-634-kylie-jenner-ulta-beauty-launch-082522.jpg
akns-images.eonline.com/eol_images/Entire_Site/2022725/
169 KB
170 KB
Image
General
Full URL
https://akns-images.eonline.com/eol_images/Entire_Site/2022725/rs_634x1024-220825043838-634-kylie-jenner-ulta-beauty-launch-082522.jpg?fit=around%7C634:1024&output-quality=90&crop=634:1024;center,top
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10e::6860:5b78 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
7425d2ace2513feef80d93716ca1ced6190ad4552fbe4e4fa1ecb491bbfdd3bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:54:53 GMT
last-modified
Thu, 25 Aug 2022 11:59:06 GMT
server
Akamai Image Manager
etag
"90fbb42a496b93f876313497337f5f08:1661427522.353021"
content-type
image/jpeg
cache-control
private, no-transform, max-age=1620362
content-length
173466
expires
Sat, 24 Sep 2022 12:00:55 GMT
rs_1200x1200-220904161713-_Christina-Hall-and-Josh-Hall-2.jpg
akns-images.eonline.com/eol_images/Entire_Site/202284/
41 KB
41 KB
Image
General
Full URL
https://akns-images.eonline.com/eol_images/Entire_Site/202284/rs_1200x1200-220904161713-_Christina-Hall-and-Josh-Hall-2.jpg?fit=around%7C300:300&output-quality=90&crop=300:300;center,top
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10e::6860:5b78 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
363c2851d48b2d7062a82178a8f204fd22319cf777924ebe87b2f9ee1e6805e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:54:53 GMT
last-modified
Sun, 04 Sep 2022 23:52:03 GMT
server
Akamai Image Manager
etag
"daaab4a9fe25a47d6408c9584ff3787f:1662333437.311731"
content-type
image/jpeg
cache-control
private, no-transform, max-age=2527110
content-length
41520
expires
Tue, 04 Oct 2022 23:53:23 GMT
rs_1200x1200-220902163118-1200-olivia-wilde-harry-styles.jpg
akns-images.eonline.com/eol_images/Entire_Site/202282/
40 KB
41 KB
Image
General
Full URL
https://akns-images.eonline.com/eol_images/Entire_Site/202282/rs_1200x1200-220902163118-1200-olivia-wilde-harry-styles.jpg?fit=around%7C300:300&output-quality=90&crop=300:300;center,top
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10e::6860:5b78 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
b661075ac52f02c3797623f6024f32bb61dedbdaf324bbdb3fc5d2957d87c569

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:54:53 GMT
x-check-cacheable
YES
x-serial
1048
etag
"c99ada0dea94a77b27f34c5e06b25087:1662161481.166061"
content-type
image/jpeg
cache-control
private, no-transform, max-age=2570597
last-modified
Mon, 05 Sep 2022 12:00:13 GMT
content-length
41448
server
Akamai Image Manager
expires
Wed, 05 Oct 2022 11:58:10 GMT
rs_1200x1200-220904131533-Jordana-Brewster-and-Mason-Morfit--7.jpg
akns-images.eonline.com/eol_images/Entire_Site/202284/
32 KB
32 KB
Image
General
Full URL
https://akns-images.eonline.com/eol_images/Entire_Site/202284/rs_1200x1200-220904131533-Jordana-Brewster-and-Mason-Morfit--7.jpg?fit=around%7C300:300&output-quality=90&crop=300:300;center,top
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10e::6860:5b78 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
7d975c26b06ab0b2c7602f25a9bb3396f5105b93f593053555cf5a130063362a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:54:53 GMT
last-modified
Sun, 04 Sep 2022 21:00:26 GMT
server
Akamai Image Manager
etag
"78137ac0a21497e3d1523f095624c97c:1662322535.547322"
content-type
image/jpeg
cache-control
private, no-transform, max-age=2516732
content-length
32944
expires
Tue, 04 Oct 2022 21:00:25 GMT
rs_1200x1200-220218080657-1200-Adriana_Lima-Fashion_Trust_Arabia_Prize_2021_Awards-gj.jpg
akns-images.eonline.com/eol_images/Entire_Site/2022118/
34 KB
34 KB
Image
General
Full URL
https://akns-images.eonline.com/eol_images/Entire_Site/2022118/rs_1200x1200-220218080657-1200-Adriana_Lima-Fashion_Trust_Arabia_Prize_2021_Awards-gj.jpg?fit=around%7C300:300&output-quality=90&crop=300:300;center,top
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10e::6860:5b78 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
cb53c27269f9360734f3bfa8922fcc531387d85dba0a49a0946ff7ad2546b19c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:54:53 GMT
x-check-cacheable
YES
x-serial
8
etag
"572020b84134bf9c7b1d94f0dbc11007:1645200421.925296"
content-type
image/jpeg
cache-control
private, no-transform, max-age=2586220
last-modified
Mon, 05 Sep 2022 16:19:01 GMT
content-length
34331
server
Akamai Image Manager
expires
Wed, 05 Oct 2022 16:18:33 GMT
rs_1200x1200-220901083521-1200-kevin-Jonas-KD-090122.jpg
akns-images.eonline.com/eol_images/Entire_Site/202281/
20 KB
21 KB
Image
General
Full URL
https://akns-images.eonline.com/eol_images/Entire_Site/202281/rs_1200x1200-220901083521-1200-kevin-Jonas-KD-090122.jpg?fit=around%7C300:300&output-quality=90&crop=300:300;center,top
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10e::6860:5b78 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
a57471939eb8011f355e21c42ce18949216b999db54699dff426c7aff1459feb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:54:53 GMT
x-check-cacheable
YES
x-serial
21
etag
"f0ad946ff2e171d98ac347a79eda1490:1662046524.625884"
content-type
image/jpeg
cache-control
private, no-transform, max-age=2563502
last-modified
Mon, 05 Sep 2022 10:00:11 GMT
content-length
20986
server
Akamai Image Manager
expires
Wed, 05 Oct 2022 09:59:55 GMT
rs_1200x1200-210421154558-1200-Mark-Cuevas-and-Aubrey-Rainey.cm.42121.jpg
akns-images.eonline.com/eol_images/Entire_Site/2021321/
40 KB
40 KB
Image
General
Full URL
https://akns-images.eonline.com/eol_images/Entire_Site/2021321/rs_1200x1200-210421154558-1200-Mark-Cuevas-and-Aubrey-Rainey.cm.42121.jpg?fit=around%7C300:300&output-quality=90&crop=300:300;center,top
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10e::6860:5b78 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
dfaa2f31100ea091dcf977cb8aa424f1f82b25eb28503c6618ef01f8af721a04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:54:53 GMT
x-check-cacheable
YES
x-serial
610
etag
"7b50f00cff68ba2f5dae8154b8170a24:1619045160.416355"
content-type
image/jpeg
cache-control
private, no-transform, max-age=2591207
last-modified
Mon, 05 Sep 2022 17:44:05 GMT
content-length
40684
server
Akamai Image Manager
expires
Wed, 05 Oct 2022 17:41:40 GMT
rs_1200x1200-220831023211-61E3CD6D-4D0C-41E1-9E97-275A57B7BCDF.png
akns-images.eonline.com/eol_images/Entire_Site/2022731/
16 KB
17 KB
Image
General
Full URL
https://akns-images.eonline.com/eol_images/Entire_Site/2022731/rs_1200x1200-220831023211-61E3CD6D-4D0C-41E1-9E97-275A57B7BCDF.png?fit=around%7C300:300&output-quality=90&crop=300:300;center,top
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10e::6860:5b78 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
069bd9db400ab661fab8d09a3af72a2696d58d35259dc9116f81982f17573da8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:54:53 GMT
last-modified
Wed, 31 Aug 2022 13:02:05 GMT
server
Akamai Image Manager
etag
"91eaf94f4a1ecd419f6264234de177b9:1661938333.54468"
content-type
image/jpeg
cache-control
private, no-transform, max-age=2142398
content-length
16806
expires
Fri, 30 Sep 2022 13:01:31 GMT
rs_1200x1200-220502154208-1200--Maude-Apatow.jpg
akns-images.eonline.com/eol_images/Entire_Site/202242/
33 KB
33 KB
Image
General
Full URL
https://akns-images.eonline.com/eol_images/Entire_Site/202242/rs_1200x1200-220502154208-1200--Maude-Apatow.jpg?fit=around%7C300:300&output-quality=90&crop=300:300;center,top
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10e::6860:5b78 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
f37645bb0e7d979fb2b57db4fde083a4c42238a7a2ba4422fa27a5dc714b0255

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:54:53 GMT
last-modified
Mon, 05 Sep 2022 16:55:52 GMT
server
Akamai Image Manager
etag
"97a1e1ab19ff9af5a56fb50bf2c7f24b:1651531330.463891"
content-type
image/jpeg
cache-control
private, no-transform, max-age=2588441
content-length
33578
expires
Wed, 05 Oct 2022 16:55:34 GMT
rs_1200x1200-220831105709-1200-spliut.jpg
akns-images.eonline.com/eol_images/Entire_Site/2022731/
39 KB
39 KB
Image
General
Full URL
https://akns-images.eonline.com/eol_images/Entire_Site/2022731/rs_1200x1200-220831105709-1200-spliut.jpg?fit=around%7C300:300&output-quality=90&crop=300:300;center,top
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10e::6860:5b78 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
782f268e77cfc3046cb40e35fdbb9904456f813a7847883a83a2221d8c37b776

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:54:53 GMT
last-modified
Mon, 05 Sep 2022 16:00:18 GMT
server
Akamai Image Manager
etag
"9f6b76af695c63a1c44aab66f21df9dd:1661968632.328872"
content-type
image/jpeg
cache-control
private, no-transform, max-age=2172373
content-length
40121
expires
Fri, 30 Sep 2022 21:21:06 GMT
rs_1200x1200-220831141811-anthropologie-labor-day-1200-.jpg
akns-images.eonline.com/eol_images/Entire_Site/2022731/
27 KB
27 KB
Image
General
Full URL
https://akns-images.eonline.com/eol_images/Entire_Site/2022731/rs_1200x1200-220831141811-anthropologie-labor-day-1200-.jpg?fit=around%7C300:300&output-quality=90&crop=300:300;center,top
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10e::6860:5b78 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
8c2ce69aee006d95b0bf1120931c0866506165bd8653814a8837617d6ef3601f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:54:53 GMT
last-modified
Wed, 31 Aug 2022 21:55:51 GMT
server
Akamai Image Manager
etag
"07ee49cf50688d6fb3523a227c0a6584:1661980695.843825"
content-type
image/jpeg
cache-control
private, no-transform, max-age=2174450
content-length
27371
expires
Fri, 30 Sep 2022 21:55:43 GMT
rs_1200x1200-220905082530-1200-Florence-Olivia-Shia-KD-090522.jpg
akns-images.eonline.com/eol_images/Entire_Site/202285/
36 KB
37 KB
Image
General
Full URL
https://akns-images.eonline.com/eol_images/Entire_Site/202285/rs_1200x1200-220905082530-1200-Florence-Olivia-Shia-KD-090522.jpg?fit=around%7C300:300&output-quality=90&crop=300:300;center,top
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10e::6860:5b78 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
a62fc33c242a2cac257115807b453a6267ecc07adf275f6f323065ee96531c9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:54:53 GMT
x-check-cacheable
YES
x-serial
31
etag
"71cb6992a8c3b072c36b67f85f8d1e74:1662391533.612599"
content-type
image/jpeg
cache-control
private, no-transform, max-age=2583954
last-modified
Mon, 05 Sep 2022 15:41:57 GMT
content-length
37319
server
Akamai Image Manager
expires
Wed, 05 Oct 2022 15:40:47 GMT
global_header.js
www.nbcudigitaladops.com/hosted/
3 KB
1 KB
Script
General
Full URL
https://www.nbcudigitaladops.com/hosted/global_header.js
Requested by
Host: mps.nbcuni.com
URL: https://mps.nbcuni.com/fetch/ext/load-e-web.js?nowrite=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.208.242.66 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-242-66.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
97dde029fd4bcb2d54124814d94bcc8a3001f057e8002feb81cf506fd4265332

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 05 Sep 2022 17:54:53 GMT
Content-Encoding
gzip
Server
AkamaiNetStorage
ETag
"17ad26e689045d4d6592841ba6b505e4:1458337832"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=9926404
Connection
keep-alive
Content-Length
1121
moatheader.js
z.moatads.com/nbcuyieldheader7581548001/
220 KB
78 KB
Script
General
Full URL
https://z.moatads.com/nbcuyieldheader7581548001/moatheader.js
Requested by
Host: mps.nbcuni.com
URL: https://mps.nbcuni.com/fetch/ext/load-e-web.js?nowrite=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
de378dde2cb82d6ad4893e2d148b67133b50c51469fe14dfd9e4d515fb4d10f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:54:53 GMT
content-encoding
gzip
last-modified
Fri, 02 Sep 2022 20:42:16 GMT
server
AmazonS3
x-amz-request-id
2RP3MQ1AJAYKET7M
etag
"226a83255625a778c3fe9b915d4b3c26"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=48987
accept-ranges
bytes
content-length
79281
x-amz-id-2
PfTIHr927cUdk+8ygbV0qcaujZowb3oESYJgBJjg0XAzPpzYv9lebwFfj14+4K7eE3XcL47isZc=
185796-36689253545932.js
js-sec.indexww.com/ht/p/
150 KB
41 KB
Script
General
Full URL
https://js-sec.indexww.com/ht/p/185796-36689253545932.js
Requested by
Host: mps.nbcuni.com
URL: https://mps.nbcuni.com/fetch/ext/load-e-web.js?nowrite=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
580f8e73da366db45f1f08b4b9ba56e3a6b540e6591f847f5ab9efe63afcb65e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 05 Sep 2022 17:54:53 GMT
Content-Encoding
gzip
Last-Modified
Mon, 05 Sep 2022 17:01:04 GMT
Server
Apache
ETag
"764ee7-25644-5e7f1066fff0e"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=595
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
41919
Expires
Mon, 05 Sep 2022 18:04:48 GMT
u
1f2e7.v.fwmrm.net/ad/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=185
  • https://1f2e7.v.fwmrm.net/ad/u?nw=127719&dpid=127719&token=b8ce708402a6286faf64c964294f2046&gif=1&buid=da96c8abfe2fcd128ba8227a8a7ddd&_fw_gdpr=0&_fw_gdpr_consent=
43 B
455 B
Image
General
Full URL
https://1f2e7.v.fwmrm.net/ad/u?nw=127719&dpid=127719&token=b8ce708402a6286faf64c964294f2046&gif=1&buid=da96c8abfe2fcd128ba8227a8a7ddd&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Protocol
HTTP/1.1
Server
18.134.84.22 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-134-84-22.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 17:54:53 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=300
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 17:54:53 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://1f2e7.v.fwmrm.net/ad/u?nw=127719&dpid=127719&token=b8ce708402a6286faf64c964294f2046&gif=1&buid=da96c8abfe2fcd128ba8227a8a7ddd&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1662400493262048-340
Expires
Mon, 05 Sep 2022 17:54:53 GMT
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/
250 B
544 B
XHR
General
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=x.eonline.com&domain=eonline.com&path=%2Fca%2Fnews%2F1343461%2Fkylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/dist/js/16.49a99ac1e0810dd84345.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cdce9e9f28278f68d8dcbc5e43c7ad4af3e8164d99346b1daee20ebc581af536

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:54:53 GMT
content-encoding
gzip
x-cache-hits
0
age
0
x-cache
MISS
cross-origin-resource-policy
cross-origin
content-length
191
x-served-by
cache-fra19146-FRA
access-control-allow-origin
*
x-timer
S1662400493.289828,VS0,VE94
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
via
1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Sat, 03 Sep 2022 17:54:53 GMT
u
29773.v.fwmrm.net/ad/
0
411 B
Image
General
Full URL
https://29773.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fwww.eonline.com%2Ffw-syncpixel.gif%3F_uid%3D%23%7Buser.id%7D
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f602:4d5e:ab92:54cb:6c57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 17:54:53 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
chartbeat.js
static.chartbeat.com/js/
37 KB
15 KB
Script
General
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7600:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 16:52:11 GMT
content-encoding
gzip
last-modified
Wed, 20 Jul 2022 00:50:34 GMT
server
nginx
age
3761
etag
W/"62d7515a-933f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
Oth0JA60c2_anBe1SYPBNZuu0Li1XSKh79L3LYggK9GmU8sMYKhQjg==
expires
Mon, 05 Sep 2022 18:52:11 GMT
spm.v1.min.js
ak.sail-horizon.com/spm/
121 KB
43 KB
Script
General
Full URL
https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENfb0d8c9c83a248f186134c5888716f23.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-22.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3021dbc38c2dfd3da4cda6c72c24bc160cfc2ff37cb8acb9b2d16ba5da750274

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:51:10 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 19:28:34 GMT
server
AmazonS3
age
224
etag
W/"5ac321f76860c47cd57c582425e76274"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
cache-control
max-age=600; must-revalidate
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
cZHuNLheW-B1Lot2wygFVAokQZfKcvhwtmFKP0bB4Kea5_PAOSUOtQ==
pubads_impl_2022083001.js
securepubads.g.doubleclick.net/gpt/
379 KB
129 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4baa280c316f80216c7d9dcb64f308726f23cfe4fd4ada8d36aee7c3ea101108
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 11:47:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22057
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131975
x-xss-protection
0
last-modified
Tue, 30 Aug 2022 08:35:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 05 Sep 2023 11:47:16 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
256 B
162 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.eonline.com
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/dist/js/16.49a99ac1e0810dd84345.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e98b57c5bd665b3b5388f51733430090ca6b5f498d9b58b765ac2fef40c1340b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 05 Sep 2022 17:54:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
137
x-xss-protection
0
expires
Mon, 05 Sep 2022 17:54:53 GMT
f7922f3b-1487-4360-9a55-04a5ff49b019.json
cdn.cookielaw.org/consent/f7922f3b-1487-4360-9a55-04a5ff49b019/
3 KB
2 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/f7922f3b-1487-4360-9a55-04a5ff49b019/f7922f3b-1487-4360-9a55-04a5ff49b019.json
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/dist/js/16.49a99ac1e0810dd84345.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5e065e454d999272c81abc2c8a21e7446d9d9b98e43fb4b64e5877d53870f56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 05 Sep 2022 17:54:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
JkjtrbtIe66lGle+68SUQQ==
age
1952
vary
Accept-Encoding
content-length
1397
x-ms-lease-status
unlocked
last-modified
Wed, 24 Mar 2021 18:48:41 GMT
server
cloudflare
etag
0x8D8EEF5717BB3F1
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
b0bd499e-c01e-008c-628a-2c95bd000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7460d52b1f905c20-FRA
expires
Mon, 05 Sep 2022 21:54:53 GMT
ping
ping.chartbeat.net/
43 B
201 B
Image
General
Full URL
https://ping.chartbeat.net/ping?h=x.eonline.com&p=%2Fca%2Fnews%2F1343461%2Fkylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart&u=IqoDlDua06dBCGFpX&d=eonline.com&g=53221&g0=ca&g1=kisha-forde&n=1&f=00001&c=0&x=0&m=0&y=3777&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1804&t=D_9SgSC5MehRuXpN6BOBn4ECV0IDW&V=136&i=See%20Kylie%20Jenner%E2%80%99s%20Sweet%20Response%20to%20When%20She%20Feels%20Most%20Confident%20-%20E!%20Online%20-%20CA&tz=0&sn=1&sv=Dl3T7LCs6G-wDco-KaiRAOXCU8dgX&sd=1&im=061b0fff&_
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.207.38.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-207-38-202.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:54:53 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
publishertag.js
static.criteo.net/js/ld/
119 KB
39 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185796-36689253545932.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
11b360963cee2563b6f93fc397a436c1c5b8ace543f35a9bb76095bd40ceccb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:54:53 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 00:22:12 GMT
server
nginx
etag
W/"63041db4-1ddab"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 06 Sep 2022 17:54:53 GMT
/
id.sv.rkdms.com/identity/
2 B
167 B
XHR
General
Full URL
https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=NBCU&sv_domain=www.eonline.com
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/dist/js/16.49a99ac1e0810dd84345.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.134.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-134-156.compute-1.amazonaws.com
Software
nginx/1.20.2 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.eonline.com
date
Mon, 05 Sep 2022 17:54:53 GMT
access-control-allow-credentials
true
server
nginx/1.20.2
content-length
2
vary
Origin
content-type
application/json
rid
match.adsrvr.org/track/
63 B
390 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=185796
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/dist/js/16.49a99ac1e0810dd84345.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
96b26c116949883363a4afdd6508b6896a05a9fc44e03a400413c89955e57450

Request headers

Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 05 Sep 2022 17:54:53 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.eonline.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Wed, 05 Oct 2022 17:54:53 GMT
identity
api.rlcdn.com/api/
44 B
360 B
XHR
General
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/dist/js/16.49a99ac1e0810dd84345.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 05 Sep 2022 17:54:53 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.eonline.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44
gn
secure-dcr.imrworldwide.com/cgi-bin/ Frame 7969
44 B
720 B
Image
General
Full URL
https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,P7B7DDF6C-EBA7-42BE-BEF2-232D0A48C49A&sessionId=gp8o5ztgz1sxpyw37adjfdyxxljxn1662400493&c16=sdkv,bj.6.0.0&uoo=&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&c30=bldv,6.0.0.623&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=&retry=0
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.181.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-181-114.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:54:53 GMT
server
nginx
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type
image/gif
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
/
gp8o5ztgz1sxpyw37adjfdyxxljxn1662400493.nuid.imrworldwide.com/ Frame 7969
35 B
350 B
Image
General
Full URL
https://gp8o5ztgz1sxpyw37adjfdyxxljxn1662400493.nuid.imrworldwide.com/
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:be00:1d:667e:2a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 02:26:44 GMT
via
1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
last-modified
Tue, 11 Sep 2018 17:05:20 GMT
server
AmazonS3
age
55690
etag
"c2196de8ba412c60c22ab491af7b1409"
x-cache
Hit from cloudfront
content-type
image/gif
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
35
x-amz-cf-id
1UFWaSXMjo-094pcVTE9Ti0WftDGr6QvgI-gnF22GDH8XPNvmectUQ==
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
164 B
300 B
Script
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/f7922f3b-1487-4360-9a55-04a5ff49b019/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2962 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
cf-ray
7460d52b89e1900a-FRA
date
Mon, 05 Sep 2022 17:54:53 GMT
vary
Accept-Encoding
content-type
text/javascript
v2
mb.moatads.com/yi/
398 B
572 B
Script
General
Full URL
https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5Dh3Mn%3Cz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-WbmDNwRTPmOps3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-aERseVcsuWC81Q%3D%3D&sc=1&os=1-4g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.eonline.com%2Fca%2Fnews%2F1343461%2Fkylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart&pcode=nbcuyieldheader7581548001&rx=213274416846&callback=MoatNadoAllJsonpRequest_85480780
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/nbcuyieldheader7581548001/moatheader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.219.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-219-233.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
4833546a9e174062c220f66082e35222e1a877ae9dfd2ac95d864a5838769746

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:54:53 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"89ab3040b8368b5dc98ace727ff142bde61b2025"
content-length
398
content-type
text/html; charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/
0
442 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_ced&pvsid=2117220968381854&sc=f&level=slot&vrg=2022083001&nw_id=2620&nslots=12&eid=31069203&pub_url=https%3A%2F%2Fwww.eonline.com%2Fca%2Fnews%2F1343461%2Fkylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:54:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hotjar-1762303.js
static.hotjar.com/c/
4 KB
3 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-1762303.js?sv=6
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-34.fra56.r.cloudfront.net
Software
/
Resource Hash
bac7459ab7164cb65fa8fdac023d0a8e5ab40e21f52dc5c1f75b9efc8514ac01
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=604800; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
age
23
x-cache
Hit from cloudfront
date
Mon, 05 Sep 2022 17:54:39 GMT
cross-origin-resource-policy
cross-origin
via
1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
cache-control
max-age=60
etag
W/ae12e7ca3d2cbb24f541ecd8cd73f821
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
3W2wEW6jJy-ZOUV65hWXMawIgqokXzB5L2DEZrKWR1vxr84aqJS-qg==
otCCPAiab.js
cdn.cookielaw.org/opt-out/
22 KB
6 KB
Script
General
Full URL
https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 05 Sep 2022 17:54:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
ERttG9+iQk1LCPjR495NRw==
age
985
vary
Accept-Encoding
x-ms-lease-status
unlocked
last-modified
Tue, 22 Feb 2022 22:01:18 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
00bc8f20-801e-016a-3f39-28c218000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
7460d52c7b88903a-FRA
simple
api.sail-personalize.com/v1/personalize/
288 B
495 B
Fetch
General
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Requested by
Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash
6c4e43e39ccd9b25eb552ca3dc0f2a9f5ad83f966cc85858ecb4454f7cd48a7d

Request headers

x-lib-version
v1.0.1
accept-language
de-DE,de;q=0.9
authorization
Bearer c6505d0af7ef6ab50b1a7bb4dadf14af
content-type
application/json
accept
application/json
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
x-referring-url
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:54:53 GMT
content-encoding
gzip
allowedorigins
*
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
allowedheaders
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length
194
allowedmethods
GET,OPTIONS
expires
-1
simple
api.sail-personalize.com/v1/personalize/ Frame
0
0
Preflight
General
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-lib-version,x-referring-url
Access-Control-Request-Method
GET
Origin
https://www.eonline.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin
https://www.eonline.com
access-control-max-age
1800
allow
HEAD,GET,OPTIONS
content-length
18
content-type
text/plain
date
Mon, 05 Sep 2022 17:54:53 GMT
s57763572659841
swa.eonline.com/b/ss/comcastegeonlineglobaldev/10/JS-2.22.1-LCUM/
1 KB
2 KB
XHR
General
Full URL
https://swa.eonline.com/b/ss/comcastegeonlineglobaldev/10/JS-2.22.1-LCUM/s57763572659841
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/dist/js/16.49a99ac1e0810dd84345.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
e144b487e92a4ee84731bd96e63dfbcdcf42acbd7709ec5ec40fe923fa68d614
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-aam-tid
F6vpKI7jSCI=
date
Mon, 05 Sep 2022 17:54:53 GMT
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy"
vary
*
content-length
1154
x-xss-protection
1; mode=block
dcs
dcs-prod-irl1-1-v038-0fb401301.edge-irl1.demdex.com 4 ms
pragma
no-cache
last-modified
Tue, 06 Sep 2022 17:54:53 GMT
server
jag
etag
3569977876663009280-4619893842572795449
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://www.eonline.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
expires
Sun, 04 Sep 2022 17:54:53 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.12.0/
361 KB
80 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.12.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/f7922f3b-1487-4360-9a55-04a5ff49b019/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d97729299024aa64b03739e244f254966f9b546045de88bd835701a473045d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Origin
https://www.eonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 05 Sep 2022 17:54:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Aib4Vlvkay7u77hQspwwDQ==
age
6323
vary
Accept-Encoding
content-length
81328
x-ms-lease-status
unlocked
last-modified
Wed, 20 Jan 2021 07:04:09 GMT
server
cloudflare
etag
0x8D8BD11958F56CC
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
6f7ebce4-101e-0042-5cff-01f3f2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7460d52cca265c20-FRA
pixel.gif
load77.exelator.com/ Frame AEC9
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=62320289127808541581693469639902101924
  • https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=62320289127808541581693469639902101924&xl8blockcheck=1
  • https://load77.exelator.com/pixel.gif
43 B
332 B
Image
General
Full URL
https://load77.exelator.com/pixel.gif
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Protocol
H2
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eo.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-77-nzt
AcO1qhHc20T/1m0NAA
x-accel-expires
@1662557207
date
Mon, 05 Sep 2022 17:54:53 GMT
etag
"59f0c3fc-2b"
last-modified
Wed, 25 Oct 2017 17:03:56 GMT
server
CDN77-Turbo
x-77-nzt-ray
uMMs5+6w7/M
x-77-cache
HIT
content-type
image/gif
access-control-allow-origin
*
x-cache
HIT
x-age
880086
accept-ranges
bytes
x-77-pop
frankfurtDE
content-length
43

Redirect headers

date
Mon, 05 Sep 2022 17:54:53 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://load77.exelator.com/pixel.gif
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
dnsfeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/
162 B
198 B
Script
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2962 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfeb7783a538aaf85df056bf149c808937dccdb3e3af5714d6fba017054e2f94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
cf-ray
7460d52cdc51900a-FRA
date
Mon, 05 Sep 2022 17:54:53 GMT
vary
Accept-Encoding
content-type
text/javascript
modules.d5eb3c97b67a0b8958ff.js
script.hotjar.com/
251 KB
65 KB
Script
General
Full URL
https://script.hotjar.com/modules.d5eb3c97b67a0b8958ff.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1762303.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-101.fra6.r.cloudfront.net
Software
/
Resource Hash
4ca35ab6756046c8b94ea3bde35009f35f981bbcb8fa3e8937c6dd956a36b3e1
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 09:50:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
288287
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains
content-length
65509
access-control-allow-origin
*
last-modified
Fri, 02 Sep 2022 09:49:47 GMT
etag
"5a03435fb2b1019b1b00d7bc5c267f72"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
dUMp_I13hpYuX739i2ApCyBT7tL9UxT7HxHwol4uLZSzjkmDl05jgw==
bid
krk.kargo.com/api/v1/
2 B
650 B
XHR
General
Full URL
https://krk.kargo.com/api/v1/bid?json=%7B%22sessionId%22%3A%22f35080c3-8610-47d5-bebd-1372bdba1ad4%22%2C%22timeout%22%3A1000%2C%22adSlotIDs%22%3A%5B%22329d3376-430d-4ea7-aded-aaeee5e0c58c%22%5D%2C%22timestamp%22%3A1662400493581%2C%22userIDs%22%3A%7B%22kargoID%22%3A%22%22%2C%22clientID%22%3A%22%22%2C%22tdID%22%3A%22%22%2C%22idlEnv%22%3A%22%22%2C%22crbIDs%22%3A%7B%7D%2C%22optOut%22%3Afalse%2C%22usp%22%3Anull%7D%2C%22krux%22%3A%7B%22userID%22%3Anull%2C%22segments%22%3A%5B%5D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.eonline.com%2Fca%2Fnews%2F1343461%2Fkylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/dist/js/16.49a99ac1e0810dd84345.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.207.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-207-110.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 17:54:53 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.eonline.com
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
26
X-Accel-Expires
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
cygnus
htlb.casalemedia.com/
78 B
614 B
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?v=7.2&s=216607&fn=headertag.IndexExchangeHtb.adResponseCallback&sd=1&r=%7B%22id%22%3A%2262272176%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.eonline.com%2Fca%2Fnews%2F1343461%2Fkylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%22001%22%2C%22siteID%22%3A%22525280%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%22002%22%2C%22siteID%22%3A%22525280%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%22003%22%2C%22siteID%22%3A%22525280%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A66%2C%22ext%22%3A%7B%22sid%22%3A%22004%22%2C%22siteID%22%3A%22525280%22%7D%7D%5D%7D%2C%22id%22%3A%221%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%2C%22at%22%3A1%7D
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/dist/js/16.49a99ac1e0810dd84345.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f68de314a12a3636ff9d3026c4f5274e44ee4dd8893be7b1f006175ef2f28781

Request headers

Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:54:53 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bUKjzERrh5zrJS985XfA6P8n%2Foc0pGFPJx14PGogiLTtzV3TQkxIKYYt%2BgCpc54zgFZLsPG8f%2BtUnNVzEr11BMvzFnRaQyR0vUGbmXdvAWoqhG0mtnRNQsXTpOG0l1htLtAQ3CW6"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
https://www.eonline.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7460d52d18459be2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
prebid
ib.adnxs.com/ut/v3/
53 B
737 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/dist/js/16.49a99ac1e0810dd84345.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 17:54:53 GMT
X-Proxy-Origin
37.58.57.2; 37.58.57.2; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
7e7dac33-ebd9-4e73-ad8a-c102cf848d29
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.eonline.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
53
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/
19 B
507 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?inv_code=EOnline_desktop_728x90_IX&lib=ix&size=728x90%2C970x250%2C970x66%2C970x90&referrer=https%3A%2F%2Fwww.eonline.com%2Fca%2Fnews%2F1343461%2Fkylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart&v=2.1.2&tmax=1000
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/dist/js/16.49a99ac1e0810dd84345.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.70.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-70-236.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:54:53 GMT
accept-ch
sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.eonline.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hb
sofia.trustx.org/
61 B
368 B
XHR
General
Full URL
https://sofia.trustx.org/hb?auids=16971&u=https%3A%2F%2Fwww.eonline.com%2Fca%2Fnews%2F1343461%2Fkylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart&pt=net&cb=window.headertag.TrustXHtb.adResponseCallbacks._xL55biW3&wtimeout=1000
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/dist/js/16.49a99ac1e0810dd84345.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.211.168.6 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
6.168.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
bcd84bdec4427d65b4388bc6bd79569e502275110da7ce5e9be26d3f64a79e89

Request headers

Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Mon, 05 Sep 2022 17:54:54 GMT
Server
nginx
Content-Type
text/javascript; charset=UTF-8
access-control-allow-origin
https://www.eonline.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
61
player.js
pdk.theplatform.com/pdk6/current/pdk/ Frame 8EBB
905 KB
244 KB
Script
General
Full URL
https://pdk.theplatform.com/pdk6/current/pdk/player.js
Requested by
Host: player.theplatform.com
URL: https://player.theplatform.com/p/BdHJDC/pdk6PocStable/select/media/P7u___9JIdXC?form=html&playAll=true&playIndex=first&autoPlay=true&logLevel=none&params=csid%3De_online_vod_de%26vcid2%3Dgytce3C3ThpSocruBjJJY%26_fw_h_referer%3Dwww.eonline.com%26fw_gdpr%3D0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.134.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-134-100.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3770e5d86e165b98783763fa56cdc1644259ce75daa0561263b9613ca627108d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Unused62
8096267
Date
Mon, 05 Sep 2022 17:54:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Jun 2021 11:39:26 GMT
Server
Apache
ETag
"16c70b-e23d6-5c467d7dfd780"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
249805
smooth.css
pdk.theplatform.com/pdk6/current/pdk/skins/ Frame 8EBB
58 KB
11 KB
Stylesheet
General
Full URL
https://pdk.theplatform.com/pdk6/current/pdk/skins/smooth.css
Requested by
Host: player.theplatform.com
URL: https://player.theplatform.com/p/BdHJDC/pdk6PocStable/select/media/P7u___9JIdXC?form=html&playAll=true&playIndex=first&autoPlay=true&logLevel=none&params=csid%3De_online_vod_de%26vcid2%3Dgytce3C3ThpSocruBjJJY%26_fw_h_referer%3Dwww.eonline.com%26fw_gdpr%3D0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.134.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-134-100.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d9298ad57b79ad1267dae11b3613ea779f763eebf484d84c21540b8ef4a99b6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Unused62
8096267
Date
Mon, 05 Sep 2022 17:54:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Jun 2021 11:38:06 GMT
Server
Apache
ETag
"16c720-e6b7-5c467d31b2380"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10440
en.json
cdn.cookielaw.org/consent/f7922f3b-1487-4360-9a55-04a5ff49b019/b665559b-bcf1-4565-9c01-02bbd6f41d64/
105 KB
22 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/f7922f3b-1487-4360-9a55-04a5ff49b019/b665559b-bcf1-4565-9c01-02bbd6f41d64/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.12.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17a72d2537dda12e0d4ae09cd36fe0c7f4e4a7707eb281643493777144c1c57f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 05 Sep 2022 17:54:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
BpDNwe1wyxhmOi30oRugKQ==
age
888
vary
Accept-Encoding
content-length
22233
x-ms-lease-status
unlocked
last-modified
Wed, 24 Mar 2021 18:48:41 GMT
server
cloudflare
etag
0x8D8EEF571D5F2E2
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
628abfa6-001e-0012-478a-2cecfa000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7460d52d0a795c20-FRA
expires
Mon, 05 Sep 2022 21:54:53 GMT
iab2Data.json
cdn.cookielaw.org/vendorlist/
350 KB
50 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/vendorlist/iab2Data.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.12.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86abcf27cf5192ec6219333bfa420e42969d6c0ace395687dab2d3eaecdf1322
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 05 Sep 2022 17:54:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
1Ij/+pDqScLVyemEzum+hw==
age
13853
vary
Accept-Encoding
content-length
51230
x-ms-lease-status
unlocked
last-modified
Mon, 05 Sep 2022 12:38:46 GMT
server
cloudflare
etag
0x8DA8F3B93AB32AA
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
52dc4fe4-c01e-016d-3226-c1349d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7460d52d0a7a5c20-FRA
otTCF.js
cdn.cookielaw.org/scripttemplates/6.12.0/
67 KB
15 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.12.0/otTCF.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.12.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13f63ab5fa8d3973eef6d6366052135fb3958b54ca2149cc691864b03ed7d848
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Origin
https://www.eonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 05 Sep 2022 17:54:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
zuNs8AMhreqmYWNqqh//eQ==
age
1835
vary
Accept-Encoding
content-length
14815
x-ms-lease-status
unlocked
last-modified
Wed, 20 Jan 2021 07:04:08 GMT
server
cloudflare
etag
0x8D8BD1194CBE1FA
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
80b942a8-101e-016f-1a8b-293667000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7460d52d0a7d5c20-FRA
box-1ada912494ba7fc7aca15fcef1c2a7ae.html
vars.hotjar.com/ Frame 6FD7
2 KB
1 KB
Document
General
Full URL
https://vars.hotjar.com/box-1ada912494ba7fc7aca15fcef1c2a7ae.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1762303.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-113.fra60.r.cloudfront.net
Software
/
Resource Hash
90438997aa817bad94f49d367b04dbaaaa387493ef5a1f5b5d5f7b953b76c1ac
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4699307
cache-control
max-age=31536000
content-encoding
br
content-length
1044
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 13 Jul 2022 08:33:06 GMT
etag
"0b3d3f4206ab84d8861a8cc4b2ddbe66"
last-modified
Wed, 13 Jul 2022 08:32:20 GMT
strict-transport-security
max-age=86400; includeSubDomains
vary
Accept-Encoding
via
1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
x-amz-cf-id
F6nc5bVyOXkUaexPILkcVIkh3az5bM7W8lZ5W1zJqQb9bathGLk5hw==
x-amz-cf-pop
FRA60-P4
x-cache
Hit from cloudfront
x-robots-tag
none
ibs:dpid=771&dpuuid=CAESEPn9JpPuDmAbVd46Y1e80J8&google_cver=1
dpm.demdex.net/ Frame AEC9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NjIzMjAyODkxMjc4MDg1NDE1ODE2OTM0Njk2Mzk5MDIxMDE5MjQ=
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NjIzMjAyODkxMjc4MDg1NDE1ODE2OTM0Njk2Mzk5MDIxMDE5MjQ=&google_tc=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPn9JpPuDmAbVd46Y1e80J8&google_cver=1?gdpr=0&gdpr_consent=
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPn9JpPuDmAbVd46Y1e80J8&google_cver=1?gdpr=0&gdpr_consent=
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Protocol
HTTP/1.1
Server
3.248.125.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-125-227.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eo.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v038-0ee6e918f.edge-irl1.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
ME2Ahc64SMo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:54:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPn9JpPuDmAbVd46Y1e80J8&google_cver=1?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=796&dpuuid=l015a_7139955750289753352
dpm.demdex.net/ Frame AEC9
Redirect Chain
  • https://29773.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D796%26dpuuid%3D%23%7Buser.id%7D
  • https://dpm.demdex.net/ibs:dpid=796&dpuuid=l015a_7139955750289753352
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=796&dpuuid=l015a_7139955750289753352
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Protocol
HTTP/1.1
Server
3.248.125.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-125-227.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eo.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v038-0a54615c3.edge-irl1.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
FUxO2+yCSFw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 17:54:53 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Location
https://dpm.demdex.net/ibs:dpid=796&dpuuid=l015a_7139955750289753352
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
tile.jpg
pdk.theplatform.com/next/images/ Frame 8EBB
536 B
800 B
Image
General
Full URL
https://pdk.theplatform.com/next/images/tile.jpg
Requested by
Host: player.theplatform.com
URL: https://player.theplatform.com/p/BdHJDC/pdk6PocStable/select/media/P7u___9JIdXC?form=html&playAll=true&playIndex=first&autoPlay=true&logLevel=none&params=csid%3De_online_vod_de%26vcid2%3Dgytce3C3ThpSocruBjJJY%26_fw_h_referer%3Dwww.eonline.com%26fw_gdpr%3D0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.134.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-134-100.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
51ffb44c70721fd6063bb69e87bf7849b8bcfeeab08fe1a76b253cbba5c29b81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Unused62
8096267
Date
Mon, 05 Sep 2022 17:54:53 GMT
Last-Modified
Fri, 08 Mar 2019 21:31:28 GMT
Server
Apache
ETag
"13c221-218-5839bf2122c00"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
536
truncated
/ Frame 8EBB
847 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f02f4faf2063a112ddfcb5abb7c4af9568a1800dcea25a7d50e6b873422f3082

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 8EBB
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c8ae83b9cdb1225c5e8c939b27f2832231d7cfd6961826fa2dfad808a1393637

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 8EBB
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ce44c403aeb19251dc26669bdb037eaca39296fd09af5758b867225f8c5d7f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 8EBB
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
66ea8edb8663be45322c040cb3e46e5b32252daee0394c20a8816fecc29fdf1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 8EBB
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7c13919d444c4492f8dc05ad884bf0801711d95c2797e57ac8cdb25f508ecf61

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 8EBB
864 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
71b00f7328f1f074db7eb9c6aad679fd218d38a68d1e2b089328a8b51b99c18a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
current.js
sb.scorecardresearch.com/plugins/streaming-theplatform/v2/ Frame 8EBB
211 KB
54 KB
Script
General
Full URL
https://sb.scorecardresearch.com/plugins/streaming-theplatform/v2/current.js
Requested by
Host: pdk.theplatform.com
URL: https://pdk.theplatform.com/pdk6/current/pdk/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-2.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c8ee725acb9b5e7f9b47cfe186b2fd300241912e7b2bc0e725cca2018c4d5619

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:54:50 GMT
content-encoding
gzip
etag
W/"d66a3a4675b852d43a4b63cac8eff1aa"
last-modified
Fri, 26 Feb 2021 14:39:06 GMT
server
AmazonS3
age
56
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
iYn0suYvo0Inn51MZ8rtf1uYGX3cMHc25rQE2q_iQRQgMZimwas-XQ==
MoatPlugIn.js
z.moatads.com/the_platform_pdk_029384908/ Frame 8EBB
5 KB
2 KB
Script
General
Full URL
https://z.moatads.com/the_platform_pdk_029384908/MoatPlugIn.js
Requested by
Host: pdk.theplatform.com
URL: https://pdk.theplatform.com/pdk6/current/pdk/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a3bbc289bf959e8e83fa74f6f922f827cf7cea8596e2d87800d258c7642d6ab5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

unused62
8096267
date
Mon, 05 Sep 2022 17:54:53 GMT
content-encoding
gzip
last-modified
Wed, 02 Dec 2020 15:09:30 GMT
server
AmazonS3
x-amz-request-id
8D39D312586B7FFF
etag
"565c54c8f052a6fd51524ec6233c87af"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=2211
accept-ranges
bytes
content-length
2237
x-amz-id-2
QwZ7UWW3AxhxjJsULlODPg16Z1sVWgCEjNZG0Lc0yGPQKFTHf31oVmR86fPs9fNGTTAGgGrlrpc=
heartbeats_2_0_13.js
pmd205470tn-a.akamaihd.net/PDK_Plugins/300/461/ Frame 8EBB
273 KB
273 KB
Script
General
Full URL
https://pmd205470tn-a.akamaihd.net/PDK_Plugins/300/461/heartbeats_2_0_13.js
Requested by
Host: pdk.theplatform.com
URL: https://pdk.theplatform.com/pdk6/current/pdk/player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.21.20.137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-137.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5178686db7707415c14bc775aaee217d0a2eb716f4719e75dfd34aa59abc35bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Unused62
8096267
Date
Mon, 05 Sep 2022 17:54:53 GMT
Last-Modified
Thu, 04 Oct 2018 17:32:38 GMT
Server
AkamaiNetStorage
ETag
"b04f582946ff3bf7fe21c0531ba7382f:1538674358.768129"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
279053
nielsen-sdk-plugin-v2__763497.js
eonlinevideos.akamaized.net/transcoded/complete/ Frame 8EBB
17 KB
17 KB
Script
General
Full URL
https://eonlinevideos.akamaized.net/transcoded/complete/nielsen-sdk-plugin-v2__763497.js
Requested by
Host: pdk.theplatform.com
URL: https://pdk.theplatform.com/pdk6/current/pdk/player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
184.24.77.188 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-188.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6dadeb4436aae22cabbcbf6ef123236a9a266d1eb336ec2bdfe2527c636ad8fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 05 Sep 2022 17:54:53 GMT
Last-Modified
Wed, 08 Apr 2020 21:50:03 GMT
Server
AkamaiNetStorage
ETag
"6cc01b51e1c4f4845dbd7e2fcd9dab4a:1586382603"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
Content-Length
16987
truncated
/ Frame 8EBB
46 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8228c5284b96616b8873d2985b9c7cf4f25e38c8e40237a01a7bb80c74ab114b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
P7u___9JIdXC
player.theplatform.com/p/BdHJDC/pdk6PocStable/select/media/ Frame 8EBB
19 KB
20 KB
Document
General
Full URL
https://player.theplatform.com/p/BdHJDC/pdk6PocStable/select/media/P7u___9JIdXC?form=html&playAll=true&playIndex=first&autoPlay=true&logLevel=none&params=csid%3De_online_vod_de%26vcid2%3Dgytce3C3ThpSocruBjJJY%26_fw_h_referer%3Dwww.eonline.com%26fw_gdpr%3D1%26_fw_us_privacy%3D1---%26gdpr_consent%3DCPe3i9KPe3i9KAcABBENCfCgAAAAAAAAACiQAAAAAAChIAIC8xgAEBeY6ACAvMlABAXmUgAgLzAA.YAAAAAAAAAAA
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/dist/js/16.49a99ac1e0810dd84345.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.27.170.201 Philadelphia, United States, ASN14042 (COMCAST-COMM-MGT-1, US),
Reverse DNS
Software
Jetty(8.1.16.2) /
Resource Hash
e88bd0640adb21b0d98c9a04e3b08e0fedcdf1febef66a25728789743da1a690

Request headers

Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
close
Content-Type
text/html;charset=UTF-8
Date
Mon, 05 Sep 2022 17:54:54 GMT Mon, 05 Sep 2022 17:54:54 GMT
P3P
CP="CUR CUS NOI STA NAV PSAi OUR OTRo IND"
Server
Jetty(8.1.16.2)
X-Cache
MISS from player.theplatform.com:443
cdb
bidder.criteo.com/
217 B
460 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?ptv=128&profileId=154&cb=99134169243
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/dist/js/16.49a99ac1e0810dd84345.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
1e164f9bb49be93bb19775c1f7a4ce46152463c4ec1ef738bc56479c1754b395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 05 Sep 2022 17:54:52 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.eonline.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
190
otFlat.json
cdn.cookielaw.org/scripttemplates/6.12.0/assets/
13 KB
3 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.12.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.12.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d105b0a793af6426ddf8c1ef8b26ae81d889617ef5f248a72e06b8c71d91e1c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 05 Sep 2022 17:54:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
IpszPceh6jWRl6sjS0PrYA==
age
3934
vary
Accept-Encoding
content-length
3212
x-ms-lease-status
unlocked
last-modified
Wed, 20 Jan 2021 07:04:01 GMT
server
cloudflare
etag
0x8D8BD1190DD964B
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
719c0086-401e-00d9-678a-2c7eca000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7460d52ebd675c20-FRA
otPcTab.json
cdn.cookielaw.org/scripttemplates/6.12.0/assets/v2/
45 KB
12 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.12.0/assets/v2/otPcTab.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.12.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8604270f373497ce07708cc73163913f3e204ad0c655a7efe1baff345675c1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 05 Sep 2022 17:54:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
GnXyviRqBJ9J+P0JZdTpiw==
age
13147
vary
Accept-Encoding
content-length
11771
x-ms-lease-status
unlocked
last-modified
Wed, 20 Jan 2021 07:04:04 GMT
server
cloudflare
etag
0x8D8BD11927636AA
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
19510c05-401e-00f0-6bc0-110888000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7460d52ebd6d5c20-FRA
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=da96c8abfe2fcd128ba8227a8a7ddd&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l015a_7139955750289753352&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Protocol
H2
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:54:54 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 17:54:54 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1662400493968024-429
Expires
Mon, 05 Sep 2022 17:54:54 GMT
ibs:dpid=1175&&dpuuid=6KAlwO2kcZLz93LF5_Y5kOzxJ8DzonCS6vfTAJYK
dpm.demdex.net/ Frame AEC9
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=6KAlwO2kcZLz93LF5_Y5kOzxJ8DzonCS6vfTAJYK
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=6KAlwO2kcZLz93LF5_Y5kOzxJ8DzonCS6vfTAJYK
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Protocol
HTTP/1.1
Server
3.248.125.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-125-227.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eo.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v038-0b87c8cf8.edge-irl1.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
qJksoXCTS3I=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:54:53 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=6KAlwO2kcZLz93LF5_Y5kOzxJ8DzonCS6vfTAJYK
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
PABAEA433-404F-4B0B-997C-0072538261F8.js
cdn-gl.imrworldwide.com/conf/ Frame 8EBB
42 KB
8 KB
Script
General
Full URL
https://cdn-gl.imrworldwide.com/conf/PABAEA433-404F-4B0B-997C-0072538261F8.js
Requested by
Host: eonlinevideos.akamaized.net
URL: https://eonlinevideos.akamaized.net/transcoded/complete/nielsen-sdk-plugin-v2__763497.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:7400:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca6542a2754ea63b527802781dc4872704ebadaec9599ab392bf54139e4c5d38

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
EqvblAJHdowJSCURCt5iwYRAoOqLjEOT
content-encoding
gzip
etag
W/"f0140e30c75683bfa8eb49a02c5664f9"
last-modified
Mon, 05 Sep 2022 13:18:11 GMT
server
AmazonS3
age
3475
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
cache-control
max-age=86400,s-maxage=86400
date
Mon, 05 Sep 2022 16:57:20 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
7OuhTMgsJ1xQ6O-UtfvOE8SRbh1-HlXRK0aWUpKTbbwNA1BVrKlyLw==
visit-data
in.hotjar.com/api/v2/client/sites/1762303/
556 B
700 B
XHR
General
Full URL
https://in.hotjar.com/api/v2/client/sites/1762303/visit-data?sv=6
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/dist/js/16.49a99ac1e0810dd84345.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.255.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-255-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
56bdfa4dcec9c4bce6bf00e2566c8c2013d9d5ef34e855d3469f1f675577e454

Request headers

Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 05 Sep 2022 17:54:53 GMT
access-control-allow-credentials
true
content-length
556
access-control-max-age
86400
content-type
text/html
e-online.xml
comcastentertainmentgroup.hb.omtrdc.net/settings/ Frame 8EBB
228 B
522 B
XHR
General
Full URL
https://comcastentertainmentgroup.hb.omtrdc.net/settings/e-online.xml?r=1662400493920
Requested by
Host: pmd205470tn-a.akamaihd.net
URL: https://pmd205470tn-a.akamaihd.net/PDK_Plugins/300/461/heartbeats_2_0_13.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
0e4e46fa1aa04c24e793912d7aabaa2f2b0f7dc03d73cf74fbe12cb84f062554
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:54:53 GMT
x-content-type-options
nosniff
last-modified
Thu, 18 Aug 2022 12:10:28 GMT
server
jag
etag
"27000182b0dcab20"
access-control-allow-methods
GET, OPTIONS
content-type
application/xml; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
228
x-xss-protection
1; mode=block
P7u___9JIdXC
link.theplatform.com/s/BdHJDC/media/ Frame 8EBB
0
0

truncated
/ Frame 8EBB
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
740c91d53d19d6530c4fdfd1053776f65e428b06de45616b723a4673c90b68d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
events
bidder.criteo.com/csm/
0
216 B
Ping
General
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 05 Sep 2022 17:54:53 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.eonline.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
truncated
/
817 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml
cygnus
htlb.casalemedia.com/
78 B
591 B
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?v=7.2&s=216607&fn=headertag.IndexExchangeHtb.adResponseCallback&sd=1&r=%7B%22id%22%3A%2245171283%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.eonline.com%2Fca%2Fnews%2F1343461%2Fkylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%22009%22%2C%22siteID%22%3A%22525283%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22sid%22%3A%220010%22%2C%22siteID%22%3A%22525283%22%7D%7D%5D%7D%2C%22id%22%3A%221%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%2C%22at%22%3A1%7D
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/dist/js/16.49a99ac1e0810dd84345.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4025aa5c443d60ddab42e40387641ef8a954e3ec923e01abf1cfb2cdf778028

Request headers

Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:54:54 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CO4ANan%2FgJ452OPQKX9pwPXNlkfYv3maNtExrxVaADgt%2F0WWKT8PfxJbxcC04avacr09O2t4xmbBOnr8WDFkdFs4t98kTNi1%2BZd6PQKPoELbhGKkeI5FN0c69b0DIAzR47SO6cRj"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
https://www.eonline.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7460d52f79b89a03-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
hb
sofia.trustx.org/
61 B
368 B
XHR
General
Full URL
https://sofia.trustx.org/hb?auids=16965&u=https%3A%2F%2Fwww.eonline.com%2Fca%2Fnews%2F1343461%2Fkylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart&pt=net&cb=window.headertag.TrustXHtb.adResponseCallbacks._ESUknVbY&wtimeout=1000
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/dist/js/16.49a99ac1e0810dd84345.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.211.168.6 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
6.168.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
c4a993da871b23faa0b2873a1a6afcdc53c8ce36c27e18164a171509274d7b89

Request headers

Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Mon, 05 Sep 2022 17:54:54 GMT
Server
nginx
Content-Type
text/javascript; charset=UTF-8
access-control-allow-origin
https://www.eonline.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
61
prebid
ib.adnxs.com/ut/v3/
53 B
737 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/dist/js/16.49a99ac1e0810dd84345.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 17:54:53 GMT
X-Proxy-Origin
37.58.57.2; 37.58.57.2; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
1646588a-4948-4aca-928b-318d2bcd4739
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.eonline.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
53
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
krk.kargo.com/api/v1/
2 B
678 B
XHR
General
Full URL
https://krk.kargo.com/api/v1/bid?json=%7B%22sessionId%22%3A%22f35080c3-8610-47d5-bebd-1372bdba1ad4%22%2C%22timeout%22%3A1000%2C%22adSlotIDs%22%3A%5B%22c5d2decc-cfb8-42c5-9a56-0a7ed6ee47a4%22%5D%2C%22timestamp%22%3A1662400493984%2C%22userIDs%22%3A%7B%22kargoID%22%3A%22%22%2C%22clientID%22%3A%22%22%2C%22tdID%22%3A%22%22%2C%22idlEnv%22%3A%22%22%2C%22crbIDs%22%3A%7B%7D%2C%22optOut%22%3Afalse%2C%22usp%22%3Anull%7D%2C%22krux%22%3A%7B%22userID%22%3Anull%2C%22segments%22%3A%5B%5D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.eonline.com%2Fca%2Fnews%2F1343461%2Fkylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/dist/js/16.49a99ac1e0810dd84345.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.207.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-207-110.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 17:54:54 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.eonline.com
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Krk-No-Bid-Reason
consent
Content-Length
26
X-Accel-Expires
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
auction
tlx.3lift.com/header/
19 B
506 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?inv_code=EOnline_desktop_300x250_IX&lib=ix&size=300x250%2C300x600&referrer=https%3A%2F%2Fwww.eonline.com%2Fca%2Fnews%2F1343461%2Fkylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart&v=2.1.2&tmax=1000
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/dist/js/16.49a99ac1e0810dd84345.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.70.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-70-236.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:54:54 GMT
accept-ch
sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.eonline.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cdb
bidder.criteo.com/
193 B
444 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?ptv=128&profileId=154&cb=36203374451
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/dist/js/16.49a99ac1e0810dd84345.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
5d4ce03723f1c442952bfc8cbf03426ff576bfd16d6d87da5cd83f111951a804
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 05 Sep 2022 17:54:53 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.eonline.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
175
nlsSDK600.bundle.min.js
cdn-gl.imrworldwide.com/novms/js/2/ Frame 8EBB
195 KB
55 KB
Script
General
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/PABAEA433-404F-4B0B-997C-0072538261F8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:7400:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
DrLErfhsYc9Oxds2t7Wz_kyLr0yC.GSp
content-encoding
gzip
etag
W/"81a9e2a298d0019660cb2966f0c24748"
age
1682
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Mon, 02 May 2022 13:40:06 GMT
server
AmazonS3
date
Mon, 05 Sep 2022 17:26:52 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
zEOagmje18squfovsqstGgA6HaDHWbkxddv7pZsFB36L4bFscVD6oA==
ibs:dpid=796&dpuuid=l015a_7139955750289753352&gdpr=0&gdpr_consent=
dpm.demdex.net/ Frame AEC9
Redirect Chain
  • https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D796%26dpuuid%3D%23%7Buser.id%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=796&dpuuid=l015a_7139955750289753352&gdpr=0&gdpr_consent=
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=796&dpuuid=l015a_7139955750289753352&gdpr=0&gdpr_consent=
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Protocol
HTTP/1.1
Server
3.248.125.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-125-227.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eo.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v038-09764aab8.edge-irl1.demdex.com 4 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
riOutQ6kS3M=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 17:54:54 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Location
https://dpm.demdex.net/ibs:dpid=796&dpuuid=l015a_7139955750289753352&gdpr=0&gdpr_consent=
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
events
bidder.criteo.com/csm/
0
216 B
Ping
General
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 05 Sep 2022 17:54:53 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.eonline.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame 1FBE
12 KB
4 KB
Document
General
Full URL
https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:7400:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Referer
https://player.theplatform.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2119
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Mon, 05 Sep 2022 17:19:36 GMT
etag
W/"7fa83dfc7b78314b137e2eb13834daa7"
last-modified
Mon, 02 May 2022 13:40:06 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
x-amz-cf-id
HebVga59f82dbRKm0bNStGDNPXwF3S5sVa1rK4hDMFMC4-GhmDv3Vw==
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
x-amz-version-id
pCvO2RaXRfPysrOm9wpmYmW2HbKONfJo
x-cache
Hit from cloudfront
gn
secure-sdk.imrworldwide.com/cgi-bin/ Frame 1FBE
44 B
597 B
Image
General
Full URL
https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,PABAEA433-404F-4B0B-997C-0072538261F8&sessionId=2dwbpyqha9wzrlqgjtvbtrhe9ftar1662400494&c16=sdkv,bj.6.0.0&uoo=&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&c30=bldv,6.0.0.623&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=&retry=0
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.181.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-181-114.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:54:54 GMT
server
nginx
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type
image/gif
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
/
2dwbpyqha9wzrlqgjtvbtrhe9ftar1662400494.nuid.imrworldwide.com/ Frame 1FBE
35 B
351 B
Image
General
Full URL
https://2dwbpyqha9wzrlqgjtvbtrhe9ftar1662400494.nuid.imrworldwide.com/
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:be00:1d:667e:2a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 02:26:44 GMT
via
1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
last-modified
Tue, 11 Sep 2018 17:05:20 GMT
server
AmazonS3
age
55691
etag
"c2196de8ba412c60c22ab491af7b1409"
x-cache
Hit from cloudfront
content-type
image/gif
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
35
x-amz-cf-id
Zk9ZU8vlrtQLvt4zHxnAGKeJ8ixu8OxNx0YWxeZPgP7r2I0_TVKsLw==
player.js
pdk.theplatform.com/pdk6/current/pdk/ Frame 8EBB
905 KB
244 KB
Script
General
Full URL
https://pdk.theplatform.com/pdk6/current/pdk/player.js
Requested by
Host: player.theplatform.com
URL: https://player.theplatform.com/p/BdHJDC/pdk6PocStable/select/media/P7u___9JIdXC?form=html&playAll=true&playIndex=first&autoPlay=true&logLevel=none&params=csid%3De_online_vod_de%26vcid2%3Dgytce3C3ThpSocruBjJJY%26_fw_h_referer%3Dwww.eonline.com%26fw_gdpr%3D1%26_fw_us_privacy%3D1---%26gdpr_consent%3DCPe3i9KPe3i9KAcABBENCfCgAAAAAAAAACiQAAAAAAChIAIC8xgAEBeY6ACAvMlABAXmUgAgLzAA.YAAAAAAAAAAA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.134.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-134-100.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3770e5d86e165b98783763fa56cdc1644259ce75daa0561263b9613ca627108d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Unused62
8096267
Date
Mon, 05 Sep 2022 17:54:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Jun 2021 11:39:26 GMT
Server
Apache
ETag
"16c70b-e23d6-5c467d7dfd780"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
249805
headerstats
as-sec.casalemedia.com/
0
498 B
XHR
General
Full URL
https://as-sec.casalemedia.com/headerstats?s=216607&u=https%3A%2F%2Fwww.eonline.com%2Fca%2Fnews%2F1343461%2Fkylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart&v=3
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/dist/js/16.49a99ac1e0810dd84345.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:54:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eGShyRGmsRcgEgYfvwL4ad8zoOoWJ4bzHgwsjH8PT0MRBTDkcTWOI2gQWutWJ58h2tiShd2Ik7Mg1ca%2Bjm9TYF5UvwQKAiffXbLqC0vi3mqGoKjInDkotdb%2FcPbqeVdJqPdb9vrD2uw%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.eonline.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7460d5317f6590d6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
smooth.css
pdk.theplatform.com/pdk6/current/pdk/skins/ Frame 8EBB
58 KB
11 KB
Stylesheet
General
Full URL
https://pdk.theplatform.com/pdk6/current/pdk/skins/smooth.css
Requested by
Host: player.theplatform.com
URL: https://player.theplatform.com/p/BdHJDC/pdk6PocStable/select/media/P7u___9JIdXC?form=html&playAll=true&playIndex=first&autoPlay=true&logLevel=none&params=csid%3De_online_vod_de%26vcid2%3Dgytce3C3ThpSocruBjJJY%26_fw_h_referer%3Dwww.eonline.com%26fw_gdpr%3D1%26_fw_us_privacy%3D1---%26gdpr_consent%3DCPe3i9KPe3i9KAcABBENCfCgAAAAAAAAACiQAAAAAAChIAIC8xgAEBeY6ACAvMlABAXmUgAgLzAA.YAAAAAAAAAAA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.134.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-134-100.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d9298ad57b79ad1267dae11b3613ea779f763eebf484d84c21540b8ef4a99b6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Unused62
8096267
Date
Mon, 05 Sep 2022 17:54:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Jun 2021 11:38:06 GMT
Server
Apache
ETag
"16c720-e6b7-5c467d31b2380"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10440
tile.jpg
pdk.theplatform.com/next/images/ Frame 8EBB
536 B
800 B
Image
General
Full URL
https://pdk.theplatform.com/next/images/tile.jpg
Requested by
Host: player.theplatform.com
URL: https://player.theplatform.com/p/BdHJDC/pdk6PocStable/select/media/P7u___9JIdXC?form=html&playAll=true&playIndex=first&autoPlay=true&logLevel=none&params=csid%3De_online_vod_de%26vcid2%3Dgytce3C3ThpSocruBjJJY%26_fw_h_referer%3Dwww.eonline.com%26fw_gdpr%3D1%26_fw_us_privacy%3D1---%26gdpr_consent%3DCPe3i9KPe3i9KAcABBENCfCgAAAAAAAAACiQAAAAAAChIAIC8xgAEBeY6ACAvMlABAXmUgAgLzAA.YAAAAAAAAAAA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.134.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-134-100.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
51ffb44c70721fd6063bb69e87bf7849b8bcfeeab08fe1a76b253cbba5c29b81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Unused62
8096267
Date
Mon, 05 Sep 2022 17:54:54 GMT
Last-Modified
Fri, 08 Mar 2019 21:31:28 GMT
Server
Apache
ETag
"13c221-218-5839bf2122c00"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
536
truncated
/ Frame 8EBB
46 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8228c5284b96616b8873d2985b9c7cf4f25e38c8e40237a01a7bb80c74ab114b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ Frame 8EBB
847 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f02f4faf2063a112ddfcb5abb7c4af9568a1800dcea25a7d50e6b873422f3082

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 8EBB
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c8ae83b9cdb1225c5e8c939b27f2832231d7cfd6961826fa2dfad808a1393637

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 8EBB
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ce44c403aeb19251dc26669bdb037eaca39296fd09af5758b867225f8c5d7f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 8EBB
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
66ea8edb8663be45322c040cb3e46e5b32252daee0394c20a8816fecc29fdf1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 8EBB
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7c13919d444c4492f8dc05ad884bf0801711d95c2797e57ac8cdb25f508ecf61

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 8EBB
864 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
71b00f7328f1f074db7eb9c6aad679fd218d38a68d1e2b089328a8b51b99c18a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
current.js
sb.scorecardresearch.com/plugins/streaming-theplatform/v2/ Frame 8EBB
211 KB
54 KB
Script
General
Full URL
https://sb.scorecardresearch.com/plugins/streaming-theplatform/v2/current.js
Requested by
Host: pdk.theplatform.com
URL: https://pdk.theplatform.com/pdk6/current/pdk/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-2.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c8ee725acb9b5e7f9b47cfe186b2fd300241912e7b2bc0e725cca2018c4d5619

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:54:50 GMT
content-encoding
gzip
etag
W/"d66a3a4675b852d43a4b63cac8eff1aa"
last-modified
Fri, 26 Feb 2021 14:39:06 GMT
server
AmazonS3
age
57
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
DR3zhqJPJ8FqYXbCDT8CdN3sIxNI0MW9H9-8bXZRvtujTyrbfYjtrQ==
MoatPlugIn.js
z.moatads.com/the_platform_pdk_029384908/ Frame 8EBB
5 KB
2 KB
Script
General
Full URL
https://z.moatads.com/the_platform_pdk_029384908/MoatPlugIn.js
Requested by
Host: pdk.theplatform.com
URL: https://pdk.theplatform.com/pdk6/current/pdk/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a3bbc289bf959e8e83fa74f6f922f827cf7cea8596e2d87800d258c7642d6ab5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

unused62
8096267
date
Mon, 05 Sep 2022 17:54:54 GMT
content-encoding
gzip
last-modified
Wed, 02 Dec 2020 15:09:30 GMT
server
AmazonS3
x-amz-request-id
8D39D312586B7FFF
etag
"565c54c8f052a6fd51524ec6233c87af"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=60540
accept-ranges
bytes
content-length
2237
x-amz-id-2
QwZ7UWW3AxhxjJsULlODPg16Z1sVWgCEjNZG0Lc0yGPQKFTHf31oVmR86fPs9fNGTTAGgGrlrpc=
heartbeats_2_0_13.js
pmd205470tn-a.akamaihd.net/PDK_Plugins/300/461/ Frame 8EBB
273 KB
273 KB
Script
General
Full URL
https://pmd205470tn-a.akamaihd.net/PDK_Plugins/300/461/heartbeats_2_0_13.js
Requested by
Host: pdk.theplatform.com
URL: https://pdk.theplatform.com/pdk6/current/pdk/player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.21.20.137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-137.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5178686db7707415c14bc775aaee217d0a2eb716f4719e75dfd34aa59abc35bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Unused62
8096267
Date
Mon, 05 Sep 2022 17:54:54 GMT
Last-Modified
Thu, 04 Oct 2018 17:32:38 GMT
Server
AkamaiNetStorage
ETag
"b04f582946ff3bf7fe21c0531ba7382f:1538674358.768129"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
279053
nielsen-sdk-plugin-v2__763497.js
eonlinevideos.akamaized.net/transcoded/complete/ Frame 8EBB
17 KB
17 KB
Script
General
Full URL
https://eonlinevideos.akamaized.net/transcoded/complete/nielsen-sdk-plugin-v2__763497.js
Requested by
Host: pdk.theplatform.com
URL: https://pdk.theplatform.com/pdk6/current/pdk/player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
184.24.77.188 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-188.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6dadeb4436aae22cabbcbf6ef123236a9a266d1eb336ec2bdfe2527c636ad8fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 05 Sep 2022 17:54:54 GMT
Last-Modified
Wed, 08 Apr 2020 21:50:03 GMT
Server
AkamaiNetStorage
ETag
"6cc01b51e1c4f4845dbd7e2fcd9dab4a:1586382603"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
Content-Length
16987
PABAEA433-404F-4B0B-997C-0072538261F8.js
cdn-gl.imrworldwide.com/conf/ Frame 8EBB
42 KB
8 KB
Script
General
Full URL
https://cdn-gl.imrworldwide.com/conf/PABAEA433-404F-4B0B-997C-0072538261F8.js
Requested by
Host: eonlinevideos.akamaized.net
URL: https://eonlinevideos.akamaized.net/transcoded/complete/nielsen-sdk-plugin-v2__763497.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:7400:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca6542a2754ea63b527802781dc4872704ebadaec9599ab392bf54139e4c5d38

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
EqvblAJHdowJSCURCt5iwYRAoOqLjEOT
content-encoding
gzip
etag
W/"f0140e30c75683bfa8eb49a02c5664f9"
last-modified
Mon, 05 Sep 2022 13:18:11 GMT
server
AmazonS3
age
3476
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
cache-control
max-age=86400,s-maxage=86400
date
Mon, 05 Sep 2022 16:57:20 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
a7810EjsAQlf1-aPI619KtYf6VC8x2MQ5dGj0ChkYxoQbD7R0HkPDQ==
e-online.xml
comcastentertainmentgroup.hb.omtrdc.net/settings/ Frame 8EBB
228 B
312 B
XHR
General
Full URL
https://comcastentertainmentgroup.hb.omtrdc.net/settings/e-online.xml?r=1662400494409
Requested by
Host: pmd205470tn-a.akamaihd.net
URL: https://pmd205470tn-a.akamaihd.net/PDK_Plugins/300/461/heartbeats_2_0_13.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
0e4e46fa1aa04c24e793912d7aabaa2f2b0f7dc03d73cf74fbe12cb84f062554
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:54:54 GMT
x-content-type-options
nosniff
last-modified
Thu, 18 Aug 2022 12:10:28 GMT
server
jag
etag
"27000182b0dcab20"
access-control-allow-methods
GET, OPTIONS
content-type
application/xml; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
228
x-xss-protection
1; mode=block
P7u___9JIdXC
link.theplatform.com/s/BdHJDC/media/ Frame 8EBB
3 KB
4 KB
XHR
General
Full URL
https://link.theplatform.com/s/BdHJDC/media/P7u___9JIdXC?csid=e_online_vod_de&vcid2=gytce3C3ThpSocruBjJJY&_fw_h_referer=www.eonline.com&fw_gdpr=1&_fw_us_privacy=1---&gdpr_consent=CPe3i9KPe3i9KAcABBENCfCgAAAAAAAAACiQAAAAAAChIAIC8xgAEBeY6ACAvMlABAXmUgAgLzAA.YAAAAAAAAAAA&player=E%21+Online+Video+Player&policy=155289502&format=SMIL&tracking=true&formats=MPEG-DASH+widevine,M3U+appleHlsEncryption,M3U+none,MPEG-DASH+none,MPEG4,MP3&vpaid=script&schema=2.0&sdk=PDK+6.4.9
Requested by
Host: pdk.theplatform.com
URL: https://pdk.theplatform.com/pdk6/current/pdk/player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.52.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-52-143.compute-1.amazonaws.com
Software
openresty/1.15.8.3 /
Resource Hash
2a3553875545c42d7b44d945a4d1b90b71bd41b62da45ce6adf021aec6d71374

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 05 Sep 2022 17:54:54 GMT
Server
openresty/1.15.8.3
X-Cache
MISS from link.theplatform.com:443
Content-Type
application/smil; charset=UTF-8
Access-Control-Allow-Origin
https://player.theplatform.com
Access-Control-Expose-Headers
date
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
3376
truncated
/ Frame 8EBB
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
740c91d53d19d6530c4fdfd1053776f65e428b06de45616b723a4673c90b68d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
nlsSDK600.bundle.min.js
cdn-gl.imrworldwide.com/novms/js/2/ Frame 8EBB
195 KB
55 KB
Script
General
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/PABAEA433-404F-4B0B-997C-0072538261F8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:7400:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
DrLErfhsYc9Oxds2t7Wz_kyLr0yC.GSp
content-encoding
gzip
etag
W/"81a9e2a298d0019660cb2966f0c24748"
age
1683
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Mon, 02 May 2022 13:40:06 GMT
server
AmazonS3
date
Mon, 05 Sep 2022 17:26:52 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
PyY_qpix-eJOzM29ylVBboZgLk7re0W0vyfC2XahBiGTsP-IrbY3og==
headerstats
as-sec.casalemedia.com/
0
504 B
XHR
General
Full URL
https://as-sec.casalemedia.com/headerstats?s=216607&u=https%3A%2F%2Fwww.eonline.com%2Fca%2Fnews%2F1343461%2Fkylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart&v=3
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/dist/js/16.49a99ac1e0810dd84345.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:54:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KwjzDKba4qlI9DGfkaXuTZ7rqxr6qfc6tN0X08T4Ahjw6%2F1zWvNhhsWAhKGZpjvT%2FIx3tdKI1XP%2F1w7i2CF%2BPIhkcS62rD5FHaV4IAY%2BGPPdhcny%2FnLKx977N9jQ5TdxGYiPAprVqSo%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.eonline.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7460d5323ada9be8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame 2F26
12 KB
4 KB
Document
General
Full URL
https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:7400:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Referer
https://player.theplatform.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2119
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Mon, 05 Sep 2022 17:19:36 GMT
etag
W/"7fa83dfc7b78314b137e2eb13834daa7"
last-modified
Mon, 02 May 2022 13:40:06 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
x-amz-cf-id
ZIwn_FbUHZP0MoZ46TBUZvWsykgmuHOIUndwusPzsbux2XOPo_uHNg==
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
x-amz-version-id
pCvO2RaXRfPysrOm9wpmYmW2HbKONfJo
x-cache
Hit from cloudfront
global.js
www.nbcudigitaladops.com/hosted/
1 KB
895 B
Script
General
Full URL
https://www.nbcudigitaladops.com/hosted/global.js
Requested by
Host: mps.nbcuni.com
URL: https://mps.nbcuni.com/fetch/ext/load-e-web.js?nowrite=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.208.242.66 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-242-66.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
be103e7cd3fbcc3964b55a59a948464f6357f089b29389855941c0c004c3755f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 05 Sep 2022 17:54:54 GMT
Content-Encoding
gzip
Server
AkamaiNetStorage
ETag
"ecab88c59016ef9d08fdc7db983ade44:1375295665"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=10806320
Connection
keep-alive
Content-Length
595
moatcontent.js
z.moatads.com/nbcu194EPtQ90/
0
268 B
Script
General
Full URL
https://z.moatads.com/nbcu194EPtQ90/moatcontent.js
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

unused62
8096267
date
Mon, 05 Sep 2022 17:54:54 GMT
last-modified
Wed, 26 Oct 2016 23:04:33 GMT
server
AmazonS3
x-amz-request-id
907196956CD4A293
etag
"d41d8cd98f00b204e9800998ecf8427e"
content-type
application/x-javascript
cache-control
max-age=24326
accept-ranges
bytes
content-length
0
x-amz-id-2
sUbdEv9f8Gz2hS/MoasybNgALE6QHdzSSgxGL0PonM88ZvZUJPMbmEPN2Ge+pr6g+CpmqfmZ+fA=
/
d28nxrgt4y7pn6.cloudfront.net/
43 B
523 B
Image
General
Full URL
https://d28nxrgt4y7pn6.cloudfront.net/?a=1212b7832905405abe5afd281711940f
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.160 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-160.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 05 Sep 2022 17:54:55 GMT
Via
1.1 92ab13182d4b89ed20b3b5c10adc4f22.cloudfront.net (CloudFront)
Last-Modified
Mon, 22 Apr 2013 19:31:32 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA6-C1
ETag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
X-Cache
RefreshHit from cloudfront
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
X-Amz-Cf-Id
LE2WB-29pZ2LdjsfIrpq329qvDFqQVhwjr8mrNFjoeqVWJNpDRzRng==
gn
secure-sdk.imrworldwide.com/cgi-bin/ Frame 2F26
44 B
597 B
Image
General
Full URL
https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,PABAEA433-404F-4B0B-997C-0072538261F8&sessionId=b8sik9eqloqwbfrbmmv9xkki4walz1662400494&c16=sdkv,bj.6.0.0&uoo=&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&c30=bldv,6.0.0.623&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=&retry=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.181.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-181-114.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:54:54 GMT
server
nginx
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type
image/gif
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
/
b8sik9eqloqwbfrbmmv9xkki4walz1662400494.nuid.imrworldwide.com/ Frame 2F26
35 B
350 B
Image
General
Full URL
https://b8sik9eqloqwbfrbmmv9xkki4walz1662400494.nuid.imrworldwide.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:be00:1d:667e:2a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 02:26:44 GMT
via
1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
last-modified
Tue, 11 Sep 2018 17:05:20 GMT
server
AmazonS3
age
55691
etag
"c2196de8ba412c60c22ab491af7b1409"
x-cache
Hit from cloudfront
content-type
image/gif
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
35
x-amz-cf-id
Ya2o9o_wSDtS10ODVP2sVqwZYP4ObnOQG3s8THUF92IBbl6GEKso4Q==
SwdHfX0qN276,pwvHOHSDRVz9,3d0j87vL_f2a,fxj9COeKs3dL,_Y_gYyT0rGay,kW7gAGELAvZK,m09xcZSwC9rD.meta
east.manifest.na.theplatform.com/m/BdHJDC/ Frame 8EBB
14 KB
3 KB
XHR
General
Full URL
https://east.manifest.na.theplatform.com/m/BdHJDC/SwdHfX0qN276,pwvHOHSDRVz9,3d0j87vL_f2a,fxj9COeKs3dL,_Y_gYyT0rGay,kW7gAGELAvZK,m09xcZSwC9rD.meta?sid=4744f8c2-21c4-469a-9bf8-bfc23e66b809&policy=162969533&date=1662400494626&ip=37.58.57.2&schema=1.1&manifest=M3U&tracking=true&csid=e_online_vod_de&_fw_us_privacy=1---&vcid2=gytce3C3ThpSocruBjJJY&_fw_h_referer=www.eonline.com&gdpr_consent=CPe3i9KPe3i9KAcABBENCfCgAAAAAAAAACiQAAAAAAChIAIC8xgAEBeY6ACAvMlABAXmUgAgLzAA.YAAAAAAAAAAA&vpaid=script&fw_gdpr=1&sdk=PDK+6.4.9&player=E%21+Online+Video+Player&sig=e99147893a4ce644014b391f8b23cf9b7e04609ce5a8ca5c959fdf33e35ac09c
Requested by
Host: pdk.theplatform.com
URL: https://pdk.theplatform.com/pdk6/current/pdk/player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.27.170.198 Philadelphia, United States, ASN14042 (COMCAST-COMM-MGT-1, US),
Reverse DNS
Software
Jetty(8.1.16.TP-SNAPSHOT) /
Resource Hash
bc06789c6cdf91976b1099dc7e99dcd456273c83a69556d79e749c4cfd3c9f5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 05 Sep 2022 17:54:55 GMT, Mon, 05 Sep 2022 17:54:55 GMT
Content-Encoding
gzip
Server
Jetty(8.1.16.TP-SNAPSHOT)
Content-Type
application/x-mpegURL;charset=UTF-8
Access-Control-Allow-Origin
https://player.theplatform.com
Access-Control-Expose-Headers
date
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Content-Length
3008
Expires
Thu, 01 Jan 1970 00:00:00 GMT
gn
secure-dcr.imrworldwide.com/cgi-bin/
44 B
596 B
Image
General
Full URL
https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=us-800148&ch=us-800148_c22_article-detail_P&asn=article-detail&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&sessionId=gp8o5ztgz1sxpyw37adjfdyxxljxn1662400493&prv=1&c6=vc,c22&ca=NA&c13=asid,P7B7DDF6C-EBA7-42BE-BEF2-232D0A48C49A&c32=segA,NA&c33=segB,NA&c34=segC,NA&c15=apn,&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,pehfpoz4zzanjdmejmsygqbu4bopg1662400493&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16624004931852714&c30=bldv,6.0.0.623&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=article-1343461&c3=st,c&c64=starttm,1662400494&adid=article-1343461&c58=isLive,false&c59=sesid,&c61=createtm,1662400495&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.eonline.com%2Fca%2Fnews%2F1343461%2Fkylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart&c66=mediaurl,&sdd=&c62=sendTime,1662400495&rnd=629144
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.181.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-181-114.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:54:55 GMT
server
nginx
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type
image/gif
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
1
29773.v.fwmrm.net/ad/l/ Frame 8EBB
0
280 B
Image
General
Full URL
https://29773.v.fwmrm.net/ad/l/1?s=o189c&n=169843%3B169843%3B171224%3B187827%3B188286%3B375524%3B375613%3B375617%3B375620%3B376521%3B378491%3B378678%3B378841%3B379619%3B382283%3B382314%3B382315%3B384777%3B386329%3B505334%3B511664%3B512116%3B516448&t=1662400495309478155&f=786432&cn=slotImpression&et=i&tpos=0&init=1&slid=0,1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f602:4d5e:ab92:54cb:6c57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 17:54:55 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
s56509539464191
swa.eonline.com/b/ss/comcastegeonlineglobaldev/1/JS-2.2.0/ Frame 8EBB
43 B
209 B
Image
General
Full URL
https://swa.eonline.com/b/ss/comcastegeonlineglobaldev/1/JS-2.2.0/s56509539464191?AQB=1&ndh=1&pf=1&t=5%2F8%2F2022%2017%3A54%3A55%201%200&vid=HBCWA2616162110&ce=UTF-8&pageName=E%21%20Online%20Video%20Player&g=https%3A%2F%2Fplayer.theplatform.com%2Fp%2FBdHJDC%2Fpdk6PocStable%2Fselect%2Fmedia%2FP7u___9JIdXC%3Fform%3Dhtml%26playAll%3Dtrue%26playIndex%3Dfirst%26autoPlay%3Dtrue%26logLevel%3Dnone%26params%3Dcsid%253De_online_vod_de%2526vcid2%253Dgytce3C3ThpSocruBjJJY%2526_fw_h_referer%253Dwww.eonline.com%2526fw_gdpr%253D&r=https%3A%2F%2Fwww.eonline.com%2Fca%2Fnews%2F1343461%2Fkylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart&c.&globalDataType=com.theplatform.pdk.data%3A%3APdkEvent&data=%5Bobject%20Object%5D&type=OnReleaseStart&timestamp=1913.2999992370605&scope=player&showName=E%21%20News%20Now&a.&contentType=VOD%20Clip&media.&name=343714&friendlyName=Kylie%20Jenner%20Claps%20Back%20at%20Lip%20Critics%20on%20TikTok&length=102&playerName=E%21%20Online%20Video%20Player&channel=On-Domain&view=true&vsid=1662400495786132013947&.media&.a&.c&pe=ms_s&pev3=video&s=1600x1200&c=24&j=1.6&v=N&k=N&bw=746&bh=419&-g=1%2526_fw_us_privacy%253D1---%2526gdpr_consent%253DCPe3i9KPe3i9KAcABBENCfCgAAAAAAAAACiQAAAAAAChIAIC8xgAEBeY6ACAvMlABAXmUgAgLzAA.YAAAAAAAAAAA%23playerurl%3Dhttps%253A%2F%2Fwww.eonline.com%2Fca%2Fnews%2F1343461%2Fkylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart&mcorgid=B3ABA272551949410A4C98A2%40AdobeOrg&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:54:55 GMT
x-content-type-options
nosniff
last-modified
Tue, 06 Sep 2022 17:54:55 GMT
server
jag
etag
3569977879708729344-4619711828301091160
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif;charset=utf-8
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 04 Sep 2022 17:54:55 GMT
truncated
/ Frame 8EBB
618 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d98e3cc3bb3c63f05e3cf21aa2e94a7ac9336965139d954d2df250d125564d1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
vpaid_adapter.js
imasdk.googleapis.com/js/sdkloader/ Frame 1A1A
44 KB
16 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/2620/ca-video-pub-5672557457834454-tag%26description_url%3Dhttp%253A%252F%252Fwww.eonline.com%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26max_ad_duration%3D15000%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26vpos%3Dpreroll%26vpmute%3D0%26vpa%3Dclick%26type%3Djs%26vad_type%3Dlinear%26channel%3Dvastadp
Requested by
Host: pdk.theplatform.com
URL: https://pdk.theplatform.com/pdk6/current/pdk/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be8cbe512987770fc4cb5f8caf77683e9a274ae3c60987abecf91ad6f78fc869
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:44:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
604
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16258
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 20:45:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=900
accept-ranges
bytes
expires
Mon, 05 Sep 2022 17:59:51 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 1A1A
376 KB
125 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/2620/ca-video-pub-5672557457834454-tag%26description_url%3Dhttp%253A%252F%252Fwww.eonline.com%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26max_ad_duration%3D15000%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26vpos%3Dpreroll%26vpmute%3D0%26vpa%3Dclick%26type%3Djs%26vad_type%3Dlinear%26channel%3Dvastadp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7cda432fd42a7521a36ef8ea1cf96b14d1049e16f25c32d9fb78d71113267c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:54:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128229
x-xss-protection
0
expires
Mon, 05 Sep 2022 17:54:56 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1A1A
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=vpaid_adapter_js&event=init-dv3&vps=0.4419385065335353&wt=1662400496009&sdkv=h.3.528.0&xai=undefined&url=2,https%3A%2F%2Fwww.eonline.com%2Fca%2Fnews%2F1343461%2Fkylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart$0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/2620/ca-video-pub-5672557457834454-tag%26description_url%3Dhttp%253A%252F%252Fwww.eonline.com%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26max_ad_duration%3D15000%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26vpos%3Dpreroll%26vpmute%3D0%26vpa%3Dclick%26type%3Djs%26vad_type%3Dlinear%26channel%3Dvastadp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:54:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SwdHfX0qN276,pwvHOHSDRVz9,3d0j87vL_f2a,fxj9COeKs3dL,_Y_gYyT0rGay,kW7gAGELAvZK,m09xcZSwC9rD.m3u8
east.manifest.na.theplatform.com/m/BdHJDC/ Frame 8EBB
6 KB
2 KB
XHR
General
Full URL
https://east.manifest.na.theplatform.com/m/BdHJDC/SwdHfX0qN276,pwvHOHSDRVz9,3d0j87vL_f2a,fxj9COeKs3dL,_Y_gYyT0rGay,kW7gAGELAvZK,m09xcZSwC9rD.m3u8?sid=4744f8c2-21c4-469a-9bf8-bfc23e66b809&policy=162969533&date=1662400494626&ip=37.58.57.2&schema=1.1&manifest=M3U&tracking=true&csid=e_online_vod_de&_fw_us_privacy=1---&vcid2=gytce3C3ThpSocruBjJJY&_fw_h_referer=www.eonline.com&gdpr_consent=CPe3i9KPe3i9KAcABBENCfCgAAAAAAAAACiQAAAAAAChIAIC8xgAEBeY6ACAvMlABAXmUgAgLzAA.YAAAAAAAAAAA&vpaid=script&fw_gdpr=1&sdk=PDK+6.4.9&player=E%21+Online+Video+Player&sig=022045dbe6e268e91924a5b7e885677ada10783be10978846bf0d57ecdeb5c49
Requested by
Host: pdk.theplatform.com
URL: https://pdk.theplatform.com/pdk6/current/pdk/player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.27.170.198 Philadelphia, United States, ASN14042 (COMCAST-COMM-MGT-1, US),
Reverse DNS
Software
Jetty(8.1.16.TP-SNAPSHOT) /
Resource Hash
685ca148d764b719d48634f9702be09985a2d9c870ad71cfb1176e04805e1970

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 05 Sep 2022 17:54:56 GMT, Mon, 05 Sep 2022 17:54:56 GMT
Content-Encoding
gzip
Server
Jetty(8.1.16.TP-SNAPSHOT)
Content-Type
application/x-mpegURL;charset=UTF-8
Access-Control-Allow-Origin
https://player.theplatform.com
Access-Control-Expose-Headers
date
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
close
Expires
Thu, 01 Jan 1970 00:00:00 GMT
bridge3.528.0_en.html
imasdk.googleapis.com/js/core/ Frame 52A5
637 KB
206 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9bca797e35294210a471d8fedbcb73598cecbdb14fc19b93eae0f1b5ccffdf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
27343
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210604
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 05 Sep 2022 10:19:13 GMT
expires
Tue, 05 Sep 2023 10:19:13 GMT
last-modified
Mon, 29 Aug 2022 20:41:35 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 1A1A
44 KB
17 KB
Script
General
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:54:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 17:54:56 GMT
/
comcastentertainmentgroup.hb.omtrdc.net/ Frame 8EBB
0
16 B
XHR
General
Full URL
https://comcastentertainmentgroup.hb.omtrdc.net/?s:sc:rsid=comcastegeonlineglobaldev&s:sc:tracking_server=swa.eonline.com&h:sc:ssl=1&s:user:id=HBCWA2616162110&s:sp:ovp=theplatform&s:sp:sdk=mpx-javascript-player-sdk&s:sp:channel=On-Domain&s:sp:player_name=E!%20Online%20Video%20Player&s:sp:hb_version=js-n-1.6.9.113-3dff70&l:sp:hb_api_lvl=4&s:event:sid=1662400495786132013947&s:event:type=start&l:event:duration=0&l:event:playhead=0&l:event:ts=1662400495790&l:event:prev_ts=-1&s:asset:type=main&s:asset:name=Kylie%20Jenner%20Claps%20Back%20at%20Lip%20Critics%20on%20TikTok&s:asset:video_id=343714&s:asset:publisher=E!%2BOnline&l:asset:length=102&s:stream:type=VOD%20Clip&l:stream:bitrate=0&l:stream:fps=0&l:stream:dropped_frames=0&l:stream:startup_time=0&s:meta:globalDataType=com.theplatform.pdk.data%3A%3APdkEvent&s:meta:data=%5Bobject%20Object%5D&s:meta:type=OnReleaseStart&s:meta:timestamp=1913.2999992370605&s:meta:scope=player&s:meta:showName=E!%20News%20Now
Requested by
Host: pmd205470tn-a.akamaihd.net
URL: https://pmd205470tn-a.akamaihd.net/PDK_Plugins/300/461/heartbeats_2_0_13.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 05 Sep 2022 17:54:56 GMT
cache-control
no-cache, no-store, max-age=0, no-transform, private
x-content-type-options
nosniff
server
jag
x-xss-protection
1; mode=block
/
comcastentertainmentgroup.hb.omtrdc.net/ Frame 8EBB
0
39 B
XHR
General
Full URL
https://comcastentertainmentgroup.hb.omtrdc.net/?s:sc:rsid=comcastegeonlineglobaldev&s:sc:tracking_server=swa.eonline.com&h:sc:ssl=1&s:user:id=HBCWA2616162110&s:sp:ovp=theplatform&s:sp:sdk=mpx-javascript-player-sdk&s:sp:channel=On-Domain&s:sp:player_name=E!%20Online%20Video%20Player&s:sp:hb_version=js-n-1.6.9.113-3dff70&l:sp:hb_api_lvl=4&s:event:sid=1662400495786132013947&s:event:type=aa_start&l:event:duration=0&l:event:playhead=0&l:event:ts=1662400495799&l:event:prev_ts=-1&s:asset:type=main&s:asset:name=Kylie%20Jenner%20Claps%20Back%20at%20Lip%20Critics%20on%20TikTok&s:asset:video_id=343714&s:asset:publisher=E!%2BOnline&l:asset:length=102&s:stream:type=VOD%20Clip&l:stream:bitrate=0&l:stream:fps=0&l:stream:dropped_frames=0&l:stream:startup_time=0
Requested by
Host: pmd205470tn-a.akamaihd.net
URL: https://pmd205470tn-a.akamaihd.net/PDK_Plugins/300/461/heartbeats_2_0_13.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 05 Sep 2022 17:54:56 GMT
cache-control
no-cache, no-store, max-age=0, no-transform, private
x-content-type-options
nosniff
server
jag
x-xss-protection
1; mode=block
ads
pagead2.googlesyndication.com/gampad/ Frame 52A5
124 B
125 B
XHR
General
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F2620%2Fca-video-pub-5672557457834454-tag&description_url=http%3A%2F%2Fwww.eonline.com&tfcd=0&npa=0&sz=640x480&max_ad_duration=15000&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&vpos=preroll&vpmute=0&vpa=click&type=js&vad_type=linear&channel=vastadp%2Bvpaidadp_html5&sdkv=h.3.528.0%2Fvpaid_adapter&osd=2&frm=2&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&us_privacy=1---&gdpr=1&gdpr_consent=tcunavailable&sdki=44d&ptt=20&adk=3312499870&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.528.0&sid=5D237D4D-E800-4AC0-A9BC-C016CCADEE13&nel=0&eid=44754420%2C44760950%2C44765701&url=https%3A%2F%2Fwww.eonline.com%2Fca%2Fnews%2F1343461%2Fkylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart&dlt=1662400495911&idt=382&dt=1662400496634&correlator=3014400284947457&scor=2587624005704233&ged=ve4_td1_tt1_pd1_la1000_er0.0.419.746_vi0.0.419.746_vp100_eb24427
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:54:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
eol_empty_feed
feed.theplatform.com/f/BdHJDC/ Frame 8EBB
79 B
456 B
XHR
General
Full URL
https://feed.theplatform.com/f/BdHJDC/eol_empty_feed?form=JSON&params=policy%3D155289502%26csid%3De_online_vod_de%26vcid2%3Dgytce3C3ThpSocruBjJJY%26_fw_h_referer%3Dwww.eonline.com%26fw_gdpr%3D1%26_fw_us_privacy%3D1---%26gdpr_consent%3DCPe3i9KPe3i9KAcABBENCfCgAAAAAAAAACiQAAAAAAChIAIC8xgAEBeY6ACAvMlABAXmUgAgLzAA.YAAAAAAAAAAA&linkUrl=https%3A%2F%2Fplayer.theplatform.com%2Fp%2FBdHJDC%2Fpdk6PocStable%2Fselect%2Fmedia%2F%7BmediaPid%7D%3Fparams%3Dcsid%253De_online_vod_de%2526vcid2%253Dgytce3C3ThpSocruBjJJY%2526_fw_h_referer%253Dwww.eonline.com%2526fw_gdpr%253D1%2526_fw_us_privacy%253D1---%2526gdpr_consent%253DCPe3i9KPe3i9KAcABBENCfCgAAAAAAAAACiQAAAAAAChIAIC8xgAEBeY6ACAvMlABAXmUgAgLzAA.YAAAAAAAAAAA%26logLevel%3Dnone%26autoPlay%3Dtrue%26playAll%3Dtrue&schema=1.10.0&types=none&count=true&omitInvalidFields=true&byContent=byFormat%3DMPEG-DASH%7CM3U%7CMPEG4%7CMP3&range=1-10&fields=id,author,content,defaultThumbnailUrl,description,pubDate,title&fileFields=bitrate,duration,format,url
Requested by
Host: pdk.theplatform.com
URL: https://pdk.theplatform.com/pdk6/current/pdk/player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.27.170.188 Philadelphia, United States, ASN14042 (COMCAST-COMM-MGT-1, US),
Reverse DNS
Software
Jetty(8.1.16.2) /
Resource Hash
651f81f329d26befc82b25bdae5b27bb281e8227644fd985ff8bcf77ede4fd61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 05 Sep 2022 17:54:57 GMT
Last-Modified
Mon, 05 Sep 2022 17:54:57 GMT
Server
Jetty(8.1.16.2)
X-Cache
MISS from feed.theplatform.com
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
date
Access-Control-Allow-Credentials
true
Content-Length
79
Expires
Mon, 05 Sep 2022 17:59:57 GMT
gn
secure-dcr.imrworldwide.com/cgi-bin/
44 B
596 B
Image
General
Full URL
https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=us-800148&ch=us-800148_c22_article-detail_P&asn=article-detail&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&sessionId=gp8o5ztgz1sxpyw37adjfdyxxljxn1662400493&prv=1&c6=vc,c22&ca=NA&c13=asid,P7B7DDF6C-EBA7-42BE-BEF2-232D0A48C49A&c32=segA,NA&c33=segB,NA&c34=segC,NA&c15=apn,&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=D&c9=devid,&enc=true&c1=nuid,pehfpoz4zzanjdmejmsygqbu4bopg1662400493&at=timer&rt=text&c16=sdkv,bj.6.0.0&c27=cln,2&crs=&lat=&lon=&c29=plid,16624004931852714&c30=bldv,6.0.0.623&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=article-1343461&c3=st,c&c64=starttm,1662400494&adid=article-1343461&c58=isLive,false&c59=sesid,&c61=createtm,1662400496&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=1&si=https%3A%2F%2Fwww.eonline.com%2Fca%2Fnews%2F1343461%2Fkylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart&c66=mediaurl,&sdd=&c62=sendTime,1662400496&rnd=421731
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.181.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-181-114.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.eonline.com/ca/news/1343461/kylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:54:56 GMT
server
nginx
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type
image/gif
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
7.m3u8
east.manifest.na.theplatform.com/m/BdHJDC/SwdHfX0qN276,pwvHOHSDRVz9,3d0j87vL_f2a,fxj9COeKs3dL,_Y_gYyT0rGay,kW7gAGELAvZK,m09xcZSwC9rD/ Frame 8EBB
4 KB
1 KB
XHR
General
Full URL
https://east.manifest.na.theplatform.com/m/BdHJDC/SwdHfX0qN276,pwvHOHSDRVz9,3d0j87vL_f2a,fxj9COeKs3dL,_Y_gYyT0rGay,kW7gAGELAvZK,m09xcZSwC9rD/7.m3u8?sid=4744f8c2-21c4-469a-9bf8-bfc23e66b809&policy=162969533&date=1662400497245&ip=37.58.57.2&schema=1.1&cid=6bcedddc-9e1d-4a78-8057-4c58418f1c2d&host=eonlinetc-vh.akamaihd.net&meta=false&manifest=M3U&_fw_us_privacy=1---&csid=e_online_vod_de&vcid2=gytce3C3ThpSocruBjJJY&_fw_h_referer=www.eonline.com&gdpr_consent=CPe3i9KPe3i9KAcABBENCfCgAAAAAAAAACiQAAAAAAChIAIC8xgAEBeY6ACAvMlABAXmUgAgLzAA.YAAAAAAAAAAA&tracking=true&vpaid=script&fw_gdpr=1&sdk=PDK+6.4.9&player=E%21+Online+Video+Player&sig=ee4989d317bd7d7531dc876790c9b7ef67f8ddca72c4fd28a5da78667d92241e
Requested by
Host: pdk.theplatform.com
URL: https://pdk.theplatform.com/pdk6/current/pdk/player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.27.170.198 Philadelphia, United States, ASN14042 (COMCAST-COMM-MGT-1, US),
Reverse DNS
Software
Jetty(8.1.16.TP-SNAPSHOT) /
Resource Hash
525740a1712bcee1babc58e1d53f2ebf1ad62a9a55e511cd5c21557085381f74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 05 Sep 2022 17:54:57 GMT, Mon, 05 Sep 2022 17:54:57 GMT
Content-Encoding
gzip
Server
Jetty(8.1.16.TP-SNAPSHOT)
Content-Type
application/x-mpegURL;charset=UTF-8
Access-Control-Allow-Origin
https://player.theplatform.com
Access-Control-Expose-Headers
date
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Content-Length
898
Expires
Thu, 01 Jan 1970 00:00:00 GMT
segment1_6_av.ts
eonlinetc-vh.akamaihd.net/i/transcoded/complete/343714/wochit_20220822_jenner_343714_,30,40,20,12,8,4,3,00000.mp4.csmil/ Frame 8EBB
Redirect Chain
  • https://redirect.manifest.theplatform.com/r/BdHJDC/SwdHfX0qN276,pwvHOHSDRVz9,3d0j87vL_f2a,fxj9COeKs3dL,_Y_gYyT0rGay,kW7gAGELAvZK,m09xcZSwC9rD/aHR0cHM6Ly9lb25saW5ldGMtdmguYWthbWFpaGQubmV0L2kvdHJhbnN...
  • https://eonlinetc-vh.akamaihd.net/i/transcoded/complete/343714/wochit_20220822_jenner_343714_,30,40,20,12,8,4,3,00000.mp4.csmil/segment1_6_av.ts?null=0&_alid_=MsnmywblCMpmXn5kAasR1Q==
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
player.theplatform.com
URL
https://player.theplatform.com/p/BdHJDC/pdk6PocStable/select/media/P7u___9JIdXC?form=html&playAll=true&playIndex=first&autoPlay=true&logLevel=none&params=fw_gdpr%3D0
Domain
link.theplatform.com
URL
https://link.theplatform.com/s/BdHJDC/media/P7u___9JIdXC?csid=e_online_vod_de&vcid2=gytce3C3ThpSocruBjJJY&_fw_h_referer=www.eonline.com&fw_gdpr=0&player=E%21+Online+Video+Player&policy=155289502&format=SMIL&tracking=true&formats=MPEG-DASH+widevine,M3U+appleHlsEncryption,M3U+none,MPEG-DASH+none,MPEG4,MP3&vpaid=script&schema=2.0&sdk=PDK+6.4.9
Domain
eonlinetc-vh.akamaihd.net
URL
https://eonlinetc-vh.akamaihd.net/i/transcoded/complete/343714/wochit_20220822_jenner_343714_,30,40,20,12,8,4,3,00000.mp4.csmil/segment1_6_av.ts?null=0&_alid_=MsnmywblCMpmXn5kAasR1Q==

Verdicts & Comments Add Verdict or Comment

167 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| mpscall object| mpsopts object| mps object| head object| mpsload object| dataLayer object| nSdkInstance object| nielsenMetadata object| NOLBUNDLE function| OptanonWrapper object| __APOLLO_STATE__ object| __PAGE_DATA__ object| __LOADABLE_LOADED_CHUNKS__ object| OneTrustTCFStub function| __tcfapi object| debugmode object| googletag object| gpt string| mpsinstance function| mpsCallback object| cats string| lastcat object| pbjs object| _mpshead object| _mpsstyles number| retval string| ret object| mpscall_original string| $dM string| sitepath object| sitepatharr string| cleanpath object| derived function| mpsGetAd string| mpsrequesturl object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| _sf_async_config object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate object| SENTRY_RELEASE object| __SENTRY__ function| _typeof object| ns object| paramsPassed object| stateObject object| errorState string| BUILDVERSION object| stateEvents object| _cb_shared function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq function| AppMeasurement_Module_AudienceManagement function| DIL object| s function| getNewRepeat function| getTimeParting function| getResponsiveLayout function| getVisitDuration function| getVisitNum function| endOfDatePeriod function| cleanStr boolean| __qsparam function| htmlParser function| postscribe string| __nbcudigitaladops_dtparams object| __nbcudigitaladops_inject object| __nbcudigitaladops object| __nbcudigitaladops_header number| randomOrd string| eTandomAd string| OptanonActiveGroups string| debugmsg string| warnmsg number| queuelen object| ggeac object| google_tag_data object| google_js_reporting_queue string| OnetrustActiveGroups object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| headertag object| Criteo function| headertag_render function| jsonFeed function| cookieWrite function| cookieRead string| g undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 undefined| google_measure_js_timing object| MoatNadoAllJsonpRequest_85480780 object| Moat#PML#26#1.2 boolean| Moat#EVA object| moatPrebidApi object| _cbm undefined| __nbcudigitaladops_gptparams object| google_image_requests string| avk object| __core-js_shared__ object| Sailthru function| hj object| _hjSettings object| s_i_comcastegeonlineglobaldev object| otStubData object| criteo_pubtag object| criteo_pubtag_128 object| Criteo_128 function| __uspapi object| usPrivacyCookie object| gamoo object| otCcpaOptOut function| dnsfeed object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| OneTrustStub object| __otccpaooLocation object| adsbygoogle object| $pdk object| js object| tpController object| otIabModule object| Optanon object| OneTrust object| criteo_syncframe_state

58 Cookies

Domain/Path Name / Value
mps.nbcuni.com/fetch/ext Name: adEdition
Value: DE
mps.nbcuni.com/fetch/ext Name: geoEdition
Value: de
app2.cision.com/ Name: JSESSIONID
Value: D27115BFD82D27D34A6DC39A009D1108
.cision.com/ Name: __cf_bm
Value: VrZMr4j8PSI2lAotkFEDnLJUO_IrNQCEgyk77K7dsXE-1662400492-0-AUrwN88QeA1P4ao0asNRK7CCUkdS0UksbCkPanr8BB+z3dGD8xoYEzOiOg6aHHX2oK6zpFfU+inJd8HIRdWwMOE=
.eonline.com/ Name: geoEdition
Value: de
.eonline.com/ Name: adEdition
Value: de
.eonline.com/ Name: at_check
Value: true
.demdex.net/ Name: demdex
Value: 62320289127808541581693469639902101924
.eonline.com/ Name: AMCVS_B3ABA272551949410A4C98A2%40AdobeOrg
Value: 1
.eonline.com/ Name: AMCV_B3ABA272551949410A4C98A2%40AdobeOrg
Value: -1124106680%7CMCIDTS%7C19241%7CMCMID%7C68069423429109011252273166701795654063%7CMCAAMLH-1663005293%7C6%7CMCAAMB-1663005293%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1662407693s%7CNONE%7CvVersion%7C5.2.0
.eonline.com/ Name: ssuid
Value: gytce3C3ThpSocruBjJJY
.eonline.com/ Name: _uid
Value: gytce3C3ThpSocruBjJJY
.eonline.com/ Name: s_plt
Value: 1.52
.eonline.com/ Name: s_pltp
Value: undefined
www.eonline.com/ Name: adops_master_kvs
Value:
.eonline.com/ Name: _cb
Value: IqoDlDua06dBCGFpX
.eonline.com/ Name: _chartbeat2
Value: .1662400493310.1662400493310.1.Dl3T7LCs6G-wDco-KaiRAOXCU8dgX.1
.eonline.com/ Name: _cb_svref
Value: null
.eonline.com/ Name: mbox
Value: session#a2776d6cfb434de09ac76dde649f21ad#1662402354|PC#a2776d6cfb434de09ac76dde649f21ad.37_0#1725645294
.eonline.com/ Name: s_nr30
Value: 1662400493354-New
.eonline.com/ Name: s_gpv
Value: ca%3Aarticle-detail%3Anews%3Akylie-jenner-rsquo-s-response-to-when-she-feels-most-confident-will-warm-your-heart
ads.stickyadstv.com/ Name: uid-bp-2009
Value: 1
ads.stickyadstv.com/ Name: UID
Value: da96c8abfe2fcd128ba8227a8a7ddd
ads.stickyadstv.com/ Name: sessionId
Value: 4399c57add7fc5eb2f3dfd1068772f6f
.imrworldwide.com/ Name: IMRID
Value: d85aee10-2d43-11ed-a0a1-3f6c10bdeabd
www.eonline.com/ Name: sailthru_pageviews
Value: 1
.eonline.com/ Name: s_vncw
Value: 1662854399540%26vn%3D1
.eonline.com/ Name: s_ivc
Value: true
.eonline.com/ Name: s_cc
Value: true
.exelator.com/ Name: EE
Value: "9b05d15c715374857175640adf77166a"
www.eonline.com/ Name: usprivacy
Value: 1---
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcEyycA0xdA02dzQ1NjcxMLU3NDc1MzEIDElzdzc0MwscXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDAdEl%252BUWb6IhfXxUUpaQyLSopPBR9sTwUAUa4pWg%253D%253D"
.kargo.com/ Name: ktcid
Value: f382eacc-4750-0713-16bb-e45c27959547
.eonline.com/ Name: aam_tnt
Value: aam_segment%3D1900987
.eonline.com/ Name: aam_uuid
Value: 62320289127808541581693469639902101924
.eonline.com/ Name: _hjSessionUser_1762303
Value: eyJpZCI6IjExMmMxODA5LTNmMmYtNWJiZS05N2IwLWE0M2RmMGEwOWU3NyIsImNyZWF0ZWQiOjE2NjI0MDA0OTM2NDIsImV4aXN0aW5nIjpmYWxzZX0=
.eonline.com/ Name: _hjFirstSeen
Value: 1
www.eonline.com/ Name: _hjIncludedInSessionSample
Value: 0
.eonline.com/ Name: _hjSession_1762303
Value: eyJpZCI6IjFlODYwMWY4LWFmY2UtNGYyMS1hMTgxLTYyNWI2NTY5ZmRmYiIsImNyZWF0ZWQiOjE2NjI0MDA0OTM5MDUsImluU2FtcGxlIjpmYWxzZX0=
www.eonline.com/ Name: _hjIncludedInPageviewSample
Value: 1
.eonline.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.quantserve.com/ Name: d
Value: EM4BDAGDJ7mvYA
.quantserve.com/ Name: mc
Value: 631637ed-df39e-f2b36-1dd4d
.ads.stickyadstv.com/ Name: updated
Value: 1
.ads.stickyadstv.com/ Name: sessionId
Value: 4399c57add7fc5eb2f3dfd1068772f6f
.ads.stickyadstv.com/ Name: UID
Value: da96c8abfe2fcd128ba8227a8a7ddd
.ads.stickyadstv.com/ Name: uid-bp-2009
Value: 1
.fwmrm.net/ Name: _uid
Value: "l015a_7139955750289753352"
.doubleclick.net/ Name: IDE
Value: AHWqTUnXArRr8dihejwqhzP9_IkmIEt8ImcCmZ7I88aF76FikIkKAGCRlsatiSe_UR4
.dpm.demdex.net/ Name: dpm
Value: 62320289127808541581693469639902101924
.www.eonline.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Mon+Sep+05+2022+17%3A54%3A53+GMT%2B0000+(GMT)&version=6.12.0&hosts=&consentId=b422804f-f10c-4238-9b85-eee7952ac1e6&interactionCount=0&landingPath=https%3A%2F%2Fwww.eonline.com%2Fca%2Fnews%2F1343461%2Fkylie-jenners-response-to-when-she-feels-most-confident-will-warm-your-heart&groups=1%3A1%2Cdummy%3A1%2C8%3A0%2C6%3A0%2CSTACK8%3A0%2C4%3A0%2CSTACK16%3A0%2C7%3A0
www.eonline.com/ Name: sailthru_content
Value: 853ea81ab4307e2fdf266349f7db1a85
www.eonline.com/ Name: sailthru_visitor
Value: f4108b5c-864f-41bc-b6e1-e06c33a34255
.demdex.net/ Name: dextp
Value: 3-1-1662400493561|771-1-1662400493712|1175-1-1662400493881|796-1-1662400493993
.ads.stickyadstv.com/ Name: uid-bp-36033
Value: l015a_7139955750289753352
.ads.stickyadstv.com/ Name: MRM_UID
Value: l015a_7139955750289753352
ads.stickyadstv.com/ Name: uid-bp-36033
Value: l015a_7139955750289753352
ads.stickyadstv.com/ Name: MRM_UID
Value: l015a_7139955750289753352

4 Console Messages

Source Level URL
Text
security error URL: https://www.eonline.com/dist/js/articledetail.83d19581d14a81061b34.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://player.theplatform.com') does not match the recipient window's origin ('https://www.eonline.com').
security error URL: https://www.eonline.com/dist/js/articledetail.83d19581d14a81061b34.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://player.theplatform.com') does not match the recipient window's origin ('https://www.eonline.com').
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://in.hotjar.com/api/v2/client/sites/1762303/visit-data?sv=6
Message:
Failed to load resource: the server responded with a status of 502 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f2e7.v.fwmrm.net
29773.v.fwmrm.net
2dwbpyqha9wzrlqgjtvbtrhe9ftar1662400494.nuid.imrworldwide.com
ads.stickyadstv.com
ak.sail-horizon.com
akns-images.eonline.com
api.rlcdn.com
api.sail-personalize.com
app2.cision.com
as-sec.casalemedia.com
assets.adobedtm.com
b8sik9eqloqwbfrbmmv9xkki4walz1662400494.nuid.imrworldwide.com
bidder.criteo.com
cdn-gl.imrworldwide.com
cdn.cookielaw.org
cm.g.doubleclick.net
comcastentertainmentgroup.hb.omtrdc.net
d28nxrgt4y7pn6.cloudfront.net
dmp.v.fwmrm.net
dpm.demdex.net
east.manifest.na.theplatform.com
eo.demdex.net
eonline.tt.omtrdc.net
eonlinetc-vh.akamaihd.net
eonlinevideos.akamaized.net
feed.theplatform.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
gp8o5ztgz1sxpyw37adjfdyxxljxn1662400493.nuid.imrworldwide.com
htlb.casalemedia.com
ib.adnxs.com
id.sv.rkdms.com
imasdk.googleapis.com
in.hotjar.com
js-sec.indexww.com
krk.kargo.com
link.theplatform.com
load77.exelator.com
loadm.exelator.com
mab.chartbeat.com
match.adsrvr.org
mb.moatads.com
mps.nbcuni.com
pagead2.googlesyndication.com
pdk.theplatform.com
ping.chartbeat.net
pixel.quantserve.com
player.theplatform.com
pmd205470tn-a.akamaihd.net
polyfill.io
s0.2mdn.net
sb.scorecardresearch.com
script.hotjar.com
secure-dcr.imrworldwide.com
secure-sdk.imrworldwide.com
securepubads.g.doubleclick.net
sofia.trustx.org
static.chartbeat.com
static.criteo.net
static.hotjar.com
swa.eonline.com
tlx.3lift.com
u12097671.ct.sendgrid.net
vars.hotjar.com
www.eonline.com
www.nbcudigitaladops.com
z.moatads.com
eonlinetc-vh.akamaihd.net
link.theplatform.com
player.theplatform.com
104.18.18.126
104.18.19.126
142.250.184.226
15.197.193.217
15.236.176.210
167.89.115.121
178.250.0.165
18.134.84.22
18.194.70.236
18.198.126.47
18.66.147.113
184.24.77.188
199.27.170.188
199.27.170.198
199.27.170.201
2.16.186.218
2.18.168.29
2.21.20.137
2.23.97.19
23.208.242.66
23.35.236.247
23.35.237.151
2600:1f18:6593:f602:3fd7:c8e3:cbda:5fe9
2600:1f18:6593:f602:4d5e:ab92:54cb:6c57
2600:9000:2057:7600:18:1fcd:351:7bc1
2600:9000:214f:7400:2:42d9:3100:93a1
2600:9000:223f:be00:1d:667e:2a40:93a1
2606:4700:4400::6812:2962
2606:4700::6810:9540
2606:4700::6812:5f3c
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:80f::200a
2a00:1450:4001:812::2002
2a00:1450:4001:812::2006
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2003
2a02:2638::3
2a02:26f0:10e::6860:5b78
2a02:26f0:ea:2a4::1e80
2a02:6ea0:c700::19
2a04:4e42:200::714
2a04:4e42:e00::282
3.248.125.227
34.120.133.55
34.207.38.202
34.234.134.156
35.211.168.6
37.252.172.123
52.18.181.114
52.18.219.233
52.208.60.7
52.215.255.196
52.29.207.110
52.31.4.32
54.235.52.143
65.9.66.34
96.16.134.100
99.83.154.140
99.86.1.160
99.86.4.101
99.86.4.2
99.86.4.22
02a8cd07f9b72905689074cfd8852c03cde76a58d1ae30939ee6c05f737d47e4
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05852903b8547317e695747a1cf55edbb3779a1cac92a8f79a771daa67ad68f8
069bd9db400ab661fab8d09a3af72a2696d58d35259dc9116f81982f17573da8
0821bd2158b7c2d4165a43a999f30fdc1dc977c6f216ae950298b0237189c0e2
0a18fb8288409b59949384dba2d950cf9b8dd95b77f04c3851b33c5f35667976
0e4e46fa1aa04c24e793912d7aabaa2f2b0f7dc03d73cf74fbe12cb84f062554
0ec2c2239ca096648cc18d4cda3842ca3db7622cbd5a7ac178f54d43d69ab39f
10a3029565af3ac373213224681d56fad9e1600f5280f184953699abd54b1118
11b360963cee2563b6f93fc397a436c1c5b8ace543f35a9bb76095bd40ceccb2
13f63ab5fa8d3973eef6d6366052135fb3958b54ca2149cc691864b03ed7d848
17a72d2537dda12e0d4ae09cd36fe0c7f4e4a7707eb281643493777144c1c57f
18598019a57e76179b5f1f2a99031a527d5c7193c3a7ab343554f4185d7a9ea9
1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f
1d97729299024aa64b03739e244f254966f9b546045de88bd835701a473045d8
1e164f9bb49be93bb19775c1f7a4ce46152463c4ec1ef738bc56479c1754b395
2a3553875545c42d7b44d945a4d1b90b71bd41b62da45ce6adf021aec6d71374
2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816
3021dbc38c2dfd3da4cda6c72c24bc160cfc2ff37cb8acb9b2d16ba5da750274
363c2851d48b2d7062a82178a8f204fd22319cf777924ebe87b2f9ee1e6805e0
3770e5d86e165b98783763fa56cdc1644259ce75daa0561263b9613ca627108d
3ce44c403aeb19251dc26669bdb037eaca39296fd09af5758b867225f8c5d7f6
3ecf2c02cd15cef1f06a0da17591d8c69a20daea1431fe19961a2b94ebf10397
3f9b709b464b45f430224399af0b173e5f75fb223394b84c0bf34d9e9c56a5d2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4833546a9e174062c220f66082e35222e1a877ae9dfd2ac95d864a5838769746
4b18186788562a79dba8831a5675090e642d84fcfff1015705a5930a16a275dd
4baa280c316f80216c7d9dcb64f308726f23cfe4fd4ada8d36aee7c3ea101108
4ca35ab6756046c8b94ea3bde35009f35f981bbcb8fa3e8937c6dd956a36b3e1
5178686db7707415c14bc775aaee217d0a2eb716f4719e75dfd34aa59abc35bd
51ffb44c70721fd6063bb69e87bf7849b8bcfeeab08fe1a76b253cbba5c29b81
525740a1712bcee1babc58e1d53f2ebf1ad62a9a55e511cd5c21557085381f74
56bdfa4dcec9c4bce6bf00e2566c8c2013d9d5ef34e855d3469f1f675577e454
580f8e73da366db45f1f08b4b9ba56e3a6b540e6591f847f5ab9efe63afcb65e
5d4ce03723f1c442952bfc8cbf03426ff576bfd16d6d87da5cd83f111951a804
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
64e4de71a710bbb6b7bc79ec8e2bf2d9b3132e8330d29b6d50479eb95238e8d1
651f81f329d26befc82b25bdae5b27bb281e8227644fd985ff8bcf77ede4fd61
66ea8edb8663be45322c040cb3e46e5b32252daee0394c20a8816fecc29fdf1f
685ca148d764b719d48634f9702be09985a2d9c870ad71cfb1176e04805e1970
69b1fa3acbdba08be1044c245a8a008fcfc0f7565dc42174bb3ebd3a21844f80
6a28a4a86b30ef9591ce7be44ee96a527925f257de6ba6f8b6971c24f378bc77
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c116b2015427df74774e1f50bb67fbd1e75404843d39881003a9284f2bf3869
6c4e43e39ccd9b25eb552ca3dc0f2a9f5ad83f966cc85858ecb4454f7cd48a7d
6dadeb4436aae22cabbcbf6ef123236a9a266d1eb336ec2bdfe2527c636ad8fd
71b00f7328f1f074db7eb9c6aad679fd218d38a68d1e2b089328a8b51b99c18a
740c91d53d19d6530c4fdfd1053776f65e428b06de45616b723a4673c90b68d5
7425d2ace2513feef80d93716ca1ced6190ad4552fbe4e4fa1ecb491bbfdd3bb
782f268e77cfc3046cb40e35fdbb9904456f813a7847883a83a2221d8c37b776
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c13919d444c4492f8dc05ad884bf0801711d95c2797e57ac8cdb25f508ecf61
7d975c26b06ab0b2c7602f25a9bb3396f5105b93f593053555cf5a130063362a
805f848cb4ee132ad0f596478724282fc0a19b1c45d820f42b62137cf0799f0d
8228c5284b96616b8873d2985b9c7cf4f25e38c8e40237a01a7bb80c74ab114b
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
86abcf27cf5192ec6219333bfa420e42969d6c0ace395687dab2d3eaecdf1322
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8878f35ea7780d029103672c612f41b05b1bf3d0ff06bcd4256e808f878ed516
8c2ce69aee006d95b0bf1120931c0866506165bd8653814a8837617d6ef3601f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90438997aa817bad94f49d367b04dbaaaa387493ef5a1f5b5d5f7b953b76c1ac
92c5b25edbc4647c55be848b92ea22fd4618cc3252a2364025262e18a7430f84
96b26c116949883363a4afdd6508b6896a05a9fc44e03a400413c89955e57450
97348af363e8f868241878e4e0f6e41f97c905b1b6518d0cc0bdb436c2c952eb
97ae0f599e5bc08fc0926bce21c4bf8427f78a4e80fb519c276aa5bc842195f5
97dde029fd4bcb2d54124814d94bcc8a3001f057e8002feb81cf506fd4265332
98a301d55f0cd69be8290754f071d4427e6f4c8e48d8d905a9a0fc18e897979a
9ae5c20f00c460da157d5b2862736a5950db1ec5297c4dbe590483394e1a828b
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a3bbc289bf959e8e83fa74f6f922f827cf7cea8596e2d87800d258c7642d6ab5
a57471939eb8011f355e21c42ce18949216b999db54699dff426c7aff1459feb
a62fc33c242a2cac257115807b453a6267ecc07adf275f6f323065ee96531c9c
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
b661075ac52f02c3797623f6024f32bb61dedbdaf324bbdb3fc5d2957d87c569
b8604270f373497ce07708cc73163913f3e204ad0c655a7efe1baff345675c1a
bac7459ab7164cb65fa8fdac023d0a8e5ab40e21f52dc5c1f75b9efc8514ac01
bc06789c6cdf91976b1099dc7e99dcd456273c83a69556d79e749c4cfd3c9f5f
bcd84bdec4427d65b4388bc6bd79569e502275110da7ce5e9be26d3f64a79e89
be103e7cd3fbcc3964b55a59a948464f6357f089b29389855941c0c004c3755f
be8cbe512987770fc4cb5f8caf77683e9a274ae3c60987abecf91ad6f78fc869
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c4a993da871b23faa0b2873a1a6afcdc53c8ce36c27e18164a171509274d7b89
c8ae83b9cdb1225c5e8c939b27f2832231d7cfd6961826fa2dfad808a1393637
c8ee725acb9b5e7f9b47cfe186b2fd300241912e7b2bc0e725cca2018c4d5619
ca6542a2754ea63b527802781dc4872704ebadaec9599ab392bf54139e4c5d38
cb53c27269f9360734f3bfa8922fcc531387d85dba0a49a0946ff7ad2546b19c
cd4b37eda75a7c06de999ebc2634e31f017b49cd04e1a0b13677f1a749344ff9
cdce9e9f28278f68d8dcbc5e43c7ad4af3e8164d99346b1daee20ebc581af536
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfb46bab8d22b2816338cee23d9c0d9c662a46b3ec088b1d21f0d3472dc34b6a
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d105b0a793af6426ddf8c1ef8b26ae81d889617ef5f248a72e06b8c71d91e1c5
d162942e00d8e9beb4aad8a89aa7cd40336e4c5875d4cce97d4cf4bfd883db21
d39615c5c00bc78cdab70b1d18691035540ce4244e2f56bc9278e2637df1f707
d9298ad57b79ad1267dae11b3613ea779f763eebf484d84c21540b8ef4a99b6a
d98e3cc3bb3c63f05e3cf21aa2e94a7ac9336965139d954d2df250d125564d1b
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
de378dde2cb82d6ad4893e2d148b67133b50c51469fe14dfd9e4d515fb4d10f6
de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6
dfaa2f31100ea091dcf977cb8aa424f1f82b25eb28503c6618ef01f8af721a04
dfeb7783a538aaf85df056bf149c808937dccdb3e3af5714d6fba017054e2f94
e00caac038d69fd33d1e799dae6141d5faa7b0fd91063277ab4bc3e09e76607f
e0da565315a090d118f867bf7eccae0ecc9b7424b7434aee6e14ee5d4acd5bf5
e144b487e92a4ee84731bd96e63dfbcdcf42acbd7709ec5ec40fe923fa68d614
e20075cfb7ae72fc9a6ad53738afe082145da7586353c4a00b9bc73f3fdde166
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4025aa5c443d60ddab42e40387641ef8a954e3ec923e01abf1cfb2cdf778028
e46dd3fc7af479e4504f24fde2c0f30a7702dd09ad22ad3a6dd84839796292eb
e6d30ac453d4a6814c1dc805b634d9d715547665ffcf2ee982ecde4677970b20
e88bd0640adb21b0d98c9a04e3b08e0fedcdf1febef66a25728789743da1a690
e9096ec91479745771871edfe9afda337c1c2cee4705ee408d2cb3115c317f33
e98b57c5bd665b3b5388f51733430090ca6b5f498d9b58b765ac2fef40c1340b
e9bca797e35294210a471d8fedbcb73598cecbdb14fc19b93eae0f1b5ccffdf5
ebcf9dfc5b5f032124c4bafe98cc21aae9dd8ad4a09a72af622ee3af595610f6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f02f4faf2063a112ddfcb5abb7c4af9568a1800dcea25a7d50e6b873422f3082
f37645bb0e7d979fb2b57db4fde083a4c42238a7a2ba4422fa27a5dc714b0255
f5e065e454d999272c81abc2c8a21e7446d9d9b98e43fb4b64e5877d53870f56
f68de314a12a3636ff9d3026c4f5274e44ee4dd8893be7b1f006175ef2f28781
f73694a959a015821cbb7eaffffa208c6812161c172f6642125de6ba832e6f89
f7cda432fd42a7521a36ef8ea1cf96b14d1049e16f25c32d9fb78d71113267c1
fd30dbf0515ecc6cfc3e80640d3820bc2a2a5f84633ccbc740abf8d2931b58f1