live.hotnewsmm.xyz Open in urlscan Pro
2606:4700:e4::ac40:aa26 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs#utm_campaign=midespo...
Effective URL:
https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Submission: On March 20 via manual (March 20th 2023, 2:23:41 pm UTC) from GB — Scanned from GB

Summary HTTP 274 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 43 IPs in 6 countries across 28 domains to perform 274 HTTP transactions. The main IP is 2606:4700:e4::ac40:aa26, located in United States and belongs to CLOUDFLARENET, US. The main domain is live.hotnewsmm.xyz. The Cisco Umbrella rank of the primary domain is 368414.
TLS certificate: Issued by GTS CA 1P5 on February 24th 2023. Valid for: 3 months.

This is the only time live.hotnewsmm.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	2606:4700:e4:... 2606:4700:e4::ac40:aa26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
3	2600:9000:249... 2600:9000:2490:600:1d:b722:f80:93a1	16509 (AMAZON-02) (AMAZON-02)
21	190.2.153.150 190.2.153.150	49981 (WORLDSTREAM) (WORLDSTREAM)
1	103.90.222.26 103.90.222.26	135905 (VNPT-AS-V...) (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP)
1	103.39.92.67 103.39.92.67	18403 (FPT-AS-AP...) (FPT-AS-AP FPT Telecom Company)
1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
1	169.150.247.37 169.150.247.37	60068 (CDN77 ^_^) (CDN77 ^_^)
42	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
25	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
4	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1 3	13.32.99.21 13.32.99.21	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2607:f8b0:400... 2607:f8b0:4002:c09::78	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
35	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::b 2a02:2638::b	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
9	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
9	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::c 2a02:2638::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::21 2a02:2638::21	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
15	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
3 3	2600:1f18:612... 2600:1f18:612b:4200:ce75:68a1:ce5b:da41	14618 (AMAZON-AES) (AMAZON-AES)
3	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	18.185.209.202 18.185.209.202	16509 (AMAZON-02) (AMAZON-02)
4	23.2.211.147 23.2.211.147	16625 (AKAMAI-AS) (AKAMAI-AS)
2	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
3	185.180.223.225 185.180.223.225	49981 (WORLDSTREAM) (WORLDSTREAM)
3	44.194.148.77 44.194.148.77	14618 (AMAZON-AES) (AMAZON-AES)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
274	43

23 2606:4700:e4::ac40:aa26 (United States)

ASN13335 (CLOUDFLARENET, US)

live.hotnewsmm.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2490:600:1d:b722:f80:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.images.express.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 190.2.153.150 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)

ad.vidverto.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.90.222.26 (Viet Nam)

ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN)

images2.thanhnien.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.39.92.67 (Viet Nam)

ASN18403 (FPT-AS-AP FPT Telecom Company, VN)

znews-photo.zingcdn.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.150.247.37 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-169-150-247-37.datapacket.com

cdn.unibotscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstatb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.99.21 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-21.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4002:c09::78 (Atlanta, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::21 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f18:612b:4200:ce75:68a1:ce5b:da41 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)

taboola-supply-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.185.209.202 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-209-202.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.2.211.147 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-2-211-147.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.180.223.225 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 185-180-223-225.hosted-by-worldstream.net

cdn.vidverto.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.194.148.77 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-148-77.compute-1.amazonaws.com

ioms.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
60	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 936 trc.taboola.com — Cisco Umbrella Rank: 682 vidstat.taboola.com — Cisco Umbrella Rank: 2809 am-trc-events.taboola.com — Cisco Umbrella Rank: 15237 images.taboola.com — Cisco Umbrella Rank: 1840 imprammp.taboola.com — Cisco Umbrella Rank: 14005 am-match.taboola.com — Cisco Umbrella Rank: 13804 wf.taboola.com — Cisco Umbrella Rank: 2847 am-vid-events.taboola.com — Cisco Umbrella Rank: 13167 sync-t1.taboola.com — Cisco Umbrella Rank: 1298 vidstatb.taboola.com — Cisco Umbrella Rank: 4715 pips.taboola.com — Cisco Umbrella Rank: 1596 cds.taboola.com — Cisco Umbrella Rank: 1781 am-wf.taboola.com Failed	1 MB
46	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 134	670 KB
30	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 32 pubads.g.doubleclick.net — Cisco Umbrella Rank: 428	244 KB
24	vidverto.io ad.vidverto.io — Cisco Umbrella Rank: 38782 cdn.vidverto.io — Cisco Umbrella Rank: 61408	724 KB
23	hotnewsmm.xyz live.hotnewsmm.xyz — Cisco Umbrella Rank: 368414	460 KB
19	gstatic.com csi.gstatic.com www.gstatic.com fonts.gstatic.com	201 KB
11	criteo.net static.criteo.net — Cisco Umbrella Rank: 629 pix.eu.criteo.net — Cisco Umbrella Rank: 7820 csm.eu.criteo.net — Cisco Umbrella Rank: 8170	181 KB
8	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 444 fonts.googleapis.com — Cisco Umbrella Rank: 34	920 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	340 KB
6	rubiconproject.com eus.rubiconproject.com — Cisco Umbrella Rank: 526 token.rubiconproject.com — Cisco Umbrella Rank: 531	22 KB
6	google.com 3 redirects adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	1 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 25 region1.google-analytics.com — Cisco Umbrella Rank: 2388	20 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	258 KB
4	criteo.com gum.criteo.com — Cisco Umbrella Rank: 386 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 12906 ads.eu.criteo.com — Cisco Umbrella Rank: 8089 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9155	44 KB
3	bfmio.com ioms.bfmio.com — Cisco Umbrella Rank: 11256	1 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 295	793 B
3	tremorhub.com 3 redirects taboola-supply-partners.tremorhub.com — Cisco Umbrella Rank: 3401	1 KB
3	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 5250	818 B
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 153	3 KB
3	express.co.uk cdn.images.express.co.uk — Cisco Umbrella Rank: 40133	217 KB
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 285	146 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	5 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 272	17 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 860	464 B
1	unibotscdn.com cdn.unibotscdn.com — Cisco Umbrella Rank: 45026	61 KB
1	gravatar.com secure.gravatar.com — Cisco Umbrella Rank: 1806	2 KB
1	zingcdn.me znews-photo.zingcdn.me — Cisco Umbrella Rank: 66598
1	thanhnien.vn images2.thanhnien.vn — Cisco Umbrella Rank: 64850	820 KB
274	28

	Domain	Requested by
35	tpc.googlesyndication.com	googleads.g.doubleclick.net live.hotnewsmm.xyz tpc.googlesyndication.com
23	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net live.hotnewsmm.xyz imasdk.googleapis.com
23	live.hotnewsmm.xyz	live.hotnewsmm.xyz
22	images.taboola.com	live.hotnewsmm.xyz
21	ad.vidverto.io	live.hotnewsmm.xyz ad.vidverto.io imasdk.googleapis.com
11	pagead2.googlesyndication.com	live.hotnewsmm.xyz pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
10	cdn.taboola.com	live.hotnewsmm.xyz cdn.taboola.com
9	static.criteo.net	ads.eu.criteo.com
9	fonts.gstatic.com	fonts.googleapis.com ad.vidverto.io
7	am-trc-events.taboola.com	live.hotnewsmm.xyz
7	www.googletagservices.com	googleads.g.doubleclick.net
7	pubads.g.doubleclick.net	imasdk.googleapis.com
7	csi.gstatic.com	imasdk.googleapis.com
5	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
5	imasdk.googleapis.com	ad.vidverto.io imasdk.googleapis.com
5	www.googletagmanager.com	live.hotnewsmm.xyz www.googletagmanager.com ad.vidverto.io
4	eus.rubiconproject.com	am-match.taboola.com eus.rubiconproject.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	ioms.bfmio.com	vidstat.taboola.com
3	cdn.vidverto.io	live.hotnewsmm.xyz
3	match.adsrvr.org	imprammp.taboola.com am-match.taboola.com
3	sync-t1.taboola.com	imprammp.taboola.com am-match.taboola.com
3	taboola-supply-partners.tremorhub.com	3 redirects
3	am-vid-events.taboola.com	live.hotnewsmm.xyz vidstat.taboola.com
3	www.google.com	3 redirects
3	www.gstatic.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com imasdk.googleapis.com
3	adservice.google.co.uk	pagead2.googlesyndication.com imasdk.googleapis.com
3	sb.scorecardresearch.com	1 redirects cdn.taboola.com live.hotnewsmm.xyz
3	cdn.images.express.co.uk	live.hotnewsmm.xyz
2	token.rubiconproject.com	eus.rubiconproject.com
2	wf.taboola.com	vidstat.taboola.com
2	am-match.taboola.com	vidstat.taboola.com
2	trc.taboola.com	cdn.taboola.com
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	vidstatb.taboola.com	live.hotnewsmm.xyz
1	x.bidswitch.net	imprammp.taboola.com
1	imprammp.taboola.com	vidstat.taboola.com
1	csm.eu.criteo.net	ads.eu.criteo.com
1	pix.eu.criteo.net	ads.eu.criteo.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.fr.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.nl3.eu.criteo.com	googleads.g.doubleclick.net
1	gum.criteo.com	cdn.taboola.com
1	s0.2mdn.net	imasdk.googleapis.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	cdn.unibotscdn.com	live.hotnewsmm.xyz
1	secure.gravatar.com	live.hotnewsmm.xyz
1	znews-photo.zingcdn.me	live.hotnewsmm.xyz
1	images2.thanhnien.vn	live.hotnewsmm.xyz
0	am-wf.taboola.com Failed	vidstat.taboola.com
274	55

This site contains links to these domains. Also see Links.

Domain
vidverto.io
www.volvocars.com
popup.taboola.com
2sdt3kdic3.execute-api.eu-central-1.amazonaws.com
trc.taboola.com
cabinet.esmeralda-psychic.com
gosearches.net
newnutritionsecrets.com
go.hotnewsmm.xyz
sports.hotnewsmm.xyz

Subject Issuer	Validity	Valid
*.hotnewsmm.xyz GTS CA 1P5	`2023-02-24` - `2023-05-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
cdn.images.express.co.uk Amazon RSA 2048 M01	`2023-02-21` - `2023-10-14`	8 months	crt.sh
ad.vidverto.io R3	`2023-01-27` - `2023-04-27`	3 months	crt.sh
*.thanhnien.vn AlphaSSL CA - SHA256 - G2	`2022-07-20` - `2023-08-21`	a year	crt.sh
*.zingcdn.me RapidSSL TLS RSA CA G1	`2023-03-17` - `2024-03-21`	a year	crt.sh
*.gravatar.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-23` - `2023-12-24`	a year	crt.sh
cdn.unibotscdn.com R3	`2023-03-08` - `2023-06-06`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.scorecardresearch.com Amazon RSA 2048 M02	`2023-03-01` - `2024-01-28`	a year	crt.sh
*.google.co.uk GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-14` - `2023-06-09`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-04` - `2023-06-04`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-18` - `2023-05-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-17`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
cdn.vidverto.io R3	`2023-01-26` - `2023-04-26`	3 months	crt.sh
*.bfmio.com Amazon RSA 2048 M02	`2023-03-17` - `2024-04-14`	a year	crt.sh

This page contains 29 frames:

Primary Page: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Frame ID: BC641B03ABDD5D450C171F456DF863AF
Requests: 133 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20190131/zrt_lookup.html
Frame ID: 9FCEA116E90670C86B524F8BB25A24C7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&adk=1812271804&adf=3025194257&lmt=1679322212&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211761&bpp=4&bdt=344&idt=362&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3143030458980&frm=20&pv=2&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=395
Frame ID: C5C519CE2CAD9885BC95D2CE00790707
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=3328342826&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211765&bpp=3&bdt=348&idt=400&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9UAp0hnqxg&p=https%3A//live.hotnewsmm.xyz&dtd=407
Frame ID: E2BD1FC061DAA7FF6B0C5211516E33AE
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=2878163114&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211768&bpp=1&bdt=351&idt=442&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1722&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ov5AYzjtZS&p=https%3A//live.hotnewsmm.xyz&dtd=448
Frame ID: A9F024E3D5BB395076C5FA4B3742D927
Requests: 14 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.563.0_en.html
Frame ID: D89F1404E9C625B118EABFB51B688198
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=3673390029&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211769&bpp=1&bdt=352&idt=504&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2188&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mvOQLe1PIS&p=https%3A//live.hotnewsmm.xyz&dtd=507
Frame ID: 6BC882FAF271312BF9505DA678163D09
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=2760247701&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211770&bpp=3&bdt=353&idt=532&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=KhSyiZAGtz&p=https%3A//live.hotnewsmm.xyz&dtd=535
Frame ID: 1D318FD76BF2003FF8BF190F6BCA1DAE
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=808297724&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211773&bpp=1&bdt=356&idt=554&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2809406a65851201-22ee5eaa5edd0034%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MaaXV7gyz5LbaEc46spiLwLQvn9aQ&gpic=UID%3D00000bc97885d817%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MZRRz02Be0AhCo1_BWme-D2xIrL0A&prev_fmts=0x0%2C820x280%2C820x280%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3677&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=4I1Ww6SOuM&p=https%3A//live.hotnewsmm.xyz&dtd=556
Frame ID: CEDFB2FB4A33EC4624B7B065A6E962BA
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=1862173523&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211774&bpp=1&bdt=357&idt=565&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2809406a65851201-22ee5eaa5edd0034%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MaaXV7gyz5LbaEc46spiLwLQvn9aQ&gpic=UID%3D00000bc97885d817%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MZRRz02Be0AhCo1_BWme-D2xIrL0A&prev_fmts=0x0%2C820x280%2C820x280%2C820x280%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=4143&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=2lCmE2ilsL&p=https%3A//live.hotnewsmm.xyz&dtd=569
Frame ID: 460101E9F244179B84EB0298905B454A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=600&slotname=4969152155&adk=4189332658&adf=1502878857&pi=t.ma~as.4969152155&w=260&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=260x600&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211778&bpp=1&bdt=361&idt=624&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2809406a65851201-22ee5eaa5edd0034%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MaaXV7gyz5LbaEc46spiLwLQvn9aQ&gpic=UID%3D00000bc97885d817%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MZRRz02Be0AhCo1_BWme-D2xIrL0A&prev_fmts=0x0%2C820x280%2C820x280%2C820x280%2C820x280%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=10&uci=a!a&fsb=1&xpc=PwEDiN2LNg&p=https%3A//live.hotnewsmm.xyz&dtd=628
Frame ID: 15C24ACD7EC3CD46DC0B5E9B66991D23
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBhsZAAFD5AIFWATAA7T1W-rwPL_LrpYBTHHlA&u=%7CgcYhTbAqFn5ztt%2BiaW0RWZUmkkhVQ0xqdQBbHiXlFQw%3D%7C&c1=jWCgqsKSUoVBn20AqVVxCoPRAm90aLzgrVfB2QwD7M7-VvQP7hbx63Ayr2R8qzA_xZLqQBP3g92w3knXhe9dhIszxviH2kvtsfp6VPu5YRoDqxSq5-AbidLshSDf8EZe1FiErS6Ra1Znrx1KZPGfU1aOyNlSetLqTNIEwL58MpSjvuC-cb2fB4-ujtVOmPLoSj_9v5-67-pNJAs4bBTJBXXqKyN3hEINJrsr2t5pXkrQ6wJcHs2-aeT8sTzxdmtYnwQOkaQ2ErolraISRGbZLYGohfBTtPhuDZ_clXNGhiXFIBbbxkvBj6grHDTZnP3sw1fX3XmnjCk30ct8Bt3aV3l7zGcImsHBGYt9pbDzapvSZ3Cw85N0xw8wrI3S2CsZMfhgBMH5UpJNAalQNaOfAl-jMmDNK6dRT_XuFgFc-r65XVe0ukFqEp4hy6c18fJmCjZoZNlrtG3VlWaeW9g3ddvAMr3fnngpuy9FOAY3Eb2AyotFnpWsa4kyJ6ze7WQhmneDavGo7qwUs7Xi0hFBroZA5VjT5aBQfeBdJGtiOwkPXffIJLSz9mTeZpJszz3NYw1uxNm_jtpQwA83jwyjm-TieGL11Ifx-SUWMX6mnKk8S5wP-ev1urXMFUWtaDvSjwVmWJvwCZ8c234myjjhAg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzwJFZGwYZJCfFJPA1fAP1ae7kALkj9KxXP_Q2ZGIAcCNtwEQASAAYKECggEXY2EtcHViLTMwNzM5ODU3MjMwODc2OTXIAQmpAk1vhCkrdLQ-qAMBqgTNAU_Qz7SVCSWAsTxp7gMZB6XjCoNAzdY7KoNAzuQ1_JA_cIQUa8weSYc8n5HcAufY7oL2p4wDEVwuWKdkihBhJAwju10IRNRQPM-Ilnr-JyYJ_XG3vzRwVk8rqx-_BkHWbGxEnJGWSz1El73SubuyLZMocDyd9odAyBtkCft6zDSMGuLkPpnLksFPHZ7kSkIMU0ZAIKYzA77cONPCYaehc8jbhVVZ3TQh7S-er5zK7Y_z6hD1q6bWJkeHJVSXzjSI6EcfyTruNljAOkyxpEyABvyQiqDrgKSC-gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_13oFVONtpaoXd7Sn13Y-Lh4bVdhQ%26client%3Dca-pub-3073985723087695%26adurl%3D
Frame ID: 863B11B7CE08596B8406DEC22F1D991A
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EFAAE43B8B61A78426507A59AC243005
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/n7KdSiWJFgbDLHajlxoGzrM9J1DJZleIE0kt7I04uFE.js
Frame ID: 2592783E89053334D3E12AE9D8C56D1B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/n7KdSiWJFgbDLHajlxoGzrM9J1DJZleIE0kt7I04uFE.js
Frame ID: 6B0DBD67998217856D80A1745BF1CFF3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2326FE1209FE22772647EB639E01B73D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17171710418869759677/index.html
Frame ID: 01BB6C805250CF9694509C637599E0DB
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=Cay6QZGwYZIX4F6eI1fAPhPWasALe-6_hbrD39Z-0EdvZHhABIJHPtSFgu4aAgNAKoAHo8_ecA8gBCakCovHNzpuBtD6oAwHIA0iqBNMBT9CRWKWvAn7pTDHOp6u7w_EW5EC4S6M3KEC-9uS2zttGOWbBwjsepg9j8Is-f0Au9NuWw1-wM5_2LNTtaMSkiWHzpiwH5BcqFic7hS5eqTPqc-89n7FklbjtcSq0KH8aRRbRyawqpCogKAxZxcBEgcxZ5dx2Ef92DqIBL39PYgZDGkKhi3YTeMoR-86fG4dKunnK8r4G3wgIzK2pQCPtuQ9t-cawroikIFBddY-yEFYGUkn5xGZprn6-qJlPRv9DbJOEhxB-BDmC6ww6S4x3Nhfd8sAE-fmR7_EDkgUECAQYAZIFBAgFGASgBi6AB4CMiGOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDY5wTSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDIgUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0zMDczOTg1NzIzMDg3Njk1GAA&sigh=kui0z3G7zvk&uach_m=[UACH]&cid=CAQSSwDUE5ym2Nd83t0eY33r1f-J_XMu41HV9KqthFr0rQl646-NLX6cA1sFuF89eR0fao-WRiheUh5QOFTECNRESKM9oSAR_kroSVsxXxgB&template_id=419
Frame ID: 01DA6C72824D3AA27B0EC8B730F466F9
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/n7KdSiWJFgbDLHajlxoGzrM9J1DJZleIE0kt7I04uFE.js
Frame ID: ADFCDE80C6EA36976748DA20DFF4E80B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/n7KdSiWJFgbDLHajlxoGzrM9J1DJZleIE0kt7I04uFE.js
Frame ID: 6114C7C71BF2AC0226BE313B77668515
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 66EA35ADDEDD60D55EAE01E4D0A42BBC
Requests: 2 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7uckCFgN0a3WM_2wm1QR0a3WM_2wm1QUAAAAGBvQHJGabOBY252StGK1sbtFyYltLXMvJWrcxrnyblccwsxmGQGK2iWNhc07WitHK5hYtJ7a1xLWcrHUb48q3WXkMM5thCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bQtB0Onyue73YaXvZhX7T3eX7vN124fP6lyw2q-FiDgAAAAAP_____xAAAAAAEQAAAAASAAAAABQBFf8WAhcAAAAAGP____8aAOIcB-jweO0u5z8AAAAAQAAAAABIABCcB0sAYgRrT_7_________YwboM29k_v___28MegAefAAehAAAAC6G9tnLAJb330SICnCLGAEAAABkKxKrHU3qhMqi6v__v98K4AoAIMDw_yyNP0t3UOItDAAAIGBsgR4Wv9_ssGv8bpf9_________5v9n_2jCTn1xKX11gk_qv0CAgCs_QICALCpGwDAmwBc0BG0YjBYXUDMDgAAAODu____Xw-kPCubc7NwuZYzx2RiWWxcLuNgYxitPK7JZDCYeO98jyaqI6D8tS9EWGa_76CgnJ4es8sgKrreFrvDafYcxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BmKxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIgyZnIPJZrhaqwabjVs0HBnXytVq4RZ5JgvbaOVyLBejtej1MV0ci5ljZdqiYIDIXiRPi3Qimy1HnpVltlhubK7FZLMxTlyrlWuwsZhGm83GMhFLNCeLdCK77Fuelc25Wbhcy5ljMrEsNi6XcbAxjFYe12QyGEz8JZNzMNkMV2vVYLNxi4Yj41q5Wi3cIs9kYRutXI7lYrQWvT6mi2Mxc6xM-8Zst9xMJpPFZN-Y7ZabyWSymOw7dIbv6nM2mofXxsfljOo22-3NYVC4DBbvVGrajTvHgvM3LDpVpteyoDP6_X6_3-_3-_1-v0HrOZgNCt82esv2rkFz6To2F8QGgyKWCC7SifBhdj3sDtdb6DfdXb7PRSxRmi7SiV6y2KyGi4lYIjhdpBPRy3i6qP_4IIvdXLEZzhXL2VwxmK0SAAAAAAAAAMAS5sybAAAAAJwGtdstVqt1HsxkNNpNVssFuHhQ0v3pXlzfRYeE211zU7lhxnL4L278GAIfZtfD7nC9hX7T3eX7XBngwkGfefNnglir1bIGAAAQwAYAAAjg1s17ADlciv____-PAwAAkJGjBwAAoN8HqlIJP3Kl2OMnyN1kOQ!&cmcv=&pix=undefined&cb=1679322213889&uv=3262&tms=1679322213889&abt=dfrc_vA!nonrv_vA!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=f6b1af92-14ef-49b6-b592-7c8e73ec0ff0&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 69C682F86DB61C372FA226DBE5B04DC0
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7uckCFgN0a3WM_2wm1QR0a3WM_2wm1QUAAAAGBvQHJGabOBY252StGK1sbtFyYltLXMvJWrcxrnyblccwsxmGQGK2iWNhc07WitHK5hYtJ7a1xLWcrHUb48q3WXkMM5thCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bQtB0Onyue73YaXvZhX7T3eX7vN124fP6lyw2q-FiDgAAAAAP_____xAAAAAAEQAAAAASAAAAABQBFf8WAhcAAAAAGP____8aAOIcB-jweO0u5z8AAAAAQAAAAABIABCcB0sAYgRrT_7_________YwboM29k_v___28MegAefAAehAAAAC6G9tnLAJb330SICnCLGAEAAABkKxKrHU3qhMqi6v__v98K4AoAIMDw_yyNP0t3UOItDAAAIGBsgR4Wv9_ssGv8bpf9_________5v9n_2jCTn1xKX11gk_qv0CAgCs_QICALCpGwDAmwBc0BG0YjBYXUDMDgAAAODu____Xw-kPCubc7NwuZYzx2RiWWxcLuNgYxitPK7JZDCYeO98jyaqI6D8tS9EWGa_76CgnJ4es8sgKrreFrvDafYcxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BmKxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIgyZnIPJZrhaqwabjVs0HBnXytVq4RZ5JgvbaOVyLBejtej1MV0ci5ljZdqiYIDIXiRPi3Qimy1HnpVltlhubK7FZLMxTlyrlWuwsZhGm83GMhFLNCeLdCK77Fuelc25Wbhcy5ljMrEsNi6XcbAxjFYe12QyGEz8JZNzMNkMV2vVYLNxi4Yj41q5Wi3cIs9kYRutXI7lYrQWvT6mi2Mxc6xM-8Zst9xMJpPFZN-Y7ZabyWSymOw7dIbv6nM2mofXxsfljOo22-3NYVC4DBbvVGrajTvHgvM3LDpVpteyoDP6_X6_3-_3-_1-v0HrOZgNCt82esv2rkFz6To2F8QGgyKWCC7SifBhdj3sDtdb6DfdXb7PRSxRmi7SiV6y2KyGi4lYIjhdpBPRy3i6qP_4IIvdXLEZzhXL2VwxmK0SAAAAAAAAAMAS5sybAAAAAJwGtdstVqt1HsxkNNpNVssFuHhQ0v3pXlzfRYeE211zU7lhxnL4L278GAIfZtfD7nC9hX7T3eX7XBngwkGfefNnglir1bIGAAAQwAYAAAjg1s17ADlciv____-PAwAAkJGjBwAAoN8HqlIJP3Kl2OMnyN1kOQ!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 14AC3B26512DB5E13E8D405886FAF101
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/n7KdSiWJFgbDLHajlxoGzrM9J1DJZleIE0kt7I04uFE.js
Frame ID: 08BAFE1A63B19056D1E10AE3F640284C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 8497EFAB3A6658259CDE0F0365E4EF1A
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.563.0_en.html
Frame ID: DD44CAA75ACD962DF6DFE669BB4B5D6E
Requests: 5 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7uckCFgN0a3WM_2wm1QR0a3WM_2wm1QUAAAAGBvQHJGabOBY252StGK1sbtFyYltLXMvJWrcxrnyblccwsxmGQGK2iWNhc07WitHK5hYtJ7a1xLWcrHUb48q3WXkMM5thCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bQtB0Onyue73YaXvZhX7T3eX7vN124fP6lyw2q-FiDgAAAAAP_____xAAAAAAEQAAAAASAAAAABQBFf8WAhcAAAAAGP____8aAOIcB-jweO0u5z8AAAAAQAAAAABIABCcB0sAYgRrT_7_________YwboM29k_v___28MegAefAAehAAAAC6G9tnLAJb330SICnCLGAEAAABkKxKrHU3qhMqi6v__v98K4AoAIMDw_yyNP0t3UOItDAAAIGBsgR4Wv9_ssGv8bpf9_________5v9n_2jCTn1xKX11gk_qv0CAgCs_QICALCpGwDAmwBc0BG0YjBYXUDMDgAAAODu____Xw-kPCubc7NwuZYzx2RiWWxcLuNgYxitPK7JZDCYeO98jyaqI6D8tS9EWGa_76CgnJ4es8sgKrreFrvDafYcxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BmKxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIgyZnIPJZrhaqwabjVs0HBnXytVq4RZ5JgvbaOVyLBejtej1MV0ci5ljZdqiYIDIXiRPi3Qimy1HnpVltlhubK7FZLMxTlyrlWuwsZhGm83GMhFLNCeLdCK77Fuelc25Wbhcy5ljMrEsNi6XcbAxjFYe12QyGEz8JZNzMNkMV2vVYLNxi4Yj41q5Wi3cIs9kYRutXI7lYrQWvT6mi2Mxc6xM-8Zst9xMJpPFZN-Y7ZabyWSymOw7dIbv6nM2mofXxsfljOo22-3NYVC4DBbvVGrajTvHgvM3LDpVpteyoDP6_X6_3-_3-_1-v0HrOZgNCt82esv2rkFz6To2F8QGgyKWCC7SifBhdj3sDtdb6DfdXb7PRSxRmi7SiV6y2KyGi4lYIjhdpBPRy3i6qP_4IIvdXLEZzhXL2VwxmK0SAAAAAAAAAMAS5sybAAAAAJwGtdstVqt1HsxkNNpNVssFuHhQ0v3pXlzfRYeE211zU7lhxnL4L278GAIfZtfD7nC9hX7T3eX7XBngwkGfefNnglir1bIGAAAQwAYAAAjg1s17ADlciv____-PAwAAkJGjBwAAoN8HqlIJP3Kl2OMnyN1kOQ!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 637F454AAF603F2358504A7A307B75B9
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: A927D54F2673AD784206FED1B03177BB
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.563.0_en.html
Frame ID: 086D8733486A36368C28CAD31B41D752
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Man Utd star Alejandro Garnacho hastily deletes vape from picture during Fulham clashGroup 3Group 3Group 3Group 3

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

274
Requests

98 %
HTTPS

64 %
IPv6

28
Domains

55
Subdomains

43
IPs

6
Countries

6624 kB
Transfer

14575 kB
Size

18
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: https://vidverto.io/

Search URL Search Domain Scan URL

URL: https://www.volvocars.com/uk/car-finance/subscription/?utm_source=taboola&utm_medium=native&utm_campaign=taboola_uk_cbv_ao_prospecting_native_open&utm_content=cbv_uk_d2c_ao_my24-sub_ex90_bev_mar2023&tblci=GiCyKUpkCawSPwMB7SDefhIphou0Xajyq5v4bvUdy2uFcSDo608o6v_p6Oah0diTAQ#tblciGiCyKUpkCawSPwMB7SDefhIphou0Xajyq5v4bvUdy2uFcSDo608o6v_p6Oah0diTAQ
Title: Care by Volvo

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=xaluanau-hotnews&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Thumbnails%20|%20Card%201:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://2sdt3kdic3.execute-api.eu-central-1.amazonaws.com/default/clickserver?net=taboola&pub=xaluanau-hotnews&adtitle=Senior+Apartments+Coming+to+Blairgowrie&clickID=GiCyKUpkCawSPwMB7SDefhIphou0Xajyq5v4bvUdy2uFcSD-yVkozabzzOLCweYr&campaignID=19310179&pubID=1511242&adID=3435607570&ts=2023-03-20+14%3A23%3A33&cpc=UCgXfHddVTdlUh63l000hmP5BmhsmKnzGTwl9UeyWBo=#tblciGiCyKUpkCawSPwMB7SDefhIphou0Xajyq5v4bvUdy2uFcSD-yVkozabzzOLCweYr
Title: Senior Living | Search Ads

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=xaluanau-hotnews&utm_medium=referral&utm_content=thumbs-feed-01-a-delta:Below%20Article%20Thumbnails%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/xaluanau-hotnews/log/3/click?pi=%2F213581&ri=f5dd5c5155787e9e2e6de5792f2bb322&sd=v2_e3ef93ae59f12b21cee80c04ec52200b_dd902385-503c-48d8-955a-d32a64ee1914-tuctb11f1e4_1679322212_1679322212_CNawjgYQyp5cGK3TnfvvMCABKAEwTTin8g1Aso0QSJik2ANQ____________AVgAYABo6t-6o5P9iuX9AXAA&ui=dd902385-503c-48d8-955a-d32a64ee1914-tuctb11f1e4&it=text&ii=~~V1~~3461219626876532047~~OS0zkiBXqSirwwAXSLoYYkEezAzRntgmywtWv9rqDUH6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQQas41f4COFvufOf52grWNe487k0pvO_9ezrwRupEiSMB7CKWDYR-vkpxcdUUzOgEqMBBvkdfag99mRDkZdH7GWyqPyYAJiLv4Bwf13D6xIlIjUl4ziqjQC_tjz2Wqf6MLHjyq9rdl2zzuvv8dzckDeF_Cx8vhyFnWnNa1HWPsjTLdaHSZjOo8q_9sDiImxq-7VkODyVu589y2027397e1_ohrRRL2n_Mr0aylFgMUlw&pt=text&li=rbox-t2v&sig=8ce8b1cda329a6da9d2d1075d0f09ae6fa0464d08948&redir=https%3A%2F%2F2sdt3kdic3.execute-api.eu-central-1.amazonaws.com%2Fdefault%2Fclickserver%3Fnet%3Dtaboola%26pub%3Dxaluanau-hotnews%26adtitle%3DSenior%2BApartments%2BComing%2Bto%2BBlairgowrie%26clickID%3DGiCyKUpkCawSPwMB7SDefhIphou0Xajyq5v4bvUdy2uFcSD-yVkozabzzOLCweYr%26campaignID%3D19310179%26pubID%3D1511242%26adID%3D3435607570%26ts%3D2023-03-20%2B14%253A23%253A33%26cpc%3DUCgXfHddVTdlUh63l000hmP5BmhsmKnzGTwl9UeyWBo%3D%23tblciGiCyKUpkCawSPwMB7SDefhIphou0Xajyq5v4bvUdy2uFcSD-yVkozabzzOLCweYr&vi=1679322212781&p=avnitbelkindltd-seniorliving1-sc&r=84&lti=deflated&ppb=COcE&cpb=EhIyMDIzMDMyMC03LVJFTEVBU0UYASCc__________8BKhlhbS50YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmM0MDE5NDiAiKvMDUCn8g1Iso0QUJik2ANY____________AWMI0DcQikoYMGRjCIo5EIFMGDJkYwjXFhDVHxgjZGMI0zMQ0EQYNmRjCNIDEOAGGAhkYwiWFBCdHBgYZGMI6ioQnTkYCWRjCPY6EJZOGDlkYwjePhD9UhgdZGMIpCcQgzUYL2RjCOH__________wEQ4f__________ARgfZHgBgAECiAH1_KPoAZABHJgB1dOd--8w&cta=true
Title: Search Now

Search URL Search Domain Scan URL

URL: https://www.volvocars.com/uk/car-finance/subscription/?utm_source=taboola&utm_medium=native&utm_campaign=taboola_uk_cbv_ao_prospecting_native_open&utm_content=cbv_uk_d2c_ao_sub-my24_xc60_phev_dec2022&tblci=GiCyKUpkCawSPwMB7SDefhIphou0Xajyq5v4bvUdy2uFcSDo608onb7yu4uyz9xs#tblciGiCyKUpkCawSPwMB7SDefhIphou0Xajyq5v4bvUdy2uFcSDo608onb7yu4uyz9xs
Title: Care by Volvo

Search URL Search Domain Scan URL

URL: https://cabinet.esmeralda-psychic.com/offer42/a?utm_source=Taboola&utm_medium=cpc&utm_campaign=Esmeralda-UKEN-TA-XX-XX-PC-Discovery-BL-Discovery+14%2F03%2F2023&utm_content=3672682762&campaignid=23976746&placement=xaluanau-hotnews&placementid=1511242&dv=Desktop&lc=XX&cc=XX&ar=XXXX&gd=X&ta_click_id=GiCyKUpkCawSPwMB7SDefhIphou0Xajyq5v4bvUdy2uFcSDLokkoueXAhNbsmPEv&ta_thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fba59f4920f00135756565cf864e7ebe4.jpg&ta_title=Horoscope%3A+So+Accurate+That+It+Will+Give+You+Goosebumps%21&ta_ad=3672682762#tblciGiCyKUpkCawSPwMB7SDefhIphou0Xajyq5v4bvUdy2uFcSDLokkoueXAhNbsmPEv
Title: Psychic Esmeralda

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/xaluanau-hotnews/log/3/click?pi=%2F213581&ri=d351dc589d23a2b414e277ab97381787&sd=v2_e3ef93ae59f12b21cee80c04ec52200b_dd902385-503c-48d8-955a-d32a64ee1914-tuctb11f1e4_1679322212_1679322212_CNawjgYQyp5cGK3TnfvvMCABKAEwTTin8g1Aso0QSJik2ANQ____________AVgAYABo6t-6o5P9iuX9AXAA&ui=dd902385-503c-48d8-955a-d32a64ee1914-tuctb11f1e4&it=text&ii=~~V1~~8650978622057141656~~I1erie2OoaRLxdyvbnSdGPO7eoQQGJI2G9ll6z77VoP6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQ1qPnz8TIp56FGMwGW1REdMR_Dxo0Ohv2jfT0MsmUNRz9un8HUUzTzP2yB4DQSXau9KdR8VNtM552-tvRTMJtPE6azPABNYXRtDOuhwI_PQb9NphKCUNRAUEuLf4MSKW5cRLssctxrzV-Ng9DrYreChkUYOwjBUecrbAVOzO2St6eJY_BaQArL3Z7LcKAMfSYdzcz3D_IbgJYm8c7Bb7DPSSSny_xmUoOdWSNYxewcHs&pt=text&li=rbox-t2v&sig=86b6fd61d1e9dfc43205856a2c65113791f93f402a4b&redir=https%3A%2F%2Fcabinet.esmeralda-psychic.com%2Foffer42%2Fa%3Futm_source%3DTaboola%26utm_medium%3Dcpc%26utm_campaign%3DEsmeralda-UKEN-TA-XX-XX-PC-Discovery-BL-Discovery%2B14%252F03%252F2023%26utm_content%3D3672682762%26campaignid%3D23976746%26placement%3Dxaluanau-hotnews%26placementid%3D1511242%26dv%3DDesktop%26lc%3DXX%26cc%3DXX%26ar%3DXXXX%26gd%3DX%26ta_click_id%3DGiCyKUpkCawSPwMB7SDefhIphou0Xajyq5v4bvUdy2uFcSDLokkoueXAhNbsmPEv%26ta_thumbnail%3Dhttp%253A%252F%252Fcdn.taboola.com%252Flibtrc%252Fstatic%252Fthumbnails%252Fba59f4920f00135756565cf864e7ebe4.jpg%26ta_title%3DHoroscope%253A%2BSo%2BAccurate%2BThat%2BIt%2BWill%2BGive%2BYou%2BGoosebumps%2521%26ta_ad%3D3672682762%23tblciGiCyKUpkCawSPwMB7SDefhIphou0Xajyq5v4bvUdy2uFcSDLokkoueXAhNbsmPEv&vi=1679322212781&p=nlwesmeralda-sc&r=49&lti=deflated&ppb=CMgD&cpb=EhIyMDIzMDMyMC03LVJFTEVBU0UYASCc__________8BKhlhbS50YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmM0MDE5NDiAiKvMDUCn8g1Iso0QUJik2ANY____________AWMI0DcQikoYMGRjCIo5EIFMGDJkYwjXFhDVHxgjZGMI0zMQ0EQYNmRjCNIDEOAGGAhkYwiWFBCdHBgYZGMI6ioQnTkYCWRjCPY6EJZOGDlkYwjePhD9UhgdZGMIpCcQgzUYL2RjCOH__________wEQ4f__________ARgfZHgBgAECiAH1_KPoAZABHJgB1dOd--8w&cta=true
Title: Read More

Search URL Search Domain Scan URL

URL: https://gosearches.net/index.php?rgid=415424&gclid=GiCyKUpkCawSPwMB7SDefhIphou0Xajyq5v4bvUdy2uFcSCjoVIo8tGovdOa1L7dAQ#tblciGiCyKUpkCawSPwMB7SDefhIphou0Xajyq5v4bvUdy2uFcSCjoVIo8tGovdOa1L7dAQ
Title: Cruises | Search Ads

Search URL Search Domain Scan URL

URL: https://newnutritionsecrets.com/worst-year-pp/?utm_source=aloobat&utm_medium=referral&c=22944063&p=1511242&a=3662426795&cc9=6BEqle4idQg-MB5fG482aXFumV6lzuvnJ9QKhxc96EY=&tabclick-cp=GiCyKUpkCawSPwMB7SDefhIphou0Xajyq5v4bvUdy2uFcSD5x1wov7DT9ZnEgaor&tblci=GiCyKUpkCawSPwMB7SDefhIphou0Xajyq5v4bvUdy2uFcSD5x1wov7DT9ZnEgaor#tblciGiCyKUpkCawSPwMB7SDefhIphou0Xajyq5v4bvUdy2uFcSD5x1wov7DT9ZnEgaor
Title: Nutritional Sciences Ltd

Search URL Search Domain Scan URL

URL: https://go.hotnewsmm.xyz/152886

Search URL Search Domain Scan URL

URL: https://www.volvocars.com/uk/car-finance/subscription/?utm_source=taboola&utm_medium=native&utm_campaign=taboola_uk_cbv_ao_prospecting_native_open&utm_content=cbv_uk_d2c_ao_my24-sub_ex90_bev_mar2023&tblci=GiCyKUpkCawSPwMB7SDefhIphou0Xajyq5v4bvUdy2uFcSDo608o14S-0dbw5OnhAQ#tblciGiCyKUpkCawSPwMB7SDefhIphou0Xajyq5v4bvUdy2uFcSDo608o14S-0dbw5OnhAQ
Title: Care by Volvo

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=xaluanau-hotnews&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%203:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://cabinet.esmeralda-psychic.com/offer42/a?utm_source=Taboola&utm_medium=cpc&utm_campaign=Esmeralda-UKEN-TA-XX-XX-PC-Discovery-BL-Discovery+14%2F03%2F2023&utm_content=3672682762&campaignid=23976746&placement=xaluanau-hotnews&placementid=1511242&dv=Desktop&lc=XX&cc=XX&ar=XXXX&gd=X&ta_click_id=GiCyKUpkCawSPwMB7SDefhIphou0Xajyq5v4bvUdy2uFcSDLokkolI-XnbSf89gg&ta_thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fba59f4920f00135756565cf864e7ebe4.jpg&ta_title=Horoscope%3A+So+Accurate+That+It+Will+Give+You+Goosebumps%21&ta_ad=3672682762#tblciGiCyKUpkCawSPwMB7SDefhIphou0Xajyq5v4bvUdy2uFcSDLokkolI-XnbSf89gg
Title: Psychic Esmeralda

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/xaluanau-hotnews/log/3/click?pi=%2F213581&ri=524c69aff30b97110fd9beab8a9e7746&sd=v2_e3ef93ae59f12b21cee80c04ec52200b_dd902385-503c-48d8-955a-d32a64ee1914-tuctb11f1e4_1679322212_1679322212_CNawjgYQyp5cGK3TnfvvMCABKAEwTTin8g1Aso0QSJik2ANQ____________AVgAYABo6t-6o5P9iuX9AXAA&ui=dd902385-503c-48d8-955a-d32a64ee1914-tuctb11f1e4&it=text&ii=~~V1~~8650978622057141656~~IFoSHFnk_vgg5778P8-r4PO7eoQQGJI2G9ll6z77VoP6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQ1qPnz8TIp56FGMwGW1REdMR_Dxo0Ohv2jfT0MsmUNRz9un8HUUzTzP2yB4DQSXau9KdR8VNtM552-tvRTMJtPE6azPABNYXRtDOuhwI_PQbajIrF31ve9kp6k1lqQHLmtCLvDwR3NFIfQtDDMHmxexkUYOwjBUecrbAVOzO2St6eJY_BaQArL3Z7LcKAMfSYdzcz3D_IbgJYm8c7Bb7DPSSSny_xmUoOdWSNYxewcHs&pt=text&li=rbox-t2v&sig=a2d2476ca4bcecb2eed4c34686f13fbcd3c80ad71fde&redir=https%3A%2F%2Fcabinet.esmeralda-psychic.com%2Foffer42%2Fa%3Futm_source%3DTaboola%26utm_medium%3Dcpc%26utm_campaign%3DEsmeralda-UKEN-TA-XX-XX-PC-Discovery-BL-Discovery%2B14%252F03%252F2023%26utm_content%3D3672682762%26campaignid%3D23976746%26placement%3Dxaluanau-hotnews%26placementid%3D1511242%26dv%3DDesktop%26lc%3DXX%26cc%3DXX%26ar%3DXXXX%26gd%3DX%26ta_click_id%3DGiCyKUpkCawSPwMB7SDefhIphou0Xajyq5v4bvUdy2uFcSDLokkolI-XnbSf89gg%26ta_thumbnail%3Dhttp%253A%252F%252Fcdn.taboola.com%252Flibtrc%252Fstatic%252Fthumbnails%252Fba59f4920f00135756565cf864e7ebe4.jpg%26ta_title%3DHoroscope%253A%2BSo%2BAccurate%2BThat%2BIt%2BWill%2BGive%2BYou%2BGoosebumps%2521%26ta_ad%3D3672682762%23tblciGiCyKUpkCawSPwMB7SDefhIphou0Xajyq5v4bvUdy2uFcSDLokkolI-XnbSf89gg&vi=1679322212781&p=nlwesmeralda-sc&r=88&lti=deflated&ppb=COgC&cpb=EhIyMDIzMDMyMC03LVJFTEVBU0UYASCc__________8BKhlhbS50YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmM0MDE5NDiAiKvMDUCn8g1Iso0QUJik2ANY____________AWMI0DcQikoYMGRjCIo5EIFMGDJkYwjXFhDVHxgjZGMI0zMQ0EQYNmRjCNIDEOAGGAhkYwiWFBCdHBgYZGMI6ioQnTkYCWRjCPY6EJZOGDlkYwjePhD9UhgdZGMIpCcQgzUYL2RjCOH__________wEQ4f__________ARgfZHgBgAECiAH1_KPoAZABHJgB1dOd--8w&cta=true
Title: Read More

Search URL Search Domain Scan URL

URL: https://sports.hotnewsmm.xyz/coach-ten-hag-accused-ronaldo-of-slandering-behind-his-back-to-leave-man-utd

Search URL Search Domain Scan URL

URL: https://2sdt3kdic3.execute-api.eu-central-1.amazonaws.com/default/clickserver?net=taboola&pub=xaluanau-hotnews&adtitle=Senior+Apartments+Coming+to+Blairgowrie&clickID=GiCyKUpkCawSPwMB7SDefhIphou0Xajyq5v4bvUdy2uFcSD-yVkoz5jhy-f7tNsF&campaignID=19310179&pubID=1511242&adID=3435607570&ts=2023-03-20+14%3A23%3A33&cpc=feH0bG4CAz6JlDjsZtM04ZGmTXTawKxy2o-t2hBZFaE=#tblciGiCyKUpkCawSPwMB7SDefhIphou0Xajyq5v4bvUdy2uFcSD-yVkoz5jhy-f7tNsF
Title: Senior Living | Search Ads

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=xaluanau-hotnews&utm_medium=referral&utm_content=thumbs-feed-01-y-em-delta:Explore%20More%20|%20Card%205:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/xaluanau-hotnews/log/3/click?pi=%2F213581&ri=05042df1e8700037f8b91a9747d7874c&sd=v2_e3ef93ae59f12b21cee80c04ec52200b_dd902385-503c-48d8-955a-d32a64ee1914-tuctb11f1e4_1679322212_1679322212_CNawjgYQyp5cGK3TnfvvMCABKAEwTTin8g1Aso0QSJik2ANQ____________AVgAYABo6t-6o5P9iuX9AXAA&ui=dd902385-503c-48d8-955a-d32a64ee1914-tuctb11f1e4&it=text&ii=~~V1~~3461219626876532047~~N2Rpd4QpqfDDG9N7lgk5akEezAzRntgmywtWv9rqDUH6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQQas41f4COFvufOf52grWNe487k0pvO_9ezrwRupEiSMB7CKWDYR-vkpxcdUUzOgEqMBBvkdfag99mRDkZdH7GWyqPyYAJiLv4Bwf13D6xIn9EwKzmnt7wbyn_hKAufmqLHjyq9rdl2zzuvv8dzckDeF_Cx8vhyFnWnNa1HWPsjTLdaHSZjOo8q_9sDiImxq-7VkODyVu589y2027397e1_ohrRRL2n_Mr0aylFgMUlw&pt=text&li=rbox-t2v&sig=f09290869baae60f41950205aa90e813260ba49aefa8&redir=https%3A%2F%2F2sdt3kdic3.execute-api.eu-central-1.amazonaws.com%2Fdefault%2Fclickserver%3Fnet%3Dtaboola%26pub%3Dxaluanau-hotnews%26adtitle%3DSenior%2BApartments%2BComing%2Bto%2BBlairgowrie%26clickID%3DGiCyKUpkCawSPwMB7SDefhIphou0Xajyq5v4bvUdy2uFcSD-yVkoz5jhy-f7tNsF%26campaignID%3D19310179%26pubID%3D1511242%26adID%3D3435607570%26ts%3D2023-03-20%2B14%253A23%253A33%26cpc%3DfeH0bG4CAz6JlDjsZtM04ZGmTXTawKxy2o-t2hBZFaE%3D%23tblciGiCyKUpkCawSPwMB7SDefhIphou0Xajyq5v4bvUdy2uFcSD-yVkoz5jhy-f7tNsF&vi=1679322212781&p=avnitbelkindltd-seniorliving1-sc&r=77&lti=deflated&ppb=CLsC&cpb=EhIyMDIzMDMyMC03LVJFTEVBU0UYASCc__________8BKhlhbS50YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmM0MDE5NDiAiKvMDUCn8g1Iso0QUJik2ANY____________AWMI0DcQikoYMGRjCIo5EIFMGDJkYwjXFhDVHxgjZGMI0zMQ0EQYNmRjCNIDEOAGGAhkYwiWFBCdHBgYZGMI6ioQnTkYCWRjCPY6EJZOGDlkYwjePhD9UhgdZGMIpCcQgzUYL2RjCOH__________wEQ4f__________ARgfZHgBgAECiAH1_KPoAZABHJgB1dOd--8w&cta=true
Title: Search Now

Search URL Search Domain Scan URL

URL: https://www.volvocars.com/uk/car-finance/subscription/?utm_source=taboola&utm_medium=native&utm_campaign=taboola_uk_cbv_ao_prospecting_native_open&utm_content=cbv_uk_d2c_ao_sub-my24_xc60_phev_dec2022&tblci=GiCyKUpkCawSPwMB7SDefhIphou0Xajyq5v4bvUdy2uFcSDo608oqcLH5sz50dd8#tblciGiCyKUpkCawSPwMB7SDefhIphou0Xajyq5v4bvUdy2uFcSDo608oqcLH5sz50dd8
Title: Care by Volvo

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1679322212326&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&c8=Man%20Utd%20star%20Alejandro%20Garnacho%20hastily%20deletes%20vape%20from%20picture%20during%20Fulham%20clash&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1679322212326&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&c8=Man%20Utd%20star%20Alejandro%20Garnacho%20hastily%20deletes%20vape%20from%20picture%20during%20Fulham%20clash&c9=

Request Chain 133

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 201

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 226

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 230

https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo HTTP 302
https://sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/?gdpr=1&us_privacy=1---&taboola_hm=0d3a588aef7a462f9ae57dbaa5d303bd&orig=video

Request Chain 235

https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo HTTP 302
https://sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/?gdpr=1&us_privacy=1---&taboola_hm=9a88386a803946e1b24b88dffdbdcdbf&orig=video

Request Chain 270

https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo HTTP 302
https://sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/?gdpr=1&us_privacy=1---&taboola_hm=0d3a588aef7a462f9ae57dbaa5d303bd&orig=video

274 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 213581 Show response
live.hotnewsmm.xyz/ 147 KB
45 KB 857ms
767ms Document
text/html 2606:4700:e4::ac40:aa26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e4::ac40:aa26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / DLEMP

Resource Hash

18a037a68910e62b5dbe331182e2c6b88b3d0ca8cf8074b1a93a7460cae479f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7aae9d08a9ab06b2-LHR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 20 Mar 2023 14:23:31 GMT
link: <https://live.hotnewsmm.xyz/wp-json/>; rel="https://api.w.org/", <https://live.hotnewsmm.xyz/wp-json/wp/v2/posts/213581>; rel="alternate"; type="application/json", <https://live.hotnewsmm.xyz/?p=213581>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v0M5pxqdmmgX0yM6GQt%2BtApW9nbUu3vpT67MRZQuSLIxJLTur3l1TtQcdVDUlXucQjzy6dnhdwinH2m6QqHy1Mp08pO9gTsAXlh2IJzPA5yoNO7E%2Fbj6ku2XI0jM7It7fEzwv64T4S9LPdY64w6fJ14%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding Accept-Encoding, Cookie
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: DLEMP
x-xss-protection: 1; mode=block

GET
H2 200 style.min.css
live.hotnewsmm.xyz/wp-includes/css/dist/block-library/ 93 KB
13 KB 45ms
43ms Stylesheet
text/css 2606:4700:e4::ac40:aa26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.hotnewsmm.xyz/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:aa26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2441135
x-powered-by: DLEMP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 06 Dec 2022 09:35:00 GMT
server: cloudflare
etag: W/"638f0cc4-172a9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pcFztSKcufIAr%2BNaCTMuwFM5gf%2BObhy%2FfKs7yz3gxMVYgOeFqXfTMJW0pTBbkClyyukkq%2FL6Zm3ATYVaUIztKIw6UShfKPICqlAzmCmTXBH%2Bi4TT2AlxN9B0fRAsVePvDkpFtdnxuKiNFYWd9aR9V9Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7aae9d0d7e0a06b2-LHR
expires: Wed, 22 Mar 2023 08:17:55 GMT

GET
H2 200 classic-themes.min.css
live.hotnewsmm.xyz/wp-includes/css/ 217 B
478 B 44ms
42ms Stylesheet
text/css 2606:4700:e4::ac40:aa26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.hotnewsmm.xyz/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:aa26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1815975
x-powered-by: DLEMP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 06 Dec 2022 09:35:00 GMT
server: cloudflare
etag: W/"638f0cc4-d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d1crxDrJdcza9gePS2mFA8r08VX6m54ozIkmiORByKusiIm8ASIF5ulnLKzxbUcWPEGVnS6AGTOiRBe%2BJa1q7n37VSpOyDtLLYIu6%2B1%2FEFQvP66bEWR1xAaet1Y3M4A6qMtLjMSoKz8Q2za74jBR79U%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7aae9d0d7e0b06b2-LHR
expires: Wed, 29 Mar 2023 13:57:15 GMT

GET
H2 200 font-awesome.css
live.hotnewsmm.xyz/wp-content/themes/blogmn/assets/css/ 35 KB
7 KB 41ms
40ms Stylesheet
text/css 2606:4700:e4::ac40:aa26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.hotnewsmm.xyz/wp-content/themes/blogmn/assets/css/font-awesome.css?ver=6.1.1
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:aa26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: e2a387f6a7cdac265c90c59daa4f30eeb1d183b8bcce4858384ab51d33c94533

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1815975
x-powered-by: DLEMP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 16 Sep 2022 06:18:54 GMT
server: cloudflare
etag: W/"6324154e-8d64"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bjf0WRh1h7RY9gm4YHMH2ajRvAzZG4Vx4I2SOouC01nJSsKd30DWR1NlqkMIdQ%2BEy8EJMuHuWjVy0GbcbJ2ttfC521rXuea4F%2FPVuMWxz%2BTxMuP5kod2VGA8DHnvn%2FL6XfRhK7U2BNcnWe8ZTULqCj0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7aae9d0d7e0c06b2-LHR
expires: Wed, 29 Mar 2023 13:57:15 GMT

GET
H2 200 genericons.css
live.hotnewsmm.xyz/wp-content/themes/blogmn/genericons/ 154 B
524 B 39ms
37ms Stylesheet
text/css 2606:4700:e4::ac40:aa26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.hotnewsmm.xyz/wp-content/themes/blogmn/genericons/genericons.css?ver=6.1.1
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:aa26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 7e3559d6ffac7fc54d6edaa79b6e7330fab33fbdffc174a27c58b25e5b3952d2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1433588
x-powered-by: DLEMP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 16 Sep 2022 06:18:54 GMT
server: cloudflare
etag: W/"6324154e-9a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ouxEOjLm6Wr%2BznjuN%2BieN5m2zQH2RvSWUMkEoVBTYd3nj9TQL2UutQS5Co94tVL9L0Qk3UE14E68NSM188K696QZZtfQBh2H9BUSyTr5MHIZhzq8xVwHp7Tz%2FY%2BfLfKF2yxRxtlKibfn8rIEwe1WyYo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7aae9d0d7e0d06b2-LHR
expires: Mon, 03 Apr 2023 00:10:23 GMT

GET
H2 200 style.css
live.hotnewsmm.xyz/wp-content/themes/blogmn/ 72 KB
15 KB 74ms
72ms Stylesheet
text/css 2606:4700:e4::ac40:aa26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.hotnewsmm.xyz/wp-content/themes/blogmn/style.css?ver=20220617
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:aa26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: d5d449964b98c3b2bb88a3531d59db3f9644c7ab1a1175349f50e6c8fbd9397d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2441136
x-powered-by: DLEMP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 02 Jan 2023 23:57:26 GMT
server: cloudflare
etag: W/"63b36f66-11f2d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2FiGgrJm%2BvN4BwX0zZP0x7jwE8bhoRKno5TfWpQR0hAUwx8MAzF4xFXY8pa9Pl6856gVuvaa3eLvtLrGv4G3nhyuEyrLySVd6585w%2F1qCpK0AEvMZfeuRYoL6jMX5TQiReQWN3j18HhNJFhqqy5VJ4Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7aae9d0d7e0e06b2-LHR
expires: Wed, 22 Mar 2023 08:17:55 GMT

GET
H2 200 responsive.css
live.hotnewsmm.xyz/wp-content/themes/blogmn/ 9 KB
2 KB 46ms
45ms Stylesheet
text/css 2606:4700:e4::ac40:aa26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.hotnewsmm.xyz/wp-content/themes/blogmn/responsive.css?ver=20220617
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:aa26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: b81e011e0e5932a62615b2b8140ffbba3c90c0200b4b89f4a7a5792aad991c20

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1052785
x-powered-by: DLEMP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 16 Sep 2022 06:18:54 GMT
server: cloudflare
etag: W/"6324154e-24c7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W0bq5kcwD2vKAZ6l6CMyZGBEO1IxxmGyPdMDgL7ejtdo8GACOFImf8bGssgtMVHvDXN3ZGomZ3ImI3li7zih9Fjl3jljaw2g62jdUIArfR7kOaovhfuFVjgSR048SOgTQrvPF4FkXNpkqVUtGS%2FcVOE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7aae9d0d7e0f06b2-LHR
expires: Fri, 07 Apr 2023 09:57:06 GMT

GET
H2 200 jquery.min.js Show response
live.hotnewsmm.xyz/wp-includes/js/jquery/ 88 KB
32 KB 47ms
46ms Script
application/javascript 2606:4700:e4::ac40:aa26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.hotnewsmm.xyz/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:aa26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1433587
x-powered-by: DLEMP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 06 Dec 2022 09:35:00 GMT
server: cloudflare
etag: W/"638f0cc4-15e54"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BaFSjvaFsRcIfJAnhMg81gSXTzyyARaHbiRYN08w7uOMlEhGCbqUuxkNh1P%2FxibGcymqZQbGKWfQndYdn8scw%2FJMVegHcfuj7u0mUftIq3ao0c%2BryG88tl8Xa7vPNy90oN2Yu4eKQ5l1MsjSBhVBhYU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7aae9d0d7e1006b2-LHR
expires: Mon, 03 Apr 2023 00:10:23 GMT

GET
H2 200 jquery-migrate.min.js Show response
live.hotnewsmm.xyz/wp-includes/js/jquery/ 11 KB
5 KB 39ms
38ms Script
application/javascript 2606:4700:e4::ac40:aa26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.hotnewsmm.xyz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:aa26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1433587
x-powered-by: DLEMP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 18 Nov 2020 16:06:06 GMT
server: cloudflare
etag: W/"5fb5466e-2bd8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UmCmdnLZMadIo2TD9Uvd0wQaIAtgJG4K4rBDll0xEgDyBoHxYZ%2BhW9CkgmBJbM4lmgy2Kk7ciDgCCEjBmnrdONNqLXADVCGbc9DSCrEQr1LLqa10Hu4u7M2guoY4G6dwvaQi5w%2F%2BKfgzjDszyPGXRps%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7aae9d0d7e1106b2-LHR
expires: Mon, 03 Apr 2023 00:10:23 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 141 KB
48 KB 186ms
91ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3073985723087695

Requested by

Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17b61fc9d02b3bc06af65d0af208ae3a6cd190b31fd914122c8a209ad3c5ab3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://live.hotnewsmm.xyz/
Origin: https://live.hotnewsmm.xyz
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48467
x-xss-protection: 0
server: cafe
etag: 12843135514008836693
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 14:23:31 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 115 KB
45 KB 227ms
135ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-203682812-1

Requested by

Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6f810de46471d174c95cb4b8f8ed92a897e46e421c3b08b95a053257e5ab04db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 45710
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 20 Mar 2023 14:23:31 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 241 KB
82 KB 143ms
63ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-V8FD1SYQLQ

Requested by

Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3c471c0e628b3d4e812dd18a9b380ac8c79899dbf3b164e50e681095bda209fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83549
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 20 Mar 2023 14:23:31 GMT

GET
H3 200 wp-emoji-release.min.js Show response
live.hotnewsmm.xyz/wp-includes/js/ 18 KB
5 KB 64ms
64ms Script
application/javascript 2606:4700:e4::ac40:aa26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.hotnewsmm.xyz/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:aa26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1434095
x-powered-by: DLEMP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 12 Apr 2022 12:56:22 GMT
server: cloudflare
etag: W/"625576f6-48b9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XQhbYyU44vexgr8%2F5Cvm02sW8qA0o5lhojzuBM8%2FyWDMb7WTBH%2FFs%2Bnw1F4vgI32M7AtFLIZG3n3ctJiFvfoy%2FW7SR%2BkiyEMDiyDYkWjdt1r4fFVOm%2F1lm%2F6ukYb479FohF3Kv3y2a%2BwcVnzeqG%2FJqw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7aae9d0e188b773d-LHR
expires: Mon, 03 Apr 2023 00:01:56 GMT

GET
H2 200 genericons.css
live.hotnewsmm.xyz/wp-content/themes/blogmn/genericons/genericons/ 28 KB
16 KB 44ms
38ms Stylesheet
text/css 2606:4700:e4::ac40:aa26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.hotnewsmm.xyz/wp-content/themes/blogmn/genericons/genericons/genericons.css
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/wp-content/themes/blogmn/genericons/genericons.css?ver=6.1.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:aa26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/wp-content/themes/blogmn/genericons/genericons.css?ver=6.1.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1432930
x-powered-by: DLEMP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 16 Sep 2022 06:18:54 GMT
server: cloudflare
etag: W/"6324154e-6e6a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EOz17sayEQoPbF6DFwODs8q3o6m3EfCpD0mhLQhYsfnOdjTiIH9T%2Fs3eeLVqS7Bt8tnPI0raz%2BKxJ3DvSCi9tHVMLwAkK6ynl8fEQrhPuLsZkZri9LGNpw0aHVeoY26kADsYSivfAnbAaRW1TDhjOdo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7aae9d0dbe4c06b2-LHR
expires: Mon, 03 Apr 2023 00:21:21 GMT

GET
H3 200 cho-4.jpg
live.hotnewsmm.xyz/wp-content/uploads/2023/03/ 41 KB
42 KB 51ms
50ms Image
image/jpeg 2606:4700:e4::ac40:aa26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.hotnewsmm.xyz/wp-content/uploads/2023/03/cho-4.jpg
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:aa26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: fdfa58611e601da60b2897ad25cd381b93f18b9414d85913cf051fe176e8401f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 40081
x-powered-by: DLEMP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42110
last-modified: Mon, 20 Mar 2023 02:06:45 GMT
server: cloudflare
etag: "6417bfb5-a47e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j94nOw7hG1HdK%2BKtfy1RrGU%2BAPgpk9vSQjIK%2FWKHyDMeiLiVBZj5MhNQ5NNd17ns0QNx1JbUZyE%2FxKx4vGnekwxzNVK0POvpHSKxHxlrWFdOUMrjFF0hjyt4UirFT6%2FY3Q5cLjHYCI0XYAwufyJ8Vms%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7aae9d0e895c773d-LHR
expires: Wed, 19 Apr 2023 03:15:30 GMT

GET
H2 200 Man-Utd-star-Alejandro-Garnacho-4636458.jpg
cdn.images.express.co.uk/img/dynamic/67/590x/secondary/ 37 KB
37 KB 235ms
95ms Image
image/jpeg 2600:9000:2490:600:1d:b722:f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.images.express.co.uk/img/dynamic/67/590x/secondary/Man-Utd-star-Alejandro-Garnacho-4636458.jpg?r=1679251938438
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:600:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5044282488bb118b2f5a2b1d9c49b022e187390846387de4f5b6f71bb651017d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:31 GMT
via: 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 47
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 37494
last-modified: Sun, 19 Mar 2023 18:02:03 GMT
server: AmazonS3
etag: "c97c5fc4227804b44383dacf2a1e86a5"
vary: Accept-Encoding
access-control-allow-methods: HEAD, GET, POST
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public,max-age=300
accept-ranges: bytes
x-amz-cf-id: TRaQNjTlmcBecg_xijY5GRZPWx64KMA_6w6qhlIkZdGZNeFk6edABw==

GET
H2 200 invocation.js Show response
ad.vidverto.io/vidverto/js/aries/v1/ 25 KB
8 KB 133ms
36ms Script
application/javascript 190.2.153.150
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.153.150 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5ae2b18203325ac2876b69455e08e3eefa59a4dca46ee55b033f1fbd80b28b5b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:31 GMT
content-encoding: gzip
last-modified: Tue, 25 Oct 2022 10:57:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"6357c112-63df"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Mon, 20 Mar 2023 15:23:31 GMT

GET
H/1.1 200
OK granacho-16786612925892145300855.png
images2.thanhnien.vn/528068263637045248/2023/3/12/ 819 KB
820 KB 2492ms
375ms Image
image/png 103.90.222.26
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images2.thanhnien.vn/528068263637045248/2023/3/12/granacho-16786612925892145300855.png

Requested by

Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

103.90.222.26 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),

Reverse DNS

Software

VCCloud CDN / 248.6bad7431bebec8ad4ac33a9481085f93 /

Resource Hash

c9c5d16c69195dcdee08bb0968f08d1437a32f3d42209a3e3c28c252cc6f63e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Mon, 20 Mar 2023 14:23:33 GMT
X-Content-Type-Options: nosniff
Age: 658901
X-Cache: HIT from da09.vn12.swiftserve.com:443
XCache-Created-At: Monday, 13-Mar-2023 05:51:55 +07
Connection: keep-alive
Content-Length: 838520
X-XSS-Protection: 1; mode=block
X-Accel-Expires: 3600
Server: VCCloud CDN / 248.6bad7431bebec8ad4ac33a9481085f93
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Content-Type: image/png; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Accel-Expires: 3600
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With

GET
H2 200 Alejandro-Garnacho-vape-4636481.jpg
cdn.images.express.co.uk/img/dynamic/67/590x/secondary/ 36 KB
37 KB 191ms
52ms Image
image/jpeg 2600:9000:2490:600:1d:b722:f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.images.express.co.uk/img/dynamic/67/590x/secondary/Alejandro-Garnacho-vape-4636481.jpg?r=1679251938524
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:600:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b9e8722e8c411c31be6e69ba0c29d37521b9582eec6ab752c83a4a6660b7c577

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:22:18 GMT
via: 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 112
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 36988
last-modified: Sun, 19 Mar 2023 18:28:47 GMT
server: AmazonS3
etag: "b1de241e4a0123c34b355a41dd5fa453"
vary: Accept-Encoding
access-control-allow-methods: HEAD, GET, POST
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public,max-age=300
accept-ranges: bytes
x-amz-cf-id: euBEAMi5TgoqgcTm8eqxkjtIwTsu1-bnwK4NC98dW1GvaNStKb4luw==

GET
H2 200 ds.jpg
znews-photo.zingcdn.me/w660/Uploaded/mfnuy/2023_03_19/ 26 KB
0 2071ms
589ms Image
image/jpeg 103.39.92.67
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://znews-photo.zingcdn.me/w660/Uploaded/mfnuy/2023_03_19/ds.jpg
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.39.92.67 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Universe /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:33 GMT
last-modified: Mon, 20 Mar 2023 14:23:33 GMT
server: Universe
age: 91378
x-cache-status: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 172349
expires: Sun, 18 Jun 2023 14:23:33 GMT

GET
H2 200 4636464.jpg
cdn.images.express.co.uk/img/dynamic/67/1200x712/secondary/ 143 KB
143 KB 262ms
124ms Image
image/jpeg 2600:9000:2490:600:1d:b722:f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.images.express.co.uk/img/dynamic/67/1200x712/secondary/4636464.jpg?r=1679251938535
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:600:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 45e51aa0f856a074f6c4165df263cde72d31e0ba167b7a0f74bbfa00f2dab3f5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:31 GMT
via: 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 137
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 145959
last-modified: Sun, 19 Mar 2023 18:14:51 GMT
server: AmazonS3
etag: "7ac44a2faf255db39629dc919a75688e"
vary: Accept-Encoding
access-control-allow-methods: HEAD, GET, POST
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public,max-age=300
accept-ranges: bytes
x-amz-cf-id: DOgGRKVEYLdp3rgqpy_XUglh82JY9G_NibSlkU395bn3Iy_O3BKGww==

GET
H2 200 f532f507e34bc1259853e44e79abd1ae
secure.gravatar.com/avatar/ 2 KB
2 KB 100ms
31ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/f532f507e34bc1259853e44e79abd1ae?s=120&d=mm&r=g
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 5faa5febd660adcf719fc8dc56871d868e4a084c176abd34683dd2e14c3ef7cf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-nc: HIT lhr 3
date: Mon, 20 Mar 2023 14:23:31 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="f532f507e34bc1259853e44e79abd1ae.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/f532f507e34bc1259853e44e79abd1ae?s=120&d=mm&r=g>; rel="canonical"
content-length: 1770
expires: Mon, 20 Mar 2023 14:28:31 GMT

GET
H3 200 superfish.js Show response
live.hotnewsmm.xyz/wp-content/themes/blogmn/assets/js/ 7 KB
3 KB 140ms
140ms Script
application/javascript 2606:4700:e4::ac40:aa26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.hotnewsmm.xyz/wp-content/themes/blogmn/assets/js/superfish.js?ver=6.1.1
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:aa26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 4bd938863d8e473540c7300aec8fd156822f4701cee5fb6b3328a2cc9b0a012b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1434095
x-powered-by: DLEMP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 16 Sep 2022 06:18:54 GMT
server: cloudflare
etag: W/"6324154e-1d7c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zV7F8NsUYrc0GE6WK%2FSMBrOP2UNScr3sih0Wr0hcbZQC7GKLZvwPQIiCe3ioVXRtRPFK7geiAkRmtlT%2FC4X9%2FV%2FzA99XEKuCN112B7aD6OseYHXFTaUPvY9kKplVIGB72Suotwp2EpiIkDXSL78sWb4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7aae9d0e996d773d-LHR
expires: Mon, 03 Apr 2023 00:01:56 GMT

GET
H3 200 html5.js Show response
live.hotnewsmm.xyz/wp-content/themes/blogmn/assets/js/ 10 KB
4 KB 47ms
46ms Script
application/javascript 2606:4700:e4::ac40:aa26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.hotnewsmm.xyz/wp-content/themes/blogmn/assets/js/html5.js?ver=6.1.1
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:aa26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: a4b3b91b775b356ac4b5c34ac94dbcc1212ef23b5e89bfa9bfcc92e285a4447a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1434095
x-powered-by: DLEMP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 16 Sep 2022 06:18:54 GMT
server: cloudflare
etag: W/"6324154e-285a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D5CovXTONKXcsG%2B1sPS2IBV5J9isKvk39OCKxC%2F0wJKODqdV0f6cAND0hnh6E0Zw1iJzrWiA2gZKIiIkikFesEs7bGxnMTO15uS9nx563j9HzMpME4gQBFUhf3J%2B9rL%2Bf2kYVfEqeEnRWmmqqY6qf1E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7aae9d0e9971773d-LHR
expires: Mon, 03 Apr 2023 00:01:56 GMT

GET
H3 200 jquery.bxslider.js Show response
live.hotnewsmm.xyz/wp-content/themes/blogmn/assets/js/ 66 KB
16 KB 140ms
139ms Script
application/javascript 2606:4700:e4::ac40:aa26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.hotnewsmm.xyz/wp-content/themes/blogmn/assets/js/jquery.bxslider.js?ver=6.1.1
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:aa26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: d9a3e8f06cc8581fd6eeb011535e3fe287f9d38d22be1ec1f9fd9bf804adf62a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1434095
x-powered-by: DLEMP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 16 Sep 2022 06:18:54 GMT
server: cloudflare
etag: W/"6324154e-107e0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ll5ETjuJp%2B%2FKsw7jW9QwCPcJF%2F4eu6D5Uh2MDIcn1iJm3X4JXuy1ngxvVU1ECOigffH2XK1URijPQSBer21JcPjiaDaIgFBlqRbv627F0Zx%2BOG9O2%2F4WSYYHblOd2tzLgsVWjqn170u1lndIb%2BO3GGo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7aae9d0e9975773d-LHR
expires: Mon, 03 Apr 2023 00:01:56 GMT

GET
H3 200 jquery.tabslet.js Show response
live.hotnewsmm.xyz/wp-content/themes/blogmn/assets/js/ 6 KB
2 KB 140ms
139ms Script
application/javascript 2606:4700:e4::ac40:aa26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.hotnewsmm.xyz/wp-content/themes/blogmn/assets/js/jquery.tabslet.js?ver=20220617
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:aa26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: a7fe9347c265a8ef227a2c0e3e0e6e62e75f14784355f556fa9ddb864c5753f6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1434095
x-powered-by: DLEMP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 16 Sep 2022 06:18:54 GMT
server: cloudflare
etag: W/"6324154e-1701"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h2yLOXrx%2FZWGQTrM7X1jGMoPRuAN2UOGMprYG7NSkv1FRDo1xWjVDtXA%2BhdSWvP8dz%2Bvy3EMn%2F9phuntCMRG00WqJFF8OMHZi%2BI3V9Gb9IcRrPMPX3S%2B%2FuI4Ujv%2BSk%2BGYvJwR9ywV%2FqQIX4pguTiU1M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7aae9d0e9978773d-LHR
expires: Mon, 03 Apr 2023 00:01:56 GMT

GET
H3 200 index.js Show response
live.hotnewsmm.xyz/wp-content/themes/blogmn/assets/js/ 30 KB
8 KB 141ms
140ms Script
application/javascript 2606:4700:e4::ac40:aa26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.hotnewsmm.xyz/wp-content/themes/blogmn/assets/js/index.js?ver=20220617
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:aa26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 85d3987a45a0fdca18652344761e0dce4f3616d51f7788ad3447c18a8eea5291

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 276012
x-powered-by: DLEMP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 16 Sep 2022 06:18:54 GMT
server: cloudflare
etag: W/"6324154e-777c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZsP%2FaGz1K2X00eKVJsz1cUyZ%2B0PKuTlQWrNO0ti5EXZ%2FllijfIaPudWyDWHh2nxtvkqYJE6fDOgTykyXWucuXOAl%2FFBcZs8znqJQMQJpGYS8IqWOt3LvZOopM%2Bkbjx45zShyN1PmoAvVQ0SmpWWygkk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7aae9d0e998b773d-LHR
expires: Sun, 16 Apr 2023 09:43:19 GMT

GET
H3 200 jquery.custom.js Show response
live.hotnewsmm.xyz/wp-content/themes/blogmn/assets/js/ 3 KB
1 KB 141ms
140ms Script
application/javascript 2606:4700:e4::ac40:aa26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.hotnewsmm.xyz/wp-content/themes/blogmn/assets/js/jquery.custom.js?ver=20220617
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:aa26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: d8e8b70424cd0f3f1f5a9285e3b0d2a0d5546f371544550969facf69b81a0d90

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1434095
x-powered-by: DLEMP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 16 Sep 2022 06:18:54 GMT
server: cloudflare
etag: W/"6324154e-b53"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oJk2dmbvbLr4PtpqMHmHMTTczGTLUEeX7eiRT4BG3oGUZzUKIbF0obY0K%2BuFhVpQScX5AL1DePF6OiwE54LVjsfI8PNAxjxjPwRTOoPJAh8qW2V%2FJor2QDTIQ2LbgWo8w%2F0oEajao%2FLuhJlWeDreapE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7aae9d0e998e773d-LHR
expires: Mon, 03 Apr 2023 00:01:56 GMT

GET
H2 200 player.js Show response
cdn.unibotscdn.com/ubplayer/ 169 KB
61 KB 154ms
43ms Script
application/javascript 169.150.247.37
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/player.js
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-247-37.datapacket.com
Software: BunnyCDN-DE1-1080 /
Resource Hash: 4559580e9c218381ef9e14d17c63c4aefe396b2d304538375418c101d1ff95ab

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:31 GMT
content-encoding: br
cdn-edgestorageid: 1049
cdn-storageserver: DE-197
cdn-cachedat: 03/20/2023 05:28:02
cdn-pullzone: 873945
last-modified: Mon, 20 Mar 2023 05:27:40 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 336
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"6417eecc-2a3f7"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: e0afbcec8f589573e1d04591b9b2d3f2
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 fontawesome-webfont.woff2
live.hotnewsmm.xyz/wp-content/themes/blogmn/assets/fonts/ 75 KB
76 KB 72ms
72ms Font
font/woff2 2606:4700:e4::ac40:aa26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.hotnewsmm.xyz/wp-content/themes/blogmn/assets/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/wp-content/themes/blogmn/assets/css/font-awesome.css?ver=6.1.1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:e4::ac40:aa26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / DLEMP

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://live.hotnewsmm.xyz/wp-content/themes/blogmn/assets/css/font-awesome.css?ver=6.1.1
Origin: https://live.hotnewsmm.xyz
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:31 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1770
x-powered-by: DLEMP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
x-xss-protection: 1; mode=block
last-modified: Fri, 16 Sep 2022 06:18:54 GMT
server: cloudflare
etag: "6324154e-12d68"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d4F3jWD9IkAes1jJGJsep2kyQsrYQYlo%2BBUTz4dl8SgzrKvuBag6eCpw7ogujO4EUOx2SU5E2uO32AEqGIL%2Ba4vMMr7LrLwx2r3yYaQ3%2BOrMMg57U9qD81ViZpkcz0x3QV2V6NUfub8Fy1yvEjDSzTY%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7aae9d0e998f773d-LHR

GET
H3 200 anh2-1-305x200.jpg
live.hotnewsmm.xyz/wp-content/uploads/2023/03/ 16 KB
16 KB 151ms
150ms Image
image/jpeg 2606:4700:e4::ac40:aa26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.hotnewsmm.xyz/wp-content/uploads/2023/03/anh2-1-305x200.jpg
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:aa26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 39e02ec52b7cd0b075979ede40415dc0e6bd3261dd8b0dde2bab139d4e8222ae

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 43
x-powered-by: DLEMP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16235
last-modified: Mon, 20 Mar 2023 14:21:07 GMT
server: cloudflare
etag: "64186bd3-3f6b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DrliPaVw6XTzEHdFjgYwASy3Mvy5DOECCtUlQb1PN4lsZDAFZawGrGjTzv4l%2BZwkinNHDDqcCGwfol3He8RoyFBmC8DKJPuVY8AL0q0lLvjfBTexmJ75TP18%2B%2BNFVCZglq2SFsTWIdKCBEurk3UUPDo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7aae9d0eb9b6773d-LHR
expires: Wed, 19 Apr 2023 14:22:47 GMT

GET
H3 200 anh-55-305x200.jpg
live.hotnewsmm.xyz/wp-content/uploads/2023/03/ 18 KB
19 KB 151ms
150ms Image
image/jpeg 2606:4700:e4::ac40:aa26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.hotnewsmm.xyz/wp-content/uploads/2023/03/anh-55-305x200.jpg
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:aa26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: e7c0414c684bfa4486c8b0b0cd11410cebc03d78bc913a06382203cc80719541

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6840
x-powered-by: DLEMP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18563
last-modified: Mon, 20 Mar 2023 12:28:16 GMT
server: cloudflare
etag: "64185160-4883"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2BIvdMCwP%2FbzZbyYl2xmLAedUpvWzSlm%2FYH3rCiT1XBwS3HrGTxFR9AuqtHPLgxNAqCxjb%2FZSOHE21PYjibg1zFRf0XE1%2BDcb0N8EZjiTy7z%2BwESKZ695nh1xI%2BpHJaNqsPneylvhi6KxiaxwchE3hU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7aae9d0eb9b9773d-LHR
expires: Wed, 19 Apr 2023 12:29:31 GMT

GET
H3 200 zoro-wrong-ship_11zon.jpg
live.hotnewsmm.xyz/wp-content/uploads/2023/03/ 79 KB
79 KB 152ms
151ms Image
image/jpeg 2606:4700:e4::ac40:aa26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.hotnewsmm.xyz/wp-content/uploads/2023/03/zoro-wrong-ship_11zon.jpg
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:aa26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 849e42e2182fd13ce149850f53374cb6c0dd7ee4a87e033a23b3047128164aa4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 77183
x-powered-by: DLEMP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 80503
last-modified: Sun, 19 Mar 2023 16:51:33 GMT
server: cloudflare
etag: "64173d95-13a77"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5RfUo%2FYk7tE%2FDc%2BNDGLO0mQdNiMtmaAdiIbS1SnJA6Gjy2G8jtwcoVGwHJhSeJYcYH%2B0kuyJQ9OCWJ39K5DznYY1fgDJuQhARfVI7J1jhNC7EdeL0wv93%2F0k5hZrWlABi09H77IcxWm3yunScMe0fWU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7aae9d0eb9bb773d-LHR
expires: Tue, 18 Apr 2023 16:57:08 GMT

GET
H3 200 anh2-1.jpg
live.hotnewsmm.xyz/wp-content/uploads/2023/03/ 54 KB
54 KB 181ms
180ms Image
image/jpeg 2606:4700:e4::ac40:aa26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.hotnewsmm.xyz/wp-content/uploads/2023/03/anh2-1.jpg
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:aa26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 22bf44cc06799d79558157036279433076f4f4c1dae02fa3daf94906fc550ac2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 99
x-powered-by: DLEMP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55190
last-modified: Mon, 20 Mar 2023 14:21:07 GMT
server: cloudflare
etag: "64186bd3-d796"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l5a3nQZSwpLG3ZDo%2B8dNsM173XgG%2BYXHf9LgNo7nGZiI%2F6Spf8GUCt0HkhHa4IKVemABviy9I54Cx1t%2FOj%2FoOP4Uw%2Fof4JLK6tGUVf8llYtFhu4xBrIalMYyzFDosoPGXc6ZJRuDxey1lX2Zu9CwSlM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7aae9d0eb9bd773d-LHR
expires: Wed, 19 Apr 2023 14:21:52 GMT

GET
H2 200 impress Show response
ad.vidverto.io/delivery/ 71 KB
22 KB 75ms
74ms XHR
application/json 190.2.153.150
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/delivery/impress?ctype=div&width=720&height=405&tld=live.hotnewsmm.xyz&pzoneid=8725&in_iframe=&position=btf&screen_width=1600&screen_height=1200&top_domain=live.hotnewsmm.xyz&top_url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&domain=live.hotnewsmm.xyz&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&referrer=&async=1&uid=5770589730
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.153.150 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e1c150a784ff7261cc614a33314ba4f5c98f82d968fc719a954b85c26a98eda6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: https://live.hotnewsmm.xyz
date: Mon, 20 Mar 2023 14:23:31 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/xaluanau-network/ 286 KB
43 KB 110ms
31ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/xaluanau-network/loader.js
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ae5aa53ef20713196ea8df5240200659b2d589fb1b01604d8166d9d6f9032211

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: gAJXfSdWVduyHDTOo3dHgPd_fabuVWEC
content-encoding: gzip
via: 1.1 varnish
date: Mon, 20 Mar 2023 14:23:31 GMT
x-amz-request-id: CCEJPWCGX4QECPWP
age: 14433
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 43745
x-amz-id-2: ygtZClO3j5mirN1RwlhM8KD/g+crSJjQefKd5dw3JF2FaqyqjOs0fbr5EixjqDDFr8Ch6Py19qE=
x-served-by: cache-lon4239-LON
last-modified: Mon, 20 Mar 2023 10:22:28 GMT
server: AmazonS3
x-timer: S1679322212.839668,VS0,VE0
etag: "51c0a0dba5a1a745f41f783f56009ab2"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 63
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 98

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303140101/ 350 KB
117 KB 194ms
104ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3073985723087695&plah=live.hotnewsmm.xyz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3073985723087695

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5380162498ca0d298a0d0b4a791542d972f0d0d616f8255126a8e73dab1332e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119660
x-xss-protection: 0
server: cafe
etag: 8110485416922946079
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 14:23:31 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230315/r20190131/ Frame 9FCE 10 KB
5 KB 133ms
41ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230315/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3073985723087695

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://live.hotnewsmm.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 46840
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 01:22:51 GMT
etag: 2378337311435320485
expires: Mon, 03 Apr 2023 01:22:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
44 KB 65ms
65ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-203682812-5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-203682812-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

be31352c0d78585ebf18c903b26311efc0b63b9266d9149474067aff86fe49d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44756
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 20 Mar 2023 14:23:31 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 116ms
31ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-203682812-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 20 Mar 2023 12:28:17 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 6914
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 20 Mar 2023 14:28:17 GMT

GET
H2 200 moxplayer.css
ad.vidverto.io/js/moxplayer/ 51 KB
8 KB 38ms
37ms Stylesheet
text/css 190.2.153.150
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/js/moxplayer/moxplayer.css
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.153.150 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a1fc449201f61ca3ea21d70a29c7539f8bcb19be28423a4e1258e7e1e994b042

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:31 GMT
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 14:52:51 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"5ee0f3c3-cbf7"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=3600, public, max-age=3600
expires: Mon, 20 Mar 2023 15:23:31 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 361 KB
121 KB 154ms
52ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0afdfec0cc81ad101710150812834831dd21e1d766c380af5114509ff56b7eb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123281
x-xss-protection: 0
expires: Mon, 20 Mar 2023 14:23:31 GMT

GET
H2 200 inview.min.js Show response
ad.vidverto.io/js/ima2/2/ 5 KB
2 KB 38ms
37ms Script
application/javascript 190.2.153.150
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/js/ima2/2/inview.min.js
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.153.150 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:31 GMT
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 14:52:51 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"5ee0f3c3-1389"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Mon, 20 Mar 2023 15:23:31 GMT

GET
H2 200 vast-client.min.js Show response
ad.vidverto.io/js/ima2/2/ 59 KB
13 KB 40ms
39ms Script
application/javascript 190.2.153.150
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/js/ima2/2/vast-client.min.js
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.153.150 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 04a436758e8992373a49eb612d5b5f54a6fe9e6b1aedab24b510411630fa99b8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:31 GMT
content-encoding: gzip
last-modified: Fri, 17 Sep 2021 18:13:12 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"6144dab8-ea58"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Mon, 20 Mar 2023 15:23:31 GMT

GET
H2 200 ima.min.js Show response
ad.vidverto.io/js/ima2/2/ 87 KB
23 KB 43ms
42ms Script
application/javascript 190.2.153.150
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/js/ima2/2/ima.min.js
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.153.150 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 69e9bf8cabef87d7a120c9089bcc39139a0c79071355daae37e4a2ff223e4f66

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:31 GMT
content-encoding: gzip
last-modified: Tue, 14 Mar 2023 19:14:09 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"6410c781-15dd6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Mon, 20 Mar 2023 15:23:31 GMT

GET
H2 200 vidvertoplayer.js Show response
ad.vidverto.io/vidverto/player/ 129 KB
41 KB 71ms
71ms Script
application/javascript 190.2.153.150
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.153.150 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8387013ae7c0a3cb9f15765f5b7693e4011a26d041b9109781d554ee93031bcc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:31 GMT
content-encoding: gzip
last-modified: Thu, 18 Aug 2022 07:44:44 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"62fdedec-205ff"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Mon, 20 Mar 2023 15:23:31 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
44 KB 64ms
64ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-93483023-9

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3b990f0c6934b5f7dd71e2b708f8835e8476d994449fc45bfe8c12c3ac80e3d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44629
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 20 Mar 2023 14:23:31 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
248 B 121ms
40ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-V8FD1SYQLQ&gtm=45je33f0&_p=1842950848&cid=1578177201.1679322212&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1679322211&sct=1&seg=0&dl=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs&dt=Man%20Utd%20star%20Alejandro%20Garnacho%20hastily%20deletes%20vape%20from%20picture%20during%20Fulham%20clash&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V8FD1SYQLQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 14:23:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://live.hotnewsmm.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
44 KB 65ms
65ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-93483023-9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-203682812-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c4a0ef38673b76bc063e2948a08e6c6f296e35497d582de8414d90fb7e97db29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44653
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 20 Mar 2023 14:23:31 GMT

GET
H2 200 invocation.min.css
ad.vidverto.io/vidverto/ 3 KB
850 B 48ms
48ms Stylesheet
text/css 190.2.153.150
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/invocation.min.css
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.153.150 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:31 GMT
content-encoding: gzip
last-modified: Wed, 11 Nov 2020 16:53:37 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"5fac1711-a0a"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 favicon-16px.png
ad.vidverto.io/images/ 900 B
1 KB 42ms
41ms Image
image/png 190.2.153.150
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidverto.io/images/favicon-16px.png
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.153.150 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:31 GMT
last-modified: Wed, 10 Jun 2020 14:52:51 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5ee0f3c3-384"
content-type: image/png
cache-control: max-age=604800, public, max-age=604800
accept-ranges: bytes
content-length: 900
expires: Mon, 27 Mar 2023 14:23:31 GMT

GET
H2 200 impl.20230320-7-RELEASE.js Show response
cdn.taboola.com/libtrc/ 738 KB
154 KB 30ms
30ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230320-7-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/xaluanau-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 1c1c2c0acbf37a407288dd7fc9961d1922ef3e6526b936211fac48a64681d9aa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: FFM_tMmvVC1VCnKtQgrey2IfiAzSw3yF
content-encoding: br
via: 1.1 varnish
date: Mon, 20 Mar 2023 14:23:32 GMT
x-amz-request-id: GBTAZ7FBW4AW4KPY
age: 15185
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 157155
x-amz-id-2: /94nQ+M6k4OTPzUIC4B/haLAuWIpy9kJO8tx5BFV8XKFLpjiBiJpnwBi1haw9bkAbwZZ147CFmA=
x-served-by: cache-lon4239-LON
last-modified: Mon, 20 Mar 2023 10:06:46 GMT
server: AmazonS3-br
x-timer: S1679322212.064851,VS0,VE0
etag: "731f1a8b291898fd07ff0c237c73536a"
vary: Accept-Encoding
content-type: application/javascript
abp: 48
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 17517

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 144ms
52ms Script
application/javascript 13.32.99.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/xaluanau-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-21.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:27 GMT
content-encoding: gzip
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 09:22:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 46326
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: yC0g_DOPCp9UdLmdAjdTyUkckLY3cwL3pXEwLQzG3OdlvbXrZlkkxw==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
209 B 37ms
36ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1842950848&t=pageview&_s=1&dl=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&ul=en-us&de=UTF-8&dt=Man%20Utd%20star%20Alejandro%20Garnacho%20hastily%20deletes%20vape%20from%20picture%20during%20Fulham%20clash&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1136247779&gjid=1081865112&cid=1578177201.1679322212&tid=UA-203682812-1&_gid=1091341078.1679322212&_r=1&gtm=457e33f0&z=1475593875

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://live.hotnewsmm.xyz/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 14:23:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://live.hotnewsmm.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
66 B 38ms
38ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1842950848&t=pageview&_s=1&dl=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&ul=en-us&de=UTF-8&dt=Man%20Utd%20star%20Alejandro%20Garnacho%20hastily%20deletes%20vape%20from%20picture%20during%20Fulham%20clash&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1165481541&gjid=539065064&cid=1578177201.1679322212&tid=UA-203682812-5&_gid=1091341078.1679322212&_r=1&gtm=457e33f0&z=530976701

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://live.hotnewsmm.xyz/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 14:23:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://live.hotnewsmm.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
66 B 37ms
37ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1842950848&t=pageview&_s=1&dl=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&ul=en-us&de=UTF-8&dt=Man%20Utd%20star%20Alejandro%20Garnacho%20hastily%20deletes%20vape%20from%20picture%20during%20Fulham%20clash&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAUABAAAAACAAI~&jid=529802975&gjid=1825561506&cid=1578177201.1679322212&tid=UA-93483023-9&_gid=1091341078.1679322212&_r=1&gtm=457e33f0&z=1898104100

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://live.hotnewsmm.xyz/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 14:23:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://live.hotnewsmm.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
464 B 55ms
54ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=live.hotnewsmm.xyz&callback=_gfp_s_&client=ca-pub-3073985723087695

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3073985723087695&plah=live.hotnewsmm.xyz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39bdfe633a2ee53d37200d717e79e15d7dc1014cd8fd6add8faeb8a240dad516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
531 B 149ms
51ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=live.hotnewsmm.xyz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 148ms
52ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=live.hotnewsmm.xyz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C5C5 10 KB
5 KB 616ms
615ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&adk=1812271804&adf=3025194257&lmt=1679322212&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211761&bpp=4&bdt=344&idt=362&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3143030458980&frm=20&pv=2&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=395

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d251488c9ca5e6de113e970778045f5337aabccde3fd3220036c9f613b7a5fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://live.hotnewsmm.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 4499
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 14:23:32 GMT
expires: Mon, 20 Mar 2023 14:23:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E2BD 97 KB
33 KB 1175ms
1174ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=3328342826&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211765&bpp=3&bdt=348&idt=400&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9UAp0hnqxg&p=https%3A//live.hotnewsmm.xyz&dtd=407

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c22d828ce4cfcc353fd19fb159a27befcdfc329df2de208e8b4c1d487a1a554d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://live.hotnewsmm.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 33899
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 14:23:33 GMT
expires: Mon, 20 Mar 2023 14:23:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A9F0 84 KB
31 KB 288ms
287ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=2878163114&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211768&bpp=1&bdt=351&idt=442&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1722&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ov5AYzjtZS&p=https%3A//live.hotnewsmm.xyz&dtd=448

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63340719217a1d488dd40cf84fd77f54dc9887ef48b5111214499a45e348671a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://live.hotnewsmm.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 31286
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 14:23:32 GMT
expires: Mon, 20 Mar 2023 14:23:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 bridge3.563.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame D89F 708 KB
225 KB 55ms
52ms Document
text/html 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.563.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7769d34413948b167e8357b1e8322ce3ba32e96571fad70d0eb3406998cb253

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://live.hotnewsmm.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 17029
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 230581
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 09:39:43 GMT
expires: Tue, 19 Mar 2024 09:39:43 GMT
last-modified: Wed, 15 Mar 2023 22:09:10 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 165ms
57ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 20 Mar 2023 14:23:32 GMT

GET
H2 200 video
ad.vidverto.io/delivery/rtb/ 0
0 46ms
46ms Image
text/xml 190.2.153.150
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidverto.io/delivery/rtb/video?data=UEllSmgzcFpJdythdmtZOU84UkJITk5CelNaZnFDWGYxNFVZejVjWG1JUEVsRzhvZEw4OUtBYXNnbEZ0Y3RQMWRscXhIRjRVSXRtRWVENU8rRWU2T1htVzF0ZUV6Y1BrbmFab1FGaFRFTWFzYm5HNVhBaGVGMks3cDFZMEVlNkdxUWZyWG95d1FoQ2pFbTkyVzZ6SUc3dDJTZVQvRW9ubHRYenVjK2h2WlFQMS9IclcwclEyZ0tsc1ZjWjdzdHVwdi9PREI4Qk1wYWJSbm9TK3M2Vmhib1R6LytQV1ExYndTSHFDeldaNXFmYkVtYSt1eERzdzhTQmdtNzhtUGtZRUFwek1kUnJVV1FzVFNwRDdTc0VSNS84ZXVwVnNTMmd6OFRYMm00cFlhZlUwdm5HeFRHR000V2ZFTEh4cGdobytlc3pDRnBkUTQ4cy9xWDI0ZWwrZ2o5clRoNzZJVk42MFBCOWcreVhqd0V5TEZ2RGVTa1FZMURsRFRRdGxqM1pBRFRRdmcvWi81SnM1dXRESTRBK3Y4UlpoZDl2T3NJbnVPMkpIT3YzRSt4Ymlvd2lhWG1HN2tmVFQwLzFuelZMSDRIRmZ3MkVyZmNBUmpSVXZVWE1obHd3eXlUZ3dCR254cG1vQSs5djA2dzlERzM2R0pWOGt4Sm8zdFV1dkhXMjloV0ZjMFlaUlIyK1B6OFJKYlhqb0UxaGFWbXlXdVFFaWNlUTgxL1hXd1ZPNTJ4aHdLN3ZTUGhvS2dYaXAvVUtTQWkzV3NNeGh1U0RTSHlFRE53anVCNXNEUXBJZzU1VXp3emJaWnh0dnRLQT0%3D
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.153.150 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 107ms
36ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230320-7-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:31 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 334363
expires: 60

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6BC8 23 KB
10 KB 270ms
269ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=3673390029&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211769&bpp=1&bdt=352&idt=504&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2188&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mvOQLe1PIS&p=https%3A//live.hotnewsmm.xyz&dtd=507

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4efa6855a0003e0d9d350ac6b87b6ea8809fe18d4469caf5c5fa68d59f2d9593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://live.hotnewsmm.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 10230
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 14:23:32 GMT
expires: Mon, 20 Mar 2023 14:23:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1D31 86 KB
31 KB 471ms
471ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=2760247701&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211770&bpp=3&bdt=353&idt=532&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=KhSyiZAGtz&p=https%3A//live.hotnewsmm.xyz&dtd=535

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb1c332e100d3945ca1e53f853210247730b1b305cfca79d69dc6882cdcfbb3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://live.hotnewsmm.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 31380
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 14:23:32 GMT
expires: Mon, 20 Mar 2023 14:23:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1679322212326&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgF...
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1679322212326&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0Lg...

0
190 B

50ms
50ms

Image
text/plain

13.32.99.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1679322212326&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&c8=Man%20Utd%20star%20Alejandro%20Garnacho%20hastily%20deletes%20vape%20from%20picture%20during%20Fulham%20clash&c9=
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Server: 13.32.99.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-21.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:32 GMT
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: 9Vcy6KEOyIfSqRb2_7edwFK7TGBpkln6vtVsyVQvM3Itaxvm5cst9Q==
x-cache: Miss from cloudfront

Redirect headers

location: /b2?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1679322212326&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&c8=Man%20Utd%20star%20Alejandro%20Garnacho%20hastily%20deletes%20vape%20from%20picture%20during%20Fulham%20clash&c9=
date: Mon, 20 Mar 2023 14:23:32 GMT
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
content-length: 0
x-amz-cf-id: jnAWW1HLmWaX9OaBUOwwxKXC3d-XNNcuDytNnbT8iG9u317hU6S2gg==
x-cache: Miss from cloudfront

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CEDF 89 KB
33 KB 482ms
481ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=808297724&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211773&bpp=1&bdt=356&idt=554&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2809406a65851201-22ee5eaa5edd0034%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MaaXV7gyz5LbaEc46spiLwLQvn9aQ&gpic=UID%3D00000bc97885d817%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MZRRz02Be0AhCo1_BWme-D2xIrL0A&prev_fmts=0x0%2C820x280%2C820x280%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3677&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=4I1Ww6SOuM&p=https%3A//live.hotnewsmm.xyz&dtd=556

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01ebf90fc9d6690595bffcbd4bb1df69043d026a8a0e1660dfa784921b63869d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://live.hotnewsmm.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 33265
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 14:23:32 GMT
expires: Mon, 20 Mar 2023 14:23:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4601 147 KB
47 KB 927ms
926ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=1862173523&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211774&bpp=1&bdt=357&idt=565&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2809406a65851201-22ee5eaa5edd0034%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MaaXV7gyz5LbaEc46spiLwLQvn9aQ&gpic=UID%3D00000bc97885d817%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MZRRz02Be0AhCo1_BWme-D2xIrL0A&prev_fmts=0x0%2C820x280%2C820x280%2C820x280%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=4143&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=2lCmE2ilsL&p=https%3A//live.hotnewsmm.xyz&dtd=569

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

357d56a2dfe1bb58ce926eac893cc2c06e4ea9d83065bac4939e644b5d2dd2cc

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17171710418869759677/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17171710418869759677/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIW6u9_a6v0CFSdEFQgdhLoGJg&gqi=ZGwYZOfJFoSV1wbUgL-QAg&layout=/sadbundle/%24csp%253Der3%24/17171710418869759677/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://live.hotnewsmm.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 48232
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17171710418869759677/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17171710418869759677/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIW6u9_a6v0CFSdEFQgdhLoGJg&gqi=ZGwYZOfJFoSV1wbUgL-QAg&layout=/sadbundle/%24csp%253Der3%24/17171710418869759677/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 14:23:33 GMT
expires: Mon, 20 Mar 2023 14:23:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
165 B 57ms
56ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=live.hotnewsmm.xyz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 57ms
57ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=live.hotnewsmm.xyz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 15C2 76 KB
30 KB 698ms
697ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=600&slotname=4969152155&adk=4189332658&adf=1502878857&pi=t.ma~as.4969152155&w=260&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=260x600&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211778&bpp=1&bdt=361&idt=624&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2809406a65851201-22ee5eaa5edd0034%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MaaXV7gyz5LbaEc46spiLwLQvn9aQ&gpic=UID%3D00000bc97885d817%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MZRRz02Be0AhCo1_BWme-D2xIrL0A&prev_fmts=0x0%2C820x280%2C820x280%2C820x280%2C820x280%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=10&uci=a!a&fsb=1&xpc=PwEDiN2LNg&p=https%3A//live.hotnewsmm.xyz&dtd=628

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

acc6e767760a4a7b2cce7aabd83ea4773ce42aef68b8d357258011b15bab8f4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://live.hotnewsmm.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 30992
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 14:23:33 GMT
expires: Mon, 20 Mar 2023 14:23:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 UzNPZHRaUjV3d3VXQlp1ak84NTlUaXdENFk2TkM0SlMvWDlnRldTWkdmN2s3WThyeHRIRTdQUUQ5YzkxN3I2WUErZ3dIR0NYdDI2ZnVzeVBEcnV4MC9hRjgvMUxTN3Q3RCtRQ2haSmUxK1g4NjFqOW5zcDZIK0ozdjZPdHl6OStRTlhYamZmNHFkS1Y1Njl0VzRTM... Show response
ad.vidverto.io/delivery/video/pod/ Frame D89F 39 KB
17 KB 55ms
55ms XHR
text/xml 190.2.153.150
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/delivery/video/pod/UzNPZHRaUjV3d3VXQlp1ak84NTlUaXdENFk2TkM0SlMvWDlnRldTWkdmN2s3WThyeHRIRTdQUUQ5YzkxN3I2WUErZ3dIR0NYdDI2ZnVzeVBEcnV4MC9hRjgvMUxTN3Q3RCtRQ2haSmUxK1g4NjFqOW5zcDZIK0ozdjZPdHl6OStRTlhYamZmNHFkS1Y1Njl0VzRTME1EYnhaTTBqakcvQWxTdjBYTU9hRWVEK3pLSlhRU1A4czg2WVE4VFdLcm81WGlzTzdyd1E0KzQyUXA4alR6dUFUSzI2a2RCeVBwNkt6ZzFMMFFReVpFb2htT3lQdkdDV0x5SVNLbDYzRUovbHRVU3pNMVE3N0RnYkd5ZU5heXJnSkl2WktPbVRtNnVackI3aGhZYy9Wb0lyVFd5L1czTTRGbHZFYlhqMDhmK2FINWRnM0NLNXFkMjdEdFZ3VUxPS0FqOGcramtVNjJCUDI4c01zaEtFSVN5SnVoRFV5T3RyS2sxR3JUalk1WU5tUFVxR245Zm5xY0RLSGEzbWZ4cDNZdVpTbS9lMmpDclhlYVh4WUU3NlMyV1BPSHY1MW5lOWpsTGo0M08wcWUxV1BSbVdVbDVwdlp0NE9IdXdBTk1zT3lqb21GdWZ1TUNOZzRkemZMd1lrcjlXcXFTVDNuQ2RzNExGb1VHcWFxMUZyRmtWTGZhTjYyaTFhTkJMNGcvNCtDeStJSmJQc3c1RnpJTkF6UUMxUVVkYlpabW4zbHE1TlFMTTNqMWJxS3BiLzNGOTM1TWh3MzZ3enYwVVhBN0hZRVJYVjRGaW8yb0ZwR0hIOHJFdmRJeHErOXJyYThxWGVqcU1BQXN2dWdTSjJGQWVuM0k4a0hJVGd6b2pCMGtsL0d1REo3OGRWaUp1b0JoM2JCMG1MSzIxMm5rUEZmRGlMeTA2OGMydi9OR0VZYVlGbkhCZnJLWTZVbjNLTk5HM0xoTnJuSk1BZkNuVEJtMDdOaCtia2VWRTRHQjRtSEUwY2lPY2NMSFNTaW5ibm9ib2hMQjBlTWEyMmFiNnhHVDVBV0VSdkpodXdBNXRNZWRET3RWQ0VTNmVpUUl4aWJsellKTjUrdi8yTCtLNFAxMW00WGRBSVFBZjlQdFRXOFlJMWc9PQ%3D%3D
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.563.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.153.150 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 235649053d29728a3890ad95f58b77b333a49b7ab8ee6a5cedbecf4955f9f9af

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: https://imasdk.googleapis.com
date: Mon, 20 Mar 2023 14:23:32 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/xml;charset=UTF-8

POST
H2 204 csi
csi.gstatic.com/ Frame D89F 0
234 B 384ms
116ms Ping
image/gif 2607:f8b0:4002:c09::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lfgx341a&c=3143030458980&slotId=1571515229490&eee=missing-element&bi=missing-id&vast_v=3.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.563.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4002:c09::78 Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 14:23:32 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D89F 156 B
414 B 717ms
566ms XHR
text/xml 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F52555387%2C22439405700%2Fxemnhanh.info_video_preroll&description_url=https%3A%2F%2Fxemnhanh.info&tfcd=0&npa=0&sz=400x300%7C640x480&max_ad_duration=30000&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=443599077915930&sdkv=h.3.563.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=1147512050&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.563.0&sid=954D330A-F81D-43DE-8D1A-E4599D03B825&nel=0&eid=44748969%2C44750824%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&dt=1679322212513&cookie=ID%3D2809406a65851201-22ee5eaa5edd0034%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MaaXV7gyz5LbaEc46spiLwLQvn9aQ&gpic=UID%3D00000bc97885d817%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MZRRz02Be0AhCo1_BWme-D2xIrL0A&scor=206487459308192&ged=ve4_td2_tt1_pd2_la2000_er1638.640.1639.641_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.563.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D89F 156 B
413 B 1065ms
916ms XHR
text/xml 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F52555387%2C22439405700%2Fxonxao.com_video_preroll_3&description_url=https%3A%2F%2Fxonxao.com&tfcd=0&npa=0&sz=400x300%7C640x480&max_ad_duration=30000&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=443599077915930&sdkv=h.3.563.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=1147512050&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.563.0&sid=954D330A-F81D-43DE-8D1A-E4599D03B825&nel=0&eid=44748969%2C44750824%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&dt=1679322212516&cookie=ID%3D2809406a65851201-22ee5eaa5edd0034%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MaaXV7gyz5LbaEc46spiLwLQvn9aQ&gpic=UID%3D00000bc97885d817%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MZRRz02Be0AhCo1_BWme-D2xIrL0A&scor=206487459308192&ged=ve4_td2_tt1_pd2_la2000_er1638.640.1639.641_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.563.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D89F 156 B
884 B 629ms
482ms XHR
text/xml 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22439405700%2Fxehay9.com_%2Fvast_4&description_url=https%3A%2F%2Fxehay9.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=443599077915930&nofb=1&sdkv=h.3.563.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=1147512050&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.563.0&sid=954D330A-F81D-43DE-8D1A-E4599D03B825&nel=0&eid=44748969%2C44750824%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&dt=1679322212518&cookie=ID%3D2809406a65851201-22ee5eaa5edd0034%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MaaXV7gyz5LbaEc46spiLwLQvn9aQ&gpic=UID%3D00000bc97885d817%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MZRRz02Be0AhCo1_BWme-D2xIrL0A&scor=206487459308192&ged=ve4_td2_tt1_pd2_la2000_er1638.640.1639.641_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.563.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D89F 156 B
414 B 1378ms
1233ms XHR
text/xml 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F52555387%2C22439405700%2Fxonxao.com_video_preroll_4&description_url=https%3A%2F%2Fxonxao.com&tfcd=0&npa=0&sz=400x300%7C640x480&max_ad_duration=30000&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=443599077915930&sdkv=h.3.563.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=1147512050&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.563.0&sid=954D330A-F81D-43DE-8D1A-E4599D03B825&nel=0&eid=44748969%2C44750824%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&dt=1679322212519&cookie=ID%3D2809406a65851201-22ee5eaa5edd0034%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MaaXV7gyz5LbaEc46spiLwLQvn9aQ&gpic=UID%3D00000bc97885d817%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MZRRz02Be0AhCo1_BWme-D2xIrL0A&scor=206487459308192&ged=ve4_td2_tt1_pd2_la2000_er1638.640.1639.641_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.563.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D89F 156 B
413 B 1074ms
930ms XHR
text/xml 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22439405700%2Fen.xaluan.com_%2Fvast_4&description_url=https%3A%2F%2Fen.xaluan.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=443599077915930&nofb=1&sdkv=h.3.563.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=1147512050&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.563.0&sid=954D330A-F81D-43DE-8D1A-E4599D03B825&nel=0&eid=44748969%2C44750824%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&dt=1679322212521&cookie=ID%3D2809406a65851201-22ee5eaa5edd0034%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MaaXV7gyz5LbaEc46spiLwLQvn9aQ&gpic=UID%3D00000bc97885d817%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MZRRz02Be0AhCo1_BWme-D2xIrL0A&scor=206487459308192&ged=ve4_td2_tt1_pd2_la2000_er1638.640.1639.641_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.563.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D89F 156 B
413 B 1352ms
1212ms XHR
text/xml 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22439405700%2Fxonxao.com_%2Fvast_2.0&description_url=https%3A%2F%2Fxonxao.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=443599077915930&nofb=1&sdkv=h.3.563.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=1147512050&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.563.0&sid=954D330A-F81D-43DE-8D1A-E4599D03B825&nel=0&eid=44748969%2C44750824%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&dt=1679322212523&cookie=ID%3D2809406a65851201-22ee5eaa5edd0034%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MaaXV7gyz5LbaEc46spiLwLQvn9aQ&gpic=UID%3D00000bc97885d817%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MZRRz02Be0AhCo1_BWme-D2xIrL0A&scor=206487459308192&ged=ve4_td2_tt1_pd2_la2000_er1638.640.1639.641_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.563.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D89F 156 B
414 B 1750ms
1612ms XHR
text/xml 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F52555387%2C22439405700%2Fxemnhanh.info_video_preroll_1&description_url=https%3A%2F%2Fxemnhanh.info&tfcd=0&npa=0&sz=400x300%7C640x480&max_ad_duration=30000&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=443599077915930&sdkv=h.3.563.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=1147512050&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.563.0&sid=954D330A-F81D-43DE-8D1A-E4599D03B825&nel=0&eid=44748969%2C44750824%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&dt=1679322212526&cookie=ID%3D2809406a65851201-22ee5eaa5edd0034%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MaaXV7gyz5LbaEc46spiLwLQvn9aQ&gpic=UID%3D00000bc97885d817%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MZRRz02Be0AhCo1_BWme-D2xIrL0A&scor=206487459308192&ged=ve4_td2_tt1_pd2_la2000_er1638.640.1639.641_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.563.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:34 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame A9F0 6 KB
1 KB 159ms
50ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=2878163114&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211768&bpp=1&bdt=351&idt=442&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1722&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ov5AYzjtZS&p=https%3A//live.hotnewsmm.xyz&dtd=448

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Mar 2023 14:23:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 13:04:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Mar 2023 14:23:32 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame A9F0 2 KB
845 B 189ms
80ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 13:25:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3457
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Apr 2023 13:25:55 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/ Frame A9F0 22 KB
9 KB 148ms
39ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aaaeff283d77d5f0d27c6ae7768ea2bba13a624a99b79208db30e0a7ca2e7c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 15:13:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83421
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9101
x-xss-protection: 0
server: cafe
etag: 583283675565503348
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Apr 2023 15:13:11 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame A9F0 3 KB
1 KB 180ms
83ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 13:17:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3935
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Apr 2023 13:17:57 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame A9F0 20 KB
9 KB 153ms
45ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 13:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3458
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8617
x-xss-protection: 0
server: cafe
etag: 263085479041318444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Apr 2023 13:25:54 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A9F0 158 KB
49 KB 167ms
58ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49519
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678880156327103"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 20 Mar 2023 14:23:32 GMT

GET
H2 200 cbfababd91166e5076a7e33bfb78f317.js Show response
www.gstatic.com/mysidia/ Frame A9F0 34 KB
15 KB 139ms
42ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cbfababd91166e5076a7e33bfb78f317.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 17:46:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 247017
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14337
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 10:19:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 15 Jun 2023 17:46:35 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 6BC8 3 KB
1 KB 183ms
81ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=3673390029&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211769&bpp=1&bdt=352&idt=504&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2188&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mvOQLe1PIS&p=https%3A//live.hotnewsmm.xyz&dtd=507

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 13:17:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3935
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Apr 2023 13:17:57 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 6BC8 20 KB
8 KB 153ms
51ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=3673390029&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211769&bpp=1&bdt=352&idt=504&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2188&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mvOQLe1PIS&p=https%3A//live.hotnewsmm.xyz&dtd=507

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 13:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3458
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8617
x-xss-protection: 0
server: cafe
etag: 263085479041318444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Apr 2023 13:25:54 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6BC8 158 KB
48 KB 222ms
121ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=3673390029&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211769&bpp=1&bdt=352&idt=504&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2188&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mvOQLe1PIS&p=https%3A//live.hotnewsmm.xyz&dtd=507

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49519
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678880156327103"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 20 Mar 2023 14:23:32 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A9F0 0
0 86ms
86ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CNDR3ZGwYZMSlEPOBmwfQ5rmQBcqa_r9v69ummIkRiJT4h7MCEAEgkc-1IWC7hoCA0AqgAd3Up4opyAEJqAMByAPLBKoE0AFP0BQ09Lu1k4v3Q8mqYeKKq1kqNxvH3P-5nEpts1Z0Cd1oJdBfd7kliXvYXKfw9xJJaaR2FAEOzL7u2MCNFBPRmk6fClmp3yTj-3cncmy2N9KYZ_AEZ2YKuD0a-_GGd4M1BKpZ_URtche35hRyTmE6zGSwy9rhA2pAy_4KJb6tgXSvcTeGUAl_IKeSPDmSmqoIBDtcY0iqraLc1hjDgAbdg5PX2VM5zJqrWz5W1O2rb406OD972bmw7gXc7zWs7ibdGb9TgSSOTkkoxxqxuznQwATT6vbhtASSBQQIBBgBkgUECAUYBKAGLoAH3Yz46QOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHAxCzWNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi0zMDczOTg1NzIzMDg3Njk1GAA&sigh=M3yHyhMg1_s&uach_m=[UACH]&cid=CAQSGwDUE5ym9o5gQ2mc6-xmZP5w_tz-8kK-7pfXNBgB&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=2878163114&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211768&bpp=1&bdt=351&idt=442&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1722&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ov5AYzjtZS&p=https%3A//live.hotnewsmm.xyz&dtd=448
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 20 Mar 2023 14:23:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 20 Mar 2023 14:23:32 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6BC8 0
0 89ms
88ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJvErZGwYZJCfFJPA1fAP1ae7kALkj9KxXP_Q2ZGIAcCNtwEQASAAYKECggEXY2EtcHViLTMwNzM5ODU3MjMwODc2OTXIAQmpAk1vhCkrdLQ-qAMBqgTKAU_Qz7SVCSWAsTxp7gMZB6XjCoNAzdY7KoNAzuQ1_JA_cIQUa8weSYc8n5HcAufY7oL2p4wDEVwuWKdkihBhJAwju10IRNRQPM-Ilnr-JyYJ_XG3vzRwVk8rqx-_BkHWbGxEnJGWSz1El73SubuyLZMocDyd9odAyBtkCft6zDSMGuLkPpnLksFPHZ7kSkIMU0ZAIKYzA77cONPCYaehc8jbhVVZnzYAf_w8XZlZH4BraXRpAKXCLPuNC0xMQK_sdOag1xb2598qP9-ABvyQiqDrgKSC-gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0zMDczOTg1NzIzMDg3Njk1GAA&sigh=JLw5FWHstWY&uach_m=[UACH]&cid=CAQSGwDUE5ymIo3r_5NR4ykUiyycvyJbIr6Q31AMtRgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=3673390029&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211769&bpp=1&bdt=352&idt=504&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2188&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mvOQLe1PIS&p=https%3A//live.hotnewsmm.xyz&dtd=507

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=3673390029&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211769&bpp=1&bdt=352&idt=504&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2188&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mvOQLe1PIS&p=https%3A//live.hotnewsmm.xyz&dtd=507
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 20 Mar 2023 14:23:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 20 Mar 2023 14:23:32 GMT

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 6BC8 0
0 111ms
33ms Fetch 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kK--FL_6RLQGmAKH-lcYAgAAAM3wNxMKCtkxEGNsGGQWBBJgc8j3mkRvAAASAAAKDkFRVURBUVlCQVFFQkFR&wp=ZBhsZAAFD5AIFWATAA7T1W-rwPL_LrpYBTHHlA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=3673390029&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211769&bpp=1&bdt=352&idt=504&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2188&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mvOQLe1PIS&p=https%3A//live.hotnewsmm.xyz&dtd=507

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:31 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 160650
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 863B 123 KB
44 KB 333ms
166ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBhsZAAFD5AIFWATAA7T1W-rwPL_LrpYBTHHlA&u=%7CgcYhTbAqFn5ztt%2BiaW0RWZUmkkhVQ0xqdQBbHiXlFQw%3D%7C&c1=jWCgqsKSUoVBn20AqVVxCoPRAm90aLzgrVfB2QwD7M7-VvQP7hbx63Ayr2R8qzA_xZLqQBP3g92w3knXhe9dhIszxviH2kvtsfp6VPu5YRoDqxSq5-AbidLshSDf8EZe1FiErS6Ra1Znrx1KZPGfU1aOyNlSetLqTNIEwL58MpSjvuC-cb2fB4-ujtVOmPLoSj_9v5-67-pNJAs4bBTJBXXqKyN3hEINJrsr2t5pXkrQ6wJcHs2-aeT8sTzxdmtYnwQOkaQ2ErolraISRGbZLYGohfBTtPhuDZ_clXNGhiXFIBbbxkvBj6grHDTZnP3sw1fX3XmnjCk30ct8Bt3aV3l7zGcImsHBGYt9pbDzapvSZ3Cw85N0xw8wrI3S2CsZMfhgBMH5UpJNAalQNaOfAl-jMmDNK6dRT_XuFgFc-r65XVe0ukFqEp4hy6c18fJmCjZoZNlrtG3VlWaeW9g3ddvAMr3fnngpuy9FOAY3Eb2AyotFnpWsa4kyJ6ze7WQhmneDavGo7qwUs7Xi0hFBroZA5VjT5aBQfeBdJGtiOwkPXffIJLSz9mTeZpJszz3NYw1uxNm_jtpQwA83jwyjm-TieGL11Ifx-SUWMX6mnKk8S5wP-ev1urXMFUWtaDvSjwVmWJvwCZ8c234myjjhAg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzwJFZGwYZJCfFJPA1fAP1ae7kALkj9KxXP_Q2ZGIAcCNtwEQASAAYKECggEXY2EtcHViLTMwNzM5ODU3MjMwODc2OTXIAQmpAk1vhCkrdLQ-qAMBqgTNAU_Qz7SVCSWAsTxp7gMZB6XjCoNAzdY7KoNAzuQ1_JA_cIQUa8weSYc8n5HcAufY7oL2p4wDEVwuWKdkihBhJAwju10IRNRQPM-Ilnr-JyYJ_XG3vzRwVk8rqx-_BkHWbGxEnJGWSz1El73SubuyLZMocDyd9odAyBtkCft6zDSMGuLkPpnLksFPHZ7kSkIMU0ZAIKYzA77cONPCYaehc8jbhVVZ3TQh7S-er5zK7Y_z6hD1q6bWJkeHJVSXzjSI6EcfyTruNljAOkyxpEyABvyQiqDrgKSC-gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_13oFVONtpaoXd7Sn13Y-Lh4bVdhQ%26client%3Dca-pub-3073985723087695%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=3673390029&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211769&bpp=1&bdt=352&idt=504&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2188&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mvOQLe1PIS&p=https%3A//live.hotnewsmm.xyz&dtd=507

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3eb8f63bc90af0d8d6754cf3c0a7d6ddced9fc7734caeaf3faee8944d1124d44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 14:23:32 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=aHFAAxxXAB2H3k2J6KVUJgB_UzRqLmtPFSY-ORQd7SfZTC0nAWRVUReOeM47qcCQnpuRzx4qV8Tr10OYt-n5kE1yO4E5w9nSqGIENLl1aTz2pbucblaHrdeJQ4rUZOCc3udHopSUl8oelAg54QP5VqNBvpLV6wYLqrNQX9xUDiKSs15Py3mV5ukVimGChEjzkmTeXx-dp1qhhCK7YnnhAMSMgZrEteIkzTnBv7i3xqc5KgSTLoDDMn3q4SCIi-mQruKwEA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 78593766
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/93511984737680329/ Frame A9F0 11 KB
12 KB 173ms
84ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/93511984737680329/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c0664a6ed925e9b0fc6891d739594e645ce446270b376844cfdca802ad6aca9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 02:57:30 GMT
x-content-type-options: nosniff
age: 473162
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11739
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 22:26:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 14 Mar 2024 02:57:30 GMT

GET
H2 200 json Show response
trc.taboola.com/xaluanau-hotnews/trc/3/ 81 KB
22 KB 523ms
510ms XHR
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/xaluanau-hotnews/trc/3/json?tim=14%3A23%3A32.784&lti=deflated&data=%7B%22id%22%3A348%2C%22ii%22%3A%22%2F213581%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1679307739668%2C%22vi%22%3A1679322212781%2C%22cv%22%3A%2220230320-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN%22%2C%22vpi%22%3A%22%2F213581%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A7431%2C%22qs%22%3A%22%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%22%2C%22nsid%22%3A%22xaluanau-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Apub%3Dxaluanau-network%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A5996.0625%2C%22mw%22%3A820%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F213581%2CBelow%20Article%20Thumbnails%3Dalternating-thumbnails-a%3Apub%3Dxaluanau-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230320-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3bc0f977321db7b15e8aed56295feb8dc950978d31670e06937cce5fc5208187

Request headers

Referer: https://live.hotnewsmm.xyz/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 480
date: Mon, 20 Mar 2023 14:23:33 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-lon4239-LON
server: nginx
x-timer: S1679322213.811184,VS0,VE480
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://live.hotnewsmm.xyz
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 1D31 6 KB
745 B 56ms
48ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=2760247701&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211770&bpp=3&bdt=353&idt=532&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=KhSyiZAGtz&p=https%3A//live.hotnewsmm.xyz&dtd=535

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Mar 2023 14:23:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 12:52:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Mar 2023 14:23:32 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 1D31 2 KB
799 B 73ms
65ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=2760247701&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211770&bpp=3&bdt=353&idt=532&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=KhSyiZAGtz&p=https%3A//live.hotnewsmm.xyz&dtd=535

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 13:25:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3457
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Apr 2023 13:25:55 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/ Frame 1D31 22 KB
9 KB 58ms
51ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=2760247701&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211770&bpp=3&bdt=353&idt=532&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=KhSyiZAGtz&p=https%3A//live.hotnewsmm.xyz&dtd=535

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aaaeff283d77d5f0d27c6ae7768ea2bba13a624a99b79208db30e0a7ca2e7c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 15:13:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83421
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9101
x-xss-protection: 0
server: cafe
etag: 583283675565503348
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Apr 2023 15:13:11 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 1D31 3 KB
1 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=2760247701&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211770&bpp=3&bdt=353&idt=532&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=KhSyiZAGtz&p=https%3A//live.hotnewsmm.xyz&dtd=535

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 13:17:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3935
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Apr 2023 13:17:57 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 1D31 20 KB
8 KB 63ms
57ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=2760247701&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211770&bpp=3&bdt=353&idt=532&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=KhSyiZAGtz&p=https%3A//live.hotnewsmm.xyz&dtd=535

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 13:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3458
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8617
x-xss-protection: 0
server: cafe
etag: 263085479041318444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Apr 2023 13:25:54 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1D31 158 KB
48 KB 116ms
110ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=2760247701&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211770&bpp=3&bdt=353&idt=532&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=KhSyiZAGtz&p=https%3A//live.hotnewsmm.xyz&dtd=535

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49519
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678880156327103"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 20 Mar 2023 14:23:32 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1D31 0
0 87ms
86ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C2CYWZGwYZJOoFYvM1fAPgqqpkAbK46TCb9qRiOClEYGA9L7CARABIJHPtSFgu4aAgNAKoAGh2YKZKcgBCakCPoI-J8vxsT6oAwHIA8sEqgTfAU_QXSgXTR4PY2wF2xb91UIwChB7ACq41Vh8L3cxJ2hRHSRrjYmtiP69z4tjStPtRXyxDwG7m3iUP2UeJTermbGZv8j9f_U16XWygKO5Y1h4qGumkAqYHJfWDK-WrjjKuE0ZR95iFPlXXA0hHto5OeZ3YzZb9YhqAl7C_lJz9lFWag_anWs3CSd933XaFvsDa_UX2UnqAQrcLhFWL3TPefnOirz5qyqzm4Fjnl1NDZeel19HVqKstuQDcJz9DbhgFGnVgpB5MvzfGgHJZpJOvEUmdNdI3g37fay56apfXH7ABOen9dioBJIFBAgEGAGSBQQIBRgEoAYugAehkdP4A6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcDEORf0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMM0BUBgBcBshccChoIABIUcHViLTMwNzM5ODU3MjMwODc2OTUYAA&sigh=zfp0CLVwjZ8&uach_m=[UACH]&cid=CAQSGwDUE5ym5SrazoTQ4EdD2H7Hx6xL-rG47uXQeRgB&template_id=484

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=2760247701&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211770&bpp=3&bdt=353&idt=532&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=KhSyiZAGtz&p=https%3A//live.hotnewsmm.xyz&dtd=535

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=2760247701&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211770&bpp=3&bdt=353&idt=532&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=KhSyiZAGtz&p=https%3A//live.hotnewsmm.xyz&dtd=535
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 20 Mar 2023 14:23:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/3827523759880838300/ Frame 1D31 15 KB
15 KB 62ms
61ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3827523759880838300/14763004658117789537?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=2760247701&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211770&bpp=3&bdt=353&idt=532&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=KhSyiZAGtz&p=https%3A//live.hotnewsmm.xyz&dtd=535

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d446fcf37af83e12e12e348cac38d3c910a1269e29ad27da66afcd79eb51ffa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 04:29:04 GMT
x-content-type-options: nosniff
age: 208468
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15112
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 11:59:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 17 Mar 2024 04:29:04 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/1082895842343733766/ Frame 1D31 2 KB
3 KB 73ms
72ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1082895842343733766/14763004658117789537?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=2760247701&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211770&bpp=3&bdt=353&idt=532&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=KhSyiZAGtz&p=https%3A//live.hotnewsmm.xyz&dtd=535

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69e610e63fe0e471f194e35ce48e403148432684e75d4c7e83264fd12e917b97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 17:39:30 GMT
x-content-type-options: nosniff
age: 420242
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2555
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 10:37:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 14 Mar 2024 17:39:30 GMT

GET
H2 200 23cf7cdae9f50ee7270380e7f4964b21.js Show response
www.gstatic.com/mysidia/ Frame 1D31 34 KB
14 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/23cf7cdae9f50ee7270380e7f4964b21.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=2760247701&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211770&bpp=3&bdt=353&idt=532&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=KhSyiZAGtz&p=https%3A//live.hotnewsmm.xyz&dtd=535

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfb251ab625fc65ba9da3b27cc16fc25459480c929e6e8ff1efb2fa87fd72659

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 21:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148206
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14432
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 21:56:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 16 Jun 2023 21:13:26 GMT

GET
H2 200 15224584727255003794
tpc.googlesyndication.com/daca_images/simgad/ Frame CEDF 107 KB
107 KB 66ms
66ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/15224584727255003794

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=808297724&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211773&bpp=1&bdt=356&idt=554&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2809406a65851201-22ee5eaa5edd0034%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MaaXV7gyz5LbaEc46spiLwLQvn9aQ&gpic=UID%3D00000bc97885d817%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MZRRz02Be0AhCo1_BWme-D2xIrL0A&prev_fmts=0x0%2C820x280%2C820x280%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3677&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=4I1Ww6SOuM&p=https%3A//live.hotnewsmm.xyz&dtd=556

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d41f7c34fe91a733b1f7afff4b479b66c5bd119ee46bdb1dbcdef806d7ca3ebe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 05:26:31 GMT
x-content-type-options: nosniff
age: 205021
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109462
x-xss-protection: 0
last-modified: Thu, 16 Mar 2023 07:45:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 17 Mar 2024 05:26:31 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/ Frame CEDF 22 KB
9 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=808297724&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211773&bpp=1&bdt=356&idt=554&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2809406a65851201-22ee5eaa5edd0034%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MaaXV7gyz5LbaEc46spiLwLQvn9aQ&gpic=UID%3D00000bc97885d817%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MZRRz02Be0AhCo1_BWme-D2xIrL0A&prev_fmts=0x0%2C820x280%2C820x280%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3677&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=4I1Ww6SOuM&p=https%3A//live.hotnewsmm.xyz&dtd=556

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aaaeff283d77d5f0d27c6ae7768ea2bba13a624a99b79208db30e0a7ca2e7c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 15:13:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83421
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9101
x-xss-protection: 0
server: cafe
etag: 583283675565503348
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Apr 2023 15:13:11 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame CEDF 3 KB
1 KB 103ms
102ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=808297724&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211773&bpp=1&bdt=356&idt=554&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2809406a65851201-22ee5eaa5edd0034%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MaaXV7gyz5LbaEc46spiLwLQvn9aQ&gpic=UID%3D00000bc97885d817%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MZRRz02Be0AhCo1_BWme-D2xIrL0A&prev_fmts=0x0%2C820x280%2C820x280%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3677&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=4I1Ww6SOuM&p=https%3A//live.hotnewsmm.xyz&dtd=556

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 13:17:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3935
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Apr 2023 13:17:57 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame CEDF 20 KB
8 KB 101ms
100ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=808297724&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211773&bpp=1&bdt=356&idt=554&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2809406a65851201-22ee5eaa5edd0034%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MaaXV7gyz5LbaEc46spiLwLQvn9aQ&gpic=UID%3D00000bc97885d817%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MZRRz02Be0AhCo1_BWme-D2xIrL0A&prev_fmts=0x0%2C820x280%2C820x280%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3677&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=4I1Ww6SOuM&p=https%3A//live.hotnewsmm.xyz&dtd=556

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 13:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3458
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8617
x-xss-protection: 0
server: cafe
etag: 263085479041318444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Apr 2023 13:25:54 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CEDF 158 KB
48 KB 107ms
106ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=808297724&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211773&bpp=1&bdt=356&idt=554&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2809406a65851201-22ee5eaa5edd0034%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MaaXV7gyz5LbaEc46spiLwLQvn9aQ&gpic=UID%3D00000bc97885d817%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MZRRz02Be0AhCo1_BWme-D2xIrL0A&prev_fmts=0x0%2C820x280%2C820x280%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3677&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=4I1Ww6SOuM&p=https%3A//live.hotnewsmm.xyz&dtd=556

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49519
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678880156327103"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 20 Mar 2023 14:23:32 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame CEDF 34 KB
14 KB 104ms
103ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=808297724&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211773&bpp=1&bdt=356&idt=554&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2809406a65851201-22ee5eaa5edd0034%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MaaXV7gyz5LbaEc46spiLwLQvn9aQ&gpic=UID%3D00000bc97885d817%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MZRRz02Be0AhCo1_BWme-D2xIrL0A&prev_fmts=0x0%2C820x280%2C820x280%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3677&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=4I1Ww6SOuM&p=https%3A//live.hotnewsmm.xyz&dtd=556

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b21d3c84a56e96a787129c9b016a36df3ee65aadec3d5c693c5e88eb808e76de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 13:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3458
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13869
x-xss-protection: 0
server: cafe
etag: 12751962951837030032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Apr 2023 13:25:54 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame CEDF 0
0 88ms
87ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CcINVZGwYZIqfF5GT1fAP5KWFqAG-tvi9b_u094eZEfuh_PXVNRABIJHPtSFgu4aAgNAKoAGBoaS5KMgBAqgDAcgDyQSqBNoBT9BT8pjmy4kTKtccgw4cXEbnU7HbUZeluE-27bVvFAhIntRpoLJxjA-eQKNTbgwOq7NnrFaf2UMOclzJ7PMk9Ik1eSXHx3ocWjvwIofEp1dfH3iLeIo-xohA3uOb-Zu3NMNnFYbspNSmgyhrVQHkgl4GooY29XM4eYv-UWZKApb-W7ZEtTBksujtDnla0Zlk8NL8grDEOJN00gUVoY3h1MZmLKyqY0D1bh4wkL231B02OsDkWwurfLGZYk5_DVfBfjglFW5LFZJduTimB-kpxkrz5yRZZ-eNpFPABPOY2-iuBJIFBAgEGAGSBQQIBRgEoAYCgAeB2fSYA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEO-SAdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMM0BUBmBYBgBcBshccChoIABIUcHViLTMwNzM5ODU3MjMwODc2OTUYAA&sigh=jSzB9HPs3N4&uach_m=[UACH]&cid=CAQSSwDUE5ymteFpxk4J-uNd7Wdsq8RtHMFSZNOn5T4tQ-yaVP8R4dSCaFsva7c2ncZu5Y9hc_BdCv2OpzUtJVq-533M62ImwG6-vsqVphgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=808297724&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211773&bpp=1&bdt=356&idt=554&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2809406a65851201-22ee5eaa5edd0034%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MaaXV7gyz5LbaEc46spiLwLQvn9aQ&gpic=UID%3D00000bc97885d817%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MZRRz02Be0AhCo1_BWme-D2xIrL0A&prev_fmts=0x0%2C820x280%2C820x280%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3677&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=4I1Ww6SOuM&p=https%3A//live.hotnewsmm.xyz&dtd=556

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=808297724&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211773&bpp=1&bdt=356&idt=554&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2809406a65851201-22ee5eaa5edd0034%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MaaXV7gyz5LbaEc46spiLwLQvn9aQ&gpic=UID%3D00000bc97885d817%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MZRRz02Be0AhCo1_BWme-D2xIrL0A&prev_fmts=0x0%2C820x280%2C820x280%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3677&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=4I1Ww6SOuM&p=https%3A//live.hotnewsmm.xyz&dtd=556
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 20 Mar 2023 14:23:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A9F0 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 24e9c0a2c28d7d47264d174392bc87da4477b613e48d05828b578373cb267708

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6BC8 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01def5089442d635c894f137b8303b065e073f6f9d062ad3d5cb7607526d3666

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1D31 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6335371655876fd9d72874902a9be510c002b9b9b7aaf424702603a9b404663e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EFAA 143 B
166 B 42ms
42ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=808297724&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211773&bpp=1&bdt=356&idt=554&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2809406a65851201-22ee5eaa5edd0034%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MaaXV7gyz5LbaEc46spiLwLQvn9aQ&gpic=UID%3D00000bc97885d817%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MZRRz02Be0AhCo1_BWme-D2xIrL0A&prev_fmts=0x0%2C820x280%2C820x280%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3677&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=4I1Ww6SOuM&p=https%3A//live.hotnewsmm.xyz&dtd=556

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=808297724&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211773&bpp=1&bdt=356&idt=554&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2809406a65851201-22ee5eaa5edd0034%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MaaXV7gyz5LbaEc46spiLwLQvn9aQ&gpic=UID%3D00000bc97885d817%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MZRRz02Be0AhCo1_BWme-D2xIrL0A&prev_fmts=0x0%2C820x280%2C820x280%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3677&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=4I1Ww6SOuM&p=https%3A//live.hotnewsmm.xyz&dtd=556
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 1610
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 13:56:42 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A9F0 15 KB
16 KB 138ms
43ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 08:06:08 GMT
x-content-type-options: nosniff
age: 281845
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Mar 2024 08:06:08 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A9F0 15 KB
15 KB 148ms
54ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 23:09:06 GMT
x-content-type-options: nosniff
age: 314067
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Mar 2024 23:09:06 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A9F0 15 KB
15 KB 196ms
104ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 14:05:36 GMT
x-content-type-options: nosniff
age: 346677
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Mar 2024 14:05:36 GMT

GET
H3 200 n7KdSiWJFgbDLHajlxoGzrM9J1DJZleIE0kt7I04uFE.js Show response
pagead2.googlesyndication.com/bg/ Frame 2592 36 KB
14 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/n7KdSiWJFgbDLHajlxoGzrM9J1DJZleIE0kt7I04uFE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fb29d4a25891606c32c76a3971a06ceb33d2750c966578813492dec8d38b851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 10:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 187812
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14330
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 17 Mar 2024 10:13:21 GMT

GET
DATA 200
OK truncated
/ Frame CEDF 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9242977ce2032fc467c6b4a6eafdf140805193c44be7e51b7aeb10c7e4f5e927

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 863B 2 KB
1 KB 112ms
39ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBhsZAAFD5AIFWATAA7T1W-rwPL_LrpYBTHHlA&u=%7CgcYhTbAqFn5ztt%2BiaW0RWZUmkkhVQ0xqdQBbHiXlFQw%3D%7C&c1=jWCgqsKSUoVBn20AqVVxCoPRAm90aLzgrVfB2QwD7M7-VvQP7hbx63Ayr2R8qzA_xZLqQBP3g92w3knXhe9dhIszxviH2kvtsfp6VPu5YRoDqxSq5-AbidLshSDf8EZe1FiErS6Ra1Znrx1KZPGfU1aOyNlSetLqTNIEwL58MpSjvuC-cb2fB4-ujtVOmPLoSj_9v5-67-pNJAs4bBTJBXXqKyN3hEINJrsr2t5pXkrQ6wJcHs2-aeT8sTzxdmtYnwQOkaQ2ErolraISRGbZLYGohfBTtPhuDZ_clXNGhiXFIBbbxkvBj6grHDTZnP3sw1fX3XmnjCk30ct8Bt3aV3l7zGcImsHBGYt9pbDzapvSZ3Cw85N0xw8wrI3S2CsZMfhgBMH5UpJNAalQNaOfAl-jMmDNK6dRT_XuFgFc-r65XVe0ukFqEp4hy6c18fJmCjZoZNlrtG3VlWaeW9g3ddvAMr3fnngpuy9FOAY3Eb2AyotFnpWsa4kyJ6ze7WQhmneDavGo7qwUs7Xi0hFBroZA5VjT5aBQfeBdJGtiOwkPXffIJLSz9mTeZpJszz3NYw1uxNm_jtpQwA83jwyjm-TieGL11Ifx-SUWMX6mnKk8S5wP-ev1urXMFUWtaDvSjwVmWJvwCZ8c234myjjhAg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzwJFZGwYZJCfFJPA1fAP1ae7kALkj9KxXP_Q2ZGIAcCNtwEQASAAYKECggEXY2EtcHViLTMwNzM5ODU3MjMwODc2OTXIAQmpAk1vhCkrdLQ-qAMBqgTNAU_Qz7SVCSWAsTxp7gMZB6XjCoNAzdY7KoNAzuQ1_JA_cIQUa8weSYc8n5HcAufY7oL2p4wDEVwuWKdkihBhJAwju10IRNRQPM-Ilnr-JyYJ_XG3vzRwVk8rqx-_BkHWbGxEnJGWSz1El73SubuyLZMocDyd9odAyBtkCft6zDSMGuLkPpnLksFPHZ7kSkIMU0ZAIKYzA77cONPCYaehc8jbhVVZ3TQh7S-er5zK7Y_z6hD1q6bWJkeHJVSXzjSI6EcfyTruNljAOkyxpEyABvyQiqDrgKSC-gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_13oFVONtpaoXd7Sn13Y-Lh4bVdhQ%26client%3Dca-pub-3073985723087695%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 14 Mar 2024 14:23:33 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 863B 2 KB
1 KB 113ms
40ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 14 Mar 2024 14:23:33 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 863B 308 B
637 B 87ms
36ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 14 Mar 2024 14:23:33 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 863B 293 B
621 B 90ms
39ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 14 Mar 2024 14:23:33 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame 863B 43 B
348 B 166ms
84ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=zGtEdI9UUlA9jIVHrTzrKwYNhUt8MbnCgCGUvlyS4Wmu2GtyRwYfa-goEsaCRZYKamYGQClslA_tsMYxoJZ1h_XsY_vs6A_ZnJAHu3rWRj4nwOj0_IwvOBQZLqeLIfNxA54qks8IIU_oHRInM9lNmihzKGHzfOKX9Uqwm_Ry-CKVLSaEon9fqSMX-7aTUBVC1gXT0Izf2dGb90dufoXOEAvqfEdzyaXedTwPq0nsw69cms5GPF3JuvRZCGuiscfEJtNk5y9zU9_9zd-_2jWlCV7Sla2-sd7dNFDraqlPgosp6qT-z7PareKYc-5P7S1qw253HB1rnYFISH7DyPH5OZsCiJPv0oL59u7Y4ZDqQzw03OhdkSVy54jT4o8EHW6w8GRdg_nV74F200QDS7yAgumuHAgKlNRqNX9TWdAEaqLg0y_sz33uNfNEwjTsnTLLf2gIBg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 14:23:32 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2801738
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1D31 15 KB
15 KB 123ms
119ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 23:09:06 GMT
x-content-type-options: nosniff
age: 314067
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Mar 2024 23:09:06 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1D31 15 KB
16 KB 92ms
88ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 08:06:08 GMT
x-content-type-options: nosniff
age: 281845
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Mar 2024 08:06:08 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1D31 15 KB
15 KB 133ms
130ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 14:05:36 GMT
x-content-type-options: nosniff
age: 346677
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Mar 2024 14:05:36 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 863B 12 KB
5 KB 102ms
38ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 307176
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u8bpwHnkwZ3aK3WPyHSD5WAjv1ywG64dZofTeq36FWBqCtlJe894HNaV%2BuX%2BdkHmoc3xj7Z21ptG90bwIoDyl3PMVDLy6Sc2gH2ZoiDLV5Y7HhJoGS9EyJ6H80T4uYNq%2FJKPC2GBuEvLu2xIfAox0lmS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7aae9d183e4add4c-LHR
expires: Sat, 09 Mar 2024 14:23:33 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EFAA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

58ms
58ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=808297724&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211773&bpp=1&bdt=356&idt=554&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2809406a65851201-22ee5eaa5edd0034%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MaaXV7gyz5LbaEc46spiLwLQvn9aQ&gpic=UID%3D00000bc97885d817%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MZRRz02Be0AhCo1_BWme-D2xIrL0A&prev_fmts=0x0%2C820x280%2C820x280%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3677&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=4I1Ww6SOuM&p=https%3A//live.hotnewsmm.xyz&dtd=556

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 14:23:33 GMT
expires: Mon, 20 Mar 2023 14:23:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 14:23:33 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 n7KdSiWJFgbDLHajlxoGzrM9J1DJZleIE0kt7I04uFE.js Show response
pagead2.googlesyndication.com/bg/ Frame 6B0D 36 KB
14 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/n7KdSiWJFgbDLHajlxoGzrM9J1DJZleIE0kt7I04uFE.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=2760247701&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211770&bpp=3&bdt=353&idt=532&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=KhSyiZAGtz&p=https%3A//live.hotnewsmm.xyz&dtd=535

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fb29d4a25891606c32c76a3971a06ceb33d2750c966578813492dec8d38b851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 10:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 187812
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14330
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 17 Mar 2024 10:13:21 GMT

GET
H2 200 3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff
static.criteo.net/design/dt/ Frame 863B 68 KB
68 KB 140ms
69ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b40ed885c6eabc68309c7e3377008ec3aaba2add66e43fcf6fc2851cdc6a2f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 29 Jul 2021 10:27:15 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"61028283-10ec0"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 14 Mar 2024 14:23:33 GMT

GET
H2 200 e228b6a4e90947dcaf6c5ad0025ee925_skyscannerrelative-bold.woff
static.criteo.net/design/dt/ Frame 863B 68 KB
68 KB 143ms
73ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/e228b6a4e90947dcaf6c5ad0025ee925_skyscannerrelative-bold.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

9cb93fc023cca355260310e41056be397ecad26f94a578c5b147762b40fc6d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 29 Jul 2021 10:27:15 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"61028283-10f14"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 14 Mar 2024 14:23:33 GMT

GET
H3 200 5171587519327469232
tpc.googlesyndication.com/daca_images/simgad/ Frame 15C2 77 KB
77 KB 44ms
44ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/5171587519327469232

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=600&slotname=4969152155&adk=4189332658&adf=1502878857&pi=t.ma~as.4969152155&w=260&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=260x600&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211778&bpp=1&bdt=361&idt=624&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2809406a65851201-22ee5eaa5edd0034%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MaaXV7gyz5LbaEc46spiLwLQvn9aQ&gpic=UID%3D00000bc97885d817%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MZRRz02Be0AhCo1_BWme-D2xIrL0A&prev_fmts=0x0%2C820x280%2C820x280%2C820x280%2C820x280%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=10&uci=a!a&fsb=1&xpc=PwEDiN2LNg&p=https%3A//live.hotnewsmm.xyz&dtd=628

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

205758cecf2805a935a8e97b23d97c8c2cc4e75aba61486c1805e3f8b1998ce5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 07:12:12 GMT
x-content-type-options: nosniff
age: 371481
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78837
x-xss-protection: 0
last-modified: Mon, 26 Dec 2022 06:28:55 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 15 Mar 2024 07:12:12 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/ Frame 15C2 22 KB
9 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aaaeff283d77d5f0d27c6ae7768ea2bba13a624a99b79208db30e0a7ca2e7c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 15:13:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83422
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9101
x-xss-protection: 0
server: cafe
etag: 583283675565503348
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Apr 2023 15:13:11 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 15C2 3 KB
1 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 13:17:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3936
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Apr 2023 13:17:57 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 15C2 20 KB
8 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 13:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3459
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8617
x-xss-protection: 0
server: cafe
etag: 263085479041318444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Apr 2023 13:25:54 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 15C2 158 KB
48 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49519
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678880156327103"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 20 Mar 2023 14:23:33 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 15C2 34 KB
14 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b21d3c84a56e96a787129c9b016a36df3ee65aadec3d5c693c5e88eb808e76de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 13:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3459
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13869
x-xss-protection: 0
server: cafe
etag: 12751962951837030032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Apr 2023 13:25:54 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 863B 12 KB
6 KB 45ms
44ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 14 Mar 2024 14:23:33 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 863B 32 KB
32 KB 511ms
215ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=2936&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2936%2F210730%2Fbe53d1bbba0c42199696a0e018949b0c_img_square_1.jpg.jpg&v=3&w=1200&s=TujH_4C7z9g0rk7b8Uggx-8W

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

326095055f1bf218098d0b15d5f2fd61eba1e0392ae3ef16ee62dede80c31ab2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29008583
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 32584
expires: Mon, 19 Feb 2024 08:19:57 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 863B 0
128 B 623ms
456ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=aHFAAxxXAB2H3k2J6KVUJgB_UzRqLmtPFSY-ORQd7SfZTC0nAWRVUReOeM47qcCQnpuRzx4qV8Tr10OYt-n5kE1yO4E5w9nSqGIENLl1aTz2pbucblaHrdeJQ4rUZOCc3udHopSUl8oelAg54QP5VqNBvpLV6wYLqrNQX9xUDiKSs15Py3mV5ukVimGChEjzkmTeXx-dp1qhhCK7YnnhAMSMgZrEteIkzTnBv7i3xqc5KgSTLoDDMn3q4SCIi-mQruKwEA&sds=2&rev=85089&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 20 Mar 2023 14:23:32 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 863B 2 KB
1 KB 36ms
35ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 14 Mar 2024 14:23:33 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 863B 2 KB
1 KB 37ms
36ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 14 Mar 2024 14:23:33 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 15C2 0
0 87ms
86ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CbyaJZGwYZJO5H-KftOUP3ceC6Ae-tvi9b8KZiIG6Eej-oPDKOBABIJHPtSFgu4aAgNAKoAGBoaS5KMgBAqgDAcgDyQSqBNoBT9BVSVRY36Q5z9Tj2SK39LfVPuPLVtrpGR4w5crwNGtRegGA_dl3zAf5edC5FRuwsavfF2nPLO-B09z4lLSRn3fnE8YCWXdkbXuzSJHUbWeD-YCDnmeCavmWmSeA0XKhXvkynzI_S1v_WKAN0gGCwMEbPE6l8SDH02yfa3qCrfBhPF3M-YD26eG6QANgofE7lI8NhRve2PGCasjPsuPb6mCtuoRgaNUS5NBSV0Z6v6nGHtjON1mWcZU1AtCs8fEnalV_WIQrXz0am6SPJI4l4RlGPQhaMsV1f4zABN2Vh8ScBJIFBAgEGAGSBQQIBRgEoAYCgAeB2fSYA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcDELt30ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItMzA3Mzk4NTcyMzA4NzY5NRgA&sigh=QtL0ICfkDOI&uach_m=[UACH]&cid=CAQSSwDUE5ymNSPzznuJD1wQDiZVR7h43pk8_mxieh7BSxGu3dGk1NPISQwMEYjffodS3BtErfj8onIcmlIMsHAXqitOGCUyGZE5AtEEHRgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=600&slotname=4969152155&adk=4189332658&adf=1502878857&pi=t.ma~as.4969152155&w=260&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=260x600&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211778&bpp=1&bdt=361&idt=624&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2809406a65851201-22ee5eaa5edd0034%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MaaXV7gyz5LbaEc46spiLwLQvn9aQ&gpic=UID%3D00000bc97885d817%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MZRRz02Be0AhCo1_BWme-D2xIrL0A&prev_fmts=0x0%2C820x280%2C820x280%2C820x280%2C820x280%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=10&uci=a!a&fsb=1&xpc=PwEDiN2LNg&p=https%3A//live.hotnewsmm.xyz&dtd=628
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 20 Mar 2023 14:23:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame D89F 0
54 B 119ms
118ms Ping
image/gif 2607:f8b0:4002:c09::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lfgx3449&c=3143030458980&slotId=1571515229490&ghmsh_eids=44748969%2C44750824%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&vast_v=4.0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.563.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4002:c09::78 Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 14:23:33 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif Show response
ad.vidverto.io/vidverto/test/ Frame D89F 42 B
175 B 110ms
36ms Fetch
image/gif 190.2.153.150
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.563.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.153.150 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:33 GMT
last-modified: Mon, 26 Oct 2020 16:14:05 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5f96f5cd-2a"
content-length: 42
content-type: image/gif

POST
H2 204 csi
csi.gstatic.com/ Frame D89F 0
45 B 119ms
119ms Ping
image/gif 2607:f8b0:4002:c09::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lfgx34mw&c=3143030458980&slotId=1571515229490&faa=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.563.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4002:c09::78 Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 14:23:33 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif Show response
ad.vidverto.io/vidverto/test/ Frame D89F 42 B
174 B 49ms
36ms Fetch
image/gif 190.2.153.150
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.563.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.153.150 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:33 GMT
last-modified: Mon, 26 Oct 2020 16:14:05 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5f96f5cd-2a"
content-length: 42
content-type: image/gif

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2326 143 B
166 B 42ms
42ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=600&slotname=4969152155&adk=4189332658&adf=1502878857&pi=t.ma~as.4969152155&w=260&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=260x600&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211778&bpp=1&bdt=361&idt=624&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2809406a65851201-22ee5eaa5edd0034%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MaaXV7gyz5LbaEc46spiLwLQvn9aQ&gpic=UID%3D00000bc97885d817%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MZRRz02Be0AhCo1_BWme-D2xIrL0A&prev_fmts=0x0%2C820x280%2C820x280%2C820x280%2C820x280%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=10&uci=a!a&fsb=1&xpc=PwEDiN2LNg&p=https%3A//live.hotnewsmm.xyz&dtd=628
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 1611
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 13:56:42 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 15C2 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52bf9c4e2d9b966a5085356b55004db40ed02213f7292516290290f2e22df4ef

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 4601 67 B
91 B 43ms
42ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=1862173523&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211774&bpp=1&bdt=357&idt=565&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2809406a65851201-22ee5eaa5edd0034%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MaaXV7gyz5LbaEc46spiLwLQvn9aQ&gpic=UID%3D00000bc97885d817%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MZRRz02Be0AhCo1_BWme-D2xIrL0A&prev_fmts=0x0%2C820x280%2C820x280%2C820x280%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=4143&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=2lCmE2ilsL&p=https%3A//live.hotnewsmm.xyz&dtd=569

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:23:49 GMT
x-content-type-options: nosniff
server: cafe
age: 46784
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67
x-xss-protection: 0
expires: Tue, 21 Mar 2023 01:23:49 GMT

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/3.9.9/ 111 KB
31 KB 31ms
30ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/3.9.9/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230320-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c0a7b78b741975a40bcc99c4b89e39855248aa76b3c8d639c8dc39245ebe1441

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:33 GMT
via: 1.1 905eac6c91c9858bd0f20b56e9c842d4.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: LHR50-P1
age: 1311505
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront, HIT
content-length: 30995
x-served-by: cache-lon4239-LON
last-modified: Sun, 05 Mar 2023 10:04:45 GMT
server: AmazonS3
x-timer: S1679322213.358154,VS0,VE0
etag: "c04a240008c67910556582d1bf159ad7"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: UuaXl_Gja7NcvGvyE4w5svG1DZeu1bTe1pQDedjt8zQnQVYC2tOsdw==
x-cache-hits: 41844

GET
H2 200 feed-card-placeholder.20230320-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 34ms
33ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20230320-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/xaluanau-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c33efaa4f69ab159c9ebaafa59ed6921113646d0e745c40b4eb2069113ffa3b5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: SfWv_VJFA4YaepqFogPfgNwCG2IgwFaZ
content-encoding: gzip
via: 1.1 varnish
date: Mon, 20 Mar 2023 14:23:33 GMT
x-amz-request-id: 3083AX81W3GH8XBK
age: 7988
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1261
x-amz-id-2: jSPBJfMn0ej+KK76/0spHnjRJ5YW1Bk7/E7iz8pdZCdGBRw2TOnuroZ4BH5Rcr4Mov7Szbhr44E=
x-served-by: cache-lon4239-LON
last-modified: Mon, 20 Mar 2023 12:10:26 GMT
server: AmazonS3
x-timer: S1679322213.358921,VS0,VE0
etag: "ccf0e0cf037297ac43ba7a07432248bd"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 48
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 7821

GET
H2 200 userx.20230320-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 31ms
30ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20230320-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/xaluanau-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 130c0d87b30a22be4794319cba3126d6fb3981d4500494c4646669d8ef9fb1c7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: VCEliMk51iNWV8p7x_sojUlxFZFUKYbW
content-encoding: gzip
via: 1.1 varnish
date: Mon, 20 Mar 2023 14:23:33 GMT
x-amz-request-id: 2EV8P9724J3E9ADT
age: 7962
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5398
x-amz-id-2: BcriUBac+D2E0c5eU8oms/p/OSmBBO8tA6SZWcknH52BHw8j+y6FYxcQL1Wn5DFBqStZqJ3c4+E=
x-served-by: cache-lon4239-LON
last-modified: Mon, 20 Mar 2023 12:10:52 GMT
server: AmazonS3
x-timer: S1679322213.369193,VS0,VE0
etag: "0ad0c5abd8df940bc312e4034c1dacc1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 48
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 1625

GET
H2 200 cta-component.20230320-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 19 KB
5 KB 31ms
30ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/cta-component.20230320-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/xaluanau-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0a59a09d0828c191b5e9b3532bf82e8ee85a32cd258a44ed0c3366426ce5b18d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: FXtvk6._ljVaAVFkCny.eC6m1pUI1sVW
content-encoding: gzip
via: 1.1 varnish
date: Mon, 20 Mar 2023 14:23:33 GMT
x-amz-request-id: FCBCJE43SRWQA9ZZ
age: 7993
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4737
x-amz-id-2: gbseIoyicQ8MRAQHJfEJDeJfeBOrqg2CP/hzYz+XGSFk05ohZCCsnz+IY/HkGFwBmNtsuWzJBSd90TxhAb7ALQ==
x-served-by: cache-lon4239-LON
last-modified: Mon, 20 Mar 2023 12:10:20 GMT
server: AmazonS3
x-timer: S1679322213.373441,VS0,VE0
etag: "512b83ef96978ee05f67f87ca888efeb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 48
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 7240

GET
H2 200 explore-more.20230320-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 25 KB
7 KB 30ms
30ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/explore-more.20230320-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/xaluanau-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 854a296202cdd5d0b84e39db04abcdfa71561e9714199827417dd79857d3d244

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: U.RymQhCHGz22I1r7yv1pH89jAvDht0w
content-encoding: gzip
via: 1.1 varnish
date: Mon, 20 Mar 2023 14:23:33 GMT
x-amz-request-id: NB030ZAWWSQDA6CC
age: 7990
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 7274
x-amz-id-2: 3cDv7dzt4I51lQ4x6D/sTtrM4vUPAIBDoaM/wXqcXbpeAMHN9/oFTmL/wjwhXC/IoAVuerkK06A=
x-served-by: cache-lon4239-LON
last-modified: Mon, 20 Mar 2023 12:10:24 GMT
server: AmazonS3
x-timer: S1679322213.378322,VS0,VE0
etag: "12622f42f52608885e0161ec5cce9c73"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 48
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 3911

GET
H2 204 abtests
am-trc-events.taboola.com/xaluanau-hotnews/log/3/ 0
231 B 355ms
164ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/xaluanau-hotnews/log/3/abtests?route=AM:AM:V&lti=deflated&ri=669d3e2619cf5123c8b55e50cb4433c2&sd=v2_e3ef93ae59f12b21cee80c04ec52200b_dd902385-503c-48d8-955a-d32a64ee1914-tuctb11f1e4_1679322212_1679322212_CNawjgYQyp5cGK3TnfvvMCABKAEwTTin8g1Aso0QSJik2ANQ____________AVgAYABo6t-6o5P9iuX9AXAA&ui=dd902385-503c-48d8-955a-d32a64ee1914-tuctb11f1e4&pi=/213581&wi=7741171228636352255&pt=text&vi=1679322212781&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1679322213351%7D&tim=14%3A23%3A33.351&id=873&llvl=2&cv=20230320-7-RELEASE&
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 20 Mar 2023 14:23:33 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
am-trc-events.taboola.com/xaluanau-hotnews/log/3/ 0
230 B 356ms
164ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/xaluanau-hotnews/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=669d3e2619cf5123c8b55e50cb4433c2&sd=v2_e3ef93ae59f12b21cee80c04ec52200b_dd902385-503c-48d8-955a-d32a64ee1914-tuctb11f1e4_1679322212_1679322212_CNawjgYQyp5cGK3TnfvvMCABKAEwTTin8g1Aso0QSJik2ANQ____________AVgAYABo6t-6o5P9iuX9AXAA&ui=dd902385-503c-48d8-955a-d32a64ee1914-tuctb11f1e4&pi=/213581&wi=7741171228636352255&pt=text&vi=1679322212781&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=14%3A23%3A33.364&id=9805&llvl=2&cv=20230320-7-RELEASE&
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 20 Mar 2023 14:23:33 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 30ms
30ms Image
image/svg+xml 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
via: 1.1 varnish
date: Mon, 20 Mar 2023 14:23:33 GMT
x-amz-request-id: Z9Y9D6Q2GJGDCZFA
age: 4
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: XoTSJGbHITPP0l87WUpKCcbnoHhmUX4d1cu23ywf+GH8tyUSOG+WpMSKar4hMnKxQnjglr8DRc8=
x-served-by: cache-lon4239-LON
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-timer: S1679322213.404876,VS0,VE0
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 48
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 8

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17171710418869759677/ Frame 01BB 101 KB
20 KB 42ms
42ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17171710418869759677/index.html

Requested by

Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58d1a7f9162a96349d53823a2c6b388fd906f57d3fcdb857d951fa3380bcd629

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 378760
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 20618
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Mar 2023 05:10:53 GMT
expires: Fri, 15 Mar 2024 05:10:53 GMT
last-modified: Wed, 01 Mar 2023 11:56:59 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 01DA 0
0 86ms
86ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cay6QZGwYZIX4F6eI1fAPhPWasALe-6_hbrD39Z-0EdvZHhABIJHPtSFgu4aAgNAKoAHo8_ecA8gBCakCovHNzpuBtD6oAwHIA0iqBNMBT9CRWKWvAn7pTDHOp6u7w_EW5EC4S6M3KEC-9uS2zttGOWbBwjsepg9j8Is-f0Au9NuWw1-wM5_2LNTtaMSkiWHzpiwH5BcqFic7hS5eqTPqc-89n7FklbjtcSq0KH8aRRbRyawqpCogKAxZxcBEgcxZ5dx2Ef92DqIBL39PYgZDGkKhi3YTeMoR-86fG4dKunnK8r4G3wgIzK2pQCPtuQ9t-cawroikIFBddY-yEFYGUkn5xGZprn6-qJlPRv9DbJOEhxB-BDmC6ww6S4x3Nhfd8sAE-fmR7_EDkgUECAQYAZIFBAgFGASgBi6AB4CMiGOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDY5wTSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDIgUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0zMDczOTg1NzIzMDg3Njk1GAA&sigh=kui0z3G7zvk&uach_m=[UACH]&cid=CAQSSwDUE5ym2Nd83t0eY33r1f-J_XMu41HV9KqthFr0rQl646-NLX6cA1sFuF89eR0fao-WRiheUh5QOFTECNRESKM9oSAR_kroSVsxXxgB&template_id=419

Requested by

Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=1862173523&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211774&bpp=1&bdt=357&idt=565&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2809406a65851201-22ee5eaa5edd0034%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MaaXV7gyz5LbaEc46spiLwLQvn9aQ&gpic=UID%3D00000bc97885d817%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MZRRz02Be0AhCo1_BWme-D2xIrL0A&prev_fmts=0x0%2C820x280%2C820x280%2C820x280%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=4143&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=2lCmE2ilsL&p=https%3A//live.hotnewsmm.xyz&dtd=569
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 20 Mar 2023 14:23:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/ Frame 01DA 22 KB
9 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=1862173523&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211774&bpp=1&bdt=357&idt=565&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2809406a65851201-22ee5eaa5edd0034%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MaaXV7gyz5LbaEc46spiLwLQvn9aQ&gpic=UID%3D00000bc97885d817%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MZRRz02Be0AhCo1_BWme-D2xIrL0A&prev_fmts=0x0%2C820x280%2C820x280%2C820x280%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=4143&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=2lCmE2ilsL&p=https%3A//live.hotnewsmm.xyz&dtd=569

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aaaeff283d77d5f0d27c6ae7768ea2bba13a624a99b79208db30e0a7ca2e7c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 15:13:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83422
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9101
x-xss-protection: 0
server: cafe
etag: 583283675565503348
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Apr 2023 15:13:11 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 01DA 3 KB
1 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=1862173523&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211774&bpp=1&bdt=357&idt=565&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2809406a65851201-22ee5eaa5edd0034%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MaaXV7gyz5LbaEc46spiLwLQvn9aQ&gpic=UID%3D00000bc97885d817%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MZRRz02Be0AhCo1_BWme-D2xIrL0A&prev_fmts=0x0%2C820x280%2C820x280%2C820x280%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=4143&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=2lCmE2ilsL&p=https%3A//live.hotnewsmm.xyz&dtd=569

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 13:17:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3936
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Apr 2023 13:17:57 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 01DA 20 KB
8 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=1862173523&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211774&bpp=1&bdt=357&idt=565&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2809406a65851201-22ee5eaa5edd0034%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MaaXV7gyz5LbaEc46spiLwLQvn9aQ&gpic=UID%3D00000bc97885d817%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MZRRz02Be0AhCo1_BWme-D2xIrL0A&prev_fmts=0x0%2C820x280%2C820x280%2C820x280%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=4143&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=2lCmE2ilsL&p=https%3A//live.hotnewsmm.xyz&dtd=569

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 13:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3459
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8617
x-xss-protection: 0
server: cafe
etag: 263085479041318444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Apr 2023 13:25:54 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 01DA 158 KB
48 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=1862173523&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211774&bpp=1&bdt=357&idt=565&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2809406a65851201-22ee5eaa5edd0034%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MaaXV7gyz5LbaEc46spiLwLQvn9aQ&gpic=UID%3D00000bc97885d817%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MZRRz02Be0AhCo1_BWme-D2xIrL0A&prev_fmts=0x0%2C820x280%2C820x280%2C820x280%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=4143&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=2lCmE2ilsL&p=https%3A//live.hotnewsmm.xyz&dtd=569

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49519
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678880156327103"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 20 Mar 2023 14:23:33 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E2BD 8 KB
991 B 52ms
51ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=3328342826&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211765&bpp=3&bdt=348&idt=400&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9UAp0hnqxg&p=https%3A//live.hotnewsmm.xyz&dtd=407

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Mar 2023 14:23:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 13:35:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Mar 2023 14:23:33 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame E2BD 2 KB
765 B 42ms
42ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=3328342826&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211765&bpp=3&bdt=348&idt=400&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9UAp0hnqxg&p=https%3A//live.hotnewsmm.xyz&dtd=407

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 13:25:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3458
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Apr 2023 13:25:55 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/ Frame E2BD 22 KB
9 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=3328342826&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211765&bpp=3&bdt=348&idt=400&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9UAp0hnqxg&p=https%3A//live.hotnewsmm.xyz&dtd=407

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aaaeff283d77d5f0d27c6ae7768ea2bba13a624a99b79208db30e0a7ca2e7c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 15:13:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83422
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9101
x-xss-protection: 0
server: cafe
etag: 583283675565503348
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Apr 2023 15:13:11 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame E2BD 3 KB
1 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=3328342826&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211765&bpp=3&bdt=348&idt=400&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9UAp0hnqxg&p=https%3A//live.hotnewsmm.xyz&dtd=407

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 13:17:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3936
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Apr 2023 13:17:57 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame E2BD 20 KB
8 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=3328342826&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211765&bpp=3&bdt=348&idt=400&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9UAp0hnqxg&p=https%3A//live.hotnewsmm.xyz&dtd=407

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 13:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3459
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8617
x-xss-protection: 0
server: cafe
etag: 263085479041318444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Apr 2023 13:25:54 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E2BD 158 KB
48 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=3328342826&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211765&bpp=3&bdt=348&idt=400&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9UAp0hnqxg&p=https%3A//live.hotnewsmm.xyz&dtd=407

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49519
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678880156327103"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 20 Mar 2023 14:23:33 GMT

GET
H3 200 cbfababd91166e5076a7e33bfb78f317.js Show response
www.gstatic.com/mysidia/ Frame E2BD 34 KB
14 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cbfababd91166e5076a7e33bfb78f317.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=3328342826&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211765&bpp=3&bdt=348&idt=400&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9UAp0hnqxg&p=https%3A//live.hotnewsmm.xyz&dtd=407

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 17:46:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 247018
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14337
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 10:19:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 15 Jun 2023 17:46:35 GMT

GET
H2 204 abtests
am-trc-events.taboola.com/xaluanau-hotnews/log/3/ 0
230 B 270ms
165ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/xaluanau-hotnews/log/3/abtests?route=AM:AM:V&lti=deflated&ri=669d3e2619cf5123c8b55e50cb4433c2&sd=v2_e3ef93ae59f12b21cee80c04ec52200b_dd902385-503c-48d8-955a-d32a64ee1914-tuctb11f1e4_1679322212_1679322212_CNawjgYQyp5cGK3TnfvvMCABKAEwTTin8g1Aso0QSJik2ANQ____________AVgAYABo6t-6o5P9iuX9AXAA&ui=dd902385-503c-48d8-955a-d32a64ee1914-tuctb11f1e4&pi=/213581&wi=7741171228636352255&pt=text&vi=1679322212781&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1679322213469%7D&tim=14%3A23%3A33.469&id=3125&llvl=2&cv=20230320-7-RELEASE&
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 20 Mar 2023 14:23:33 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 e69c97e5a8209b5abe57b61e8c26e345.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_500%2Cw_1000%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 22 KB
23 KB 36ms
34ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_500%2Cw_1000%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e69c97e5a8209b5abe57b61e8c26e345.jpg
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: bf20634fb43f6e33fbf4d022432e0d4e998de586210350ca8392fb65ad721fbb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 20 Mar 2023 14:23:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_500%2Cw_1000%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e69c97e5a8209b5abe57b61e8c26e345.jpg
age: 6485177
edge-cache-tag: 454503930125281425911001040122849287227,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag: 454503930125281425911001040122849287227,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 284
req-referer: https://d-10930515174149550973.ampproject.net/
content-length: 22856
x-request-id: e484c36bf532f0b283337adbdfa66293
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kiad7000136-IAD, cache-iad-kjyo7100041-IAD, cache-chi-klot8100040-CHI, cache-iad-kcgs7200028-IAD, cache-lon4239-LON
last-modified: Mon, 19 Dec 2022 20:12:05 GMT
server: nginx
x-timer: S1679322213.497390,VS0,VE1
etag: "9ac3207f774c60c986482d48ae37c4c4"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 3, 1, 7, 1

GET
H2 200 7962b3fa8d803041a4ff097565b0f03b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 29 KB
30 KB 33ms
31ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7962b3fa8d803041a4ff097565b0f03b.jpg
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f2dae02c92b3348935a3b5aca7978095c8c39526c4e122640972f92a733268c8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 20 Mar 2023 14:23:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7962b3fa8d803041a4ff097565b0f03b.jpg
age: 6567961
edge-cache-tag: 458192708189807716415125209287388946431,392173735509245572091693767611601833779,29ecf9b93bbf306179626feeda1fab70
cache-tag: 458192708189807716415125209287388946431,392173735509245572091693767611601833779,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 149
expiration: expiry-date="Fri, 06 Jan 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.14news.com/
content-length: 29652
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kiad7000153-IAD, cache-iad-kjyo7100092-IAD, cache-bur-kbur8200082-BUR, cache-iad-kjyo7100050-IAD, cache-lon4239-LON
last-modified: Tue, 06 Dec 2022 15:32:53 GMT
server: nginx
x-timer: S1679322213.497376,VS0,VE1
etag: "263871fd3611e62e3be4768d8343cc2e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 4406, 1

GET
H2 200 501655e58d5bbbae341f25e6e05c5e86.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 6 KB
7 KB 32ms
30ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/501655e58d5bbbae341f25e6e05c5e86.jpg
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ce9e81978c38abc877702c4bb005f64b3b717b4efd28214f7acf60417695e8f5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 20 Mar 2023 14:23:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/501655e58d5bbbae341f25e6e05c5e86.jpg
age: 6040978
edge-cache-tag: 305687050823887572881452853492068789304,392173735509245572091693767611601833779,29ecf9b93bbf306179626feeda1fab70
cache-tag: 305687050823887572881452853492068789304,392173735509245572091693767611601833779,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 110
req-referer: https://www.aajtak.in/
content-length: 5884
x-request-id: b79bace2d8c2254104fea2fdf3c7e9aa
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kjyo7100144-IAD, cache-iad-kiad7000069-IAD, cache-lga21934-LGA, cache-iad-kiad7000088-IAD, cache-lon4239-LON
last-modified: Wed, 21 Dec 2022 12:36:34 GMT
server: nginx
x-timer: S1679322213.496915,VS0,VE1
etag: "b03760cfebc7f82e456ad13e44a6a57a"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 0, 199, 1

GET
H2 200 ba59f4920f00135756565cf864e7ebe4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_500%2Cw_1000%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 77 KB
78 KB 42ms
41ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_500%2Cw_1000%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ba59f4920f00135756565cf864e7ebe4.jpg
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8e6b611703c79eeb635949505378d729bb8cd235353a316cb4b4996aac480d1e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 20 Mar 2023 14:23:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_500%2Cw_1000%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ba59f4920f00135756565cf864e7ebe4.jpg
age: 4551321
edge-cache-tag: 358126592246295131147877285969900101939,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag: 358126592246295131147877285969900101939,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 247
expiration: expiry-date="Sun, 05 Feb 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.ancientpages.com/
content-length: 78616
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kiad7000151-IAD, cache-iad-kcgs7200118-IAD, cache-sna10734-LGB, cache-iad-kiad7000049-IAD, cache-lon4239-LON
last-modified: Thu, 05 Jan 2023 06:37:58 GMT
server: nginx
x-timer: S1679322213.497426,VS0,VE1
etag: "35e3a95245f4a05ea7aee83802a39b53"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 21, 1

GET
H2 200 db811be84d856096ebf1084a45c88fef.jpg
images.taboola.com/taboola/image/fetch/h_278,w_500,c_fill,g_xy_center,x_829,y_421/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 30 KB
30 KB 40ms
38ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_278,w_500,c_fill,g_xy_center,x_829,y_421/http%3A//cdn.taboola.com/libtrc/static/thumbnails/db811be84d856096ebf1084a45c88fef.jpg
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 110200a04ed45d35bea55ae6a418f6fcedee64bad512eee6a7008c338837b718

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 20 Mar 2023 14:23:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/h_278,w_500,c_fill,g_xy_center,x_829,y_421/http%3A//cdn.taboola.com/libtrc/static/thumbnails/db811be84d856096ebf1084a45c88fef.jpg
age: 2330767
edge-cache-tag: 628154142050994036997566988009985863929,508033333308982699869365386154430224392,29ecf9b93bbf306179626feeda1fab70
cache-tag: 628154142050994036997566988009985863929,508033333308982699869365386154430224392,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 115
expiration: expiry-date="Thu, 09 Mar 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://thedirect.com/
content-length: 30466
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kjyo7100070-IAD, cache-iad-kiad7000152-IAD, cache-lga21959-LGA, cache-iad-kiad7000095-IAD, cache-lon4239-LON
last-modified: Mon, 06 Feb 2023 17:05:08 GMT
server: nginx
x-timer: S1679322213.497410,VS0,VE1
etag: "a02e62f2aacf9e74cae273a5cb479835"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 0, 95, 1

GET
H2 200 19781eec4686dd5e5d73ae693caf6e0b.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 10 KB
11 KB 31ms
30ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/19781eec4686dd5e5d73ae693caf6e0b.png
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 48657bba943e3f611762ca1b78f788460f5e7030eeb268abda065a9cf56d7fb4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 20 Mar 2023 14:23:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/19781eec4686dd5e5d73ae693caf6e0b.png
age: 2164155
edge-cache-tag: 624774012057414477573752638144834168612,392173735509245572091693767611601833779,29ecf9b93bbf306179626feeda1fab70
cache-tag: 624774012057414477573752638144834168612,392173735509245572091693767611601833779,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 623
req-referer: https://www.chroniclelive.co.uk/
content-length: 10254
x-request-id: 3212cb563fc1dd6004c489cf050dfb4c
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kiad7000109-IAD, cache-iad-kjyo7100022-IAD, cache-sna10723-LGB, cache-iad-kjyo7100022-IAD, cache-lon4239-LON
last-modified: Thu, 23 Feb 2023 10:46:13 GMT
server: nginx
x-timer: S1679322214.530522,VS0,VE0
etag: "3f51058eae067c1d7ed2bb415400587a"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 3

GET
H2 200 Noi-dung-doan-van-ban-cua-ban-1080-%C3%97-1080-px-2023-02-16T142937.804.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//go.hotnewsmm.xyz/wp-content/uploads/2023/02/ 50 KB
51 KB 31ms
31ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//go.hotnewsmm.xyz/wp-content/uploads/2023/02/Noi-dung-doan-van-ban-cua-ban-1080-%C3%97-1080-px-2023-02-16T142937.804.jpg
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 91776f13a61ee7a80a85f2eee13926ceddfad25c8311ddb5e6b9c618c1f179b2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 20 Mar 2023 14:23:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//go.hotnewsmm.xyz/wp-content/uploads/2023/02/Noi-dung-doan-van-ban-cua-ban-1080-%C3%97-1080-px-2023-02-16T142937.804.jpg
age: 2758277
edge-cache-tag: 553282873930049323720034794282431169234,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag: 553282873930049323720034794282431169234,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 331
req-referer: https://animalxx.hotnewsmm.xyz/the-spiny-flower-mantis-pseudocreobotra-wahlbergii?fbclid=IwAR0EFAhR7NjiFaKXIBIxSsueSEXA16nq1wOaWGb9bfBeSYEM-dk5ps4PuOI
content-length: 51146
x-request-id: 7d3f4c14b16ab673753f61cce7940a97
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kiad7000126-IAD, cache-iad-kiad7000087-IAD, cache-chi-kigq8000175-CHI, cache-iad-kcgs7200177-IAD, cache-lon4239-LON
last-modified: Thu, 16 Feb 2023 15:55:56 GMT
server: nginx
x-timer: S1679322214.531794,VS0,VE1
etag: "bc9594b7808070054e5fcc51e1a37f1f"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 27, 1

GET
H2 200 PIC-69.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//live.hotnewsmm.xyz/wp-content/uploads/2023/03/ 44 KB
45 KB 44ms
44ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//live.hotnewsmm.xyz/wp-content/uploads/2023/03/PIC-69.jpg
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2b30328045ecdecf844f2ad5804be1ba8926133379f2ef6320ba41e3b9e129a9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 13
date: Mon, 20 Mar 2023 14:23:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//live.hotnewsmm.xyz/wp-content/uploads/2023/03/PIC-69.jpg
age: 1230632
edge-cache-tag: 537697521195584061013484234499706001969,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag: 537697521195584061013484234499706001969,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 357
req-referer: https://go.hotnewsmm.xyz/
content-length: 45206
x-request-id: eafa81add77637eebf4b1588536b10f3
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kcgs7200138-IAD, cache-iad-kiad7000165-IAD, cache-bur-kbur8200050-BUR, cache-iad-kjyo7100084-IAD, cache-lon4239-LON
last-modified: Mon, 06 Mar 2023 08:14:55 GMT
server: nginx
x-timer: S1679322214.534068,VS0,VE13
etag: "8037cdc9943eba7c46e5d08a772b4920"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 8, 1

GET
H2 200 mu5.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//b.xemnhanh.info/wp-content/uploads/2022/12/ 48 KB
49 KB 32ms
31ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//b.xemnhanh.info/wp-content/uploads/2022/12/mu5.jpg
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2af82781c1a76344212e7efcfe39b88897905098de34e64ecd11bc5708d64e22

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 20 Mar 2023 14:23:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//b.xemnhanh.info/wp-content/uploads/2022/12/mu5.jpg
age: 3469308
edge-cache-tag: 493941527435717329281089213491608110979,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag: 493941527435717329281089213491608110979,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 1268
req-referer: https://live.hotnewsmm.xyz/
content-length: 49524
x-request-id: 6258491c77cc869d3729f6f3befcfe8c
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kjyo7100179-IAD, cache-iad-kcgs7200077-IAD, cache-sna10723-LGB, cache-iad-kiad7000091-IAD, cache-lon4239-LON
last-modified: Mon, 06 Feb 2023 18:02:42 GMT
server: nginx
x-timer: S1679322214.538375,VS0,VE1
etag: "751964f02cd9b989eeacd6a4d894e651"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 23, 1

GET
H2 200 PIC-77.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//live.hotnewsmm.xyz/wp-content/uploads/2023/02/ 54 KB
55 KB 462ms
462ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//live.hotnewsmm.xyz/wp-content/uploads/2023/02/PIC-77.jpg
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 30e7a53377c8e0353c77f726f27d04aedda43968b79117806e05185fe7117d98

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 431
date: Mon, 20 Mar 2023 14:23:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//live.hotnewsmm.xyz/wp-content/uploads/2023/02/PIC-77.jpg
age: 338858
edge-cache-tag: 549930618080399255059420898618849126896,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag: 549930618080399255059420898618849126896,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, MISS, MISS
x-envoy-upstream-service-time: 276
expiration: expiry-date="Sun, 19 Mar 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://live.hotnewsmm.xyz/
content-length: 55144
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kcgs7200033-IAD, cache-iad-kiad7000123-IAD, cache-sna10735-LGB, cache-iad-kcgs7200050-IAD, cache-lon4239-LON
last-modified: Thu, 16 Feb 2023 08:31:50 GMT
server: nginx
x-timer: S1679322214.548268,VS0,VE431
etag: "a1e1304b13f8eabefb42f3c33d4f37c3"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 0, 0

GET
H2 200 cxzvcbxzc.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//live.hotnewsmm.xyz/wp-content/uploads/2023/02/ 27 KB
28 KB 32ms
32ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//live.hotnewsmm.xyz/wp-content/uploads/2023/02/cxzvcbxzc.jpg
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 94251660d3e84ebb2701f0a4275065b8445ca67ed96895ec13251463c57622de

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 20 Mar 2023 14:23:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//live.hotnewsmm.xyz/wp-content/uploads/2023/02/cxzvcbxzc.jpg
age: 1394293
edge-cache-tag: 472569656895801010785235175658140632889,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag: 472569656895801010785235175658140632889,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 174
expiration: expiry-date="Sat, 25 Mar 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://live.hotnewsmm.xyz/
content-length: 27948
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kjyo7100154-IAD, cache-iad-kjyo7100153-IAD, cache-lga21964-LGA, cache-iad-kcgs7200143-IAD, cache-lon4239-LON
last-modified: Wed, 22 Feb 2023 16:12:36 GMT
server: nginx
x-timer: S1679322214.561857,VS0,VE1
etag: "e37d0333808856d767bcab3d50b96504"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 5, 1

GET
H2 200 88-1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//live.hotnewsmm.xyz/wp-content/uploads/2023/03/ 32 KB
33 KB 31ms
31ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//live.hotnewsmm.xyz/wp-content/uploads/2023/03/88-1.jpg
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 16d9bc8359f0a6b91cd24c2c3b409d1365e5f1a86a622756feea3200aabc0df1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 20 Mar 2023 14:23:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//live.hotnewsmm.xyz/wp-content/uploads/2023/03/88-1.jpg
age: 511584
edge-cache-tag: 476923219548372398689457967558263064351,329765810179079982686186289182046609799,29ecf9b93bbf306179626feeda1fab70
cache-tag: 476923219548372398689457967558263064351,329765810179079982686186289182046609799,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 1713
req-referer: https://live.hotnewsmm.xyz/
content-length: 32490
x-request-id: 230446913069a36d3665b1cc4d1324cf
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kiad7000130-IAD, cache-iad-kcgs7200175-IAD, cache-bur-kbur8200054-BUR, cache-iad-kjyo7100127-IAD, cache-lon4239-LON
last-modified: Mon, 13 Mar 2023 15:58:24 GMT
server: nginx
x-timer: S1679322214.568759,VS0,VE1
etag: "c327571a7a645aa49fadbd5e6bf002c0"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 1

GET
H2 200 rice_32546532_78451274514.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//live.hotnewsmm.xyz/wp-content/uploads/2022/12/ 31 KB
31 KB 32ms
31ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//live.hotnewsmm.xyz/wp-content/uploads/2022/12/rice_32546532_78451274514.jpg
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dcc25392bc501616ab10758195f6d72976b1b7262ad713025c33489feefa9746

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 20 Mar 2023 14:23:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//live.hotnewsmm.xyz/wp-content/uploads/2022/12/rice_32546532_78451274514.jpg
age: 6777099
edge-cache-tag: 553975942491930383776911374293764235033,329765810179079982686186289182046609799,29ecf9b93bbf306179626feeda1fab70
cache-tag: 553975942491930383776911374293764235033,329765810179079982686186289182046609799,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 184
req-referer: https://go.hotnewsmm.xyz/
content-length: 31478
x-request-id: 4a51188fbb47aeb2c6743f8eb6eb84ba
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kcgs7200062-IAD, cache-iad-kcgs7200097-IAD, cache-chi-klot8100165-CHI, cache-iad-kcgs7200075-IAD, cache-lon4239-LON
last-modified: Sat, 31 Dec 2022 23:31:47 GMT
server: nginx
x-timer: S1679322214.577130,VS0,VE1
etag: "945b155e32d38aded3fffb75863cbc7e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 0, 150, 1

GET
H2 200 116-3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//live.hotnewsmm.xyz/wp-content/uploads/2023/03/ 34 KB
35 KB 32ms
31ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//live.hotnewsmm.xyz/wp-content/uploads/2023/03/116-3.jpg
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e85b4be623658d2ed5a5adf2b8de0e6b5edfdc2d1c7c8972cd8f2d380dc4d293

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 20 Mar 2023 14:23:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//live.hotnewsmm.xyz/wp-content/uploads/2023/03/116-3.jpg
age: 799361
edge-cache-tag: 620582286302165714303397822815768688548,329765810179079982686186289182046609799,29ecf9b93bbf306179626feeda1fab70
cache-tag: 620582286302165714303397822815768688548,329765810179079982686186289182046609799,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 428
req-referer: https://live.hotnewsmm.xyz/193954
content-length: 35128
x-request-id: 94b97a00bf5518c31221e9f8af9a91e6
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kcgs7200043-IAD, cache-iad-kiad7000056-IAD, cache-bur-kbur8200165-BUR, cache-iad-kjyo7100110-IAD, cache-lon4239-LON
last-modified: Sat, 11 Mar 2023 08:14:31 GMT
server: nginx
x-timer: S1679322214.585742,VS0,VE1
etag: "7ef354c3527687c186dda44e79325bb8"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 10, 1

GET
H3 200 n7KdSiWJFgbDLHajlxoGzrM9J1DJZleIE0kt7I04uFE.js Show response
pagead2.googlesyndication.com/bg/ Frame ADFC 36 KB
14 KB 51ms
48ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/n7KdSiWJFgbDLHajlxoGzrM9J1DJZleIE0kt7I04uFE.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=808297724&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211773&bpp=1&bdt=356&idt=554&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2809406a65851201-22ee5eaa5edd0034%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MaaXV7gyz5LbaEc46spiLwLQvn9aQ&gpic=UID%3D00000bc97885d817%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MZRRz02Be0AhCo1_BWme-D2xIrL0A&prev_fmts=0x0%2C820x280%2C820x280%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3677&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=4I1Ww6SOuM&p=https%3A//live.hotnewsmm.xyz&dtd=556

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fb29d4a25891606c32c76a3971a06ceb33d2750c966578813492dec8d38b851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 10:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 187812
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14330
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 17 Mar 2024 10:13:21 GMT

GET
H2 200 e69c97e5a8209b5abe57b61e8c26e345.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 22 KB
23 KB 31ms
30ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e69c97e5a8209b5abe57b61e8c26e345.jpg
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2ad07bbc35a558a764ec3bdf945f608867c7e18c751588227a49503993e34a66

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 20 Mar 2023 14:23:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e69c97e5a8209b5abe57b61e8c26e345.jpg
age: 1745323
edge-cache-tag: 454503930125281425911001040122849287227,583871214053319515287197068629212291723,29ecf9b93bbf306179626feeda1fab70
cache-tag: 454503930125281425911001040122849287227,583871214053319515287197068629212291723,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 451
expiration: expiry-date="Tue, 28 Feb 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.mopo.de/
content-length: 22718
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kiad7000135-IAD, cache-iad-kjyo7100172-IAD, cache-sna10746-LGB, cache-iad-kjyo7100138-IAD, cache-lon4239-LON
last-modified: Sat, 28 Jan 2023 17:39:49 GMT
server: nginx
x-timer: S1679322214.594798,VS0,VE1
etag: "b5493316da01c5488621125f21ca4f4b"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 8, 1

GET
H2 200 ba59f4920f00135756565cf864e7ebe4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 78 KB
78 KB 41ms
40ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ba59f4920f00135756565cf864e7ebe4.jpg
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1e14df8959e1419a8217bf6ab3f42e147713989b0044fb17a6e1d83f1a048b4b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 11
date: Mon, 20 Mar 2023 14:23:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ba59f4920f00135756565cf864e7ebe4.jpg
age: 5376138
edge-cache-tag: 358126592246295131147877285969900101939,583871214053319515287197068629212291723,29ecf9b93bbf306179626feeda1fab70
cache-tag: 358126592246295131147877285969900101939,583871214053319515287197068629212291723,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 257
req-referer: https://omgifacts.com/
content-length: 79558
x-request-id: 6a2777f17cc14415a5b48c816ce1864c
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kiad7000040-IAD, cache-iad-kiad7000046-IAD, cache-sna10724-LGB, cache-iad-kcgs7200130-IAD, cache-lon4239-LON
last-modified: Tue, 03 Jan 2023 21:24:42 GMT
server: nginx
x-timer: S1679322214.602387,VS0,VE11
etag: "9a3529d842ebc5912bd9ed79d0c6e17f"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 0, 24, 1

GET
H2 200 44-1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//live.hotnewsmm.xyz/wp-content/uploads/2023/03/ 17 KB
18 KB 31ms
31ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//live.hotnewsmm.xyz/wp-content/uploads/2023/03/44-1.jpg
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 949da193fa53945ed19468b8e7a6badd0358c846b3b22061cd0adb3addfed050

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 20 Mar 2023 14:23:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//live.hotnewsmm.xyz/wp-content/uploads/2023/03/44-1.jpg
age: 1157630
edge-cache-tag: 556664425596575757287443514006029027187,320197154429204532661449260201797071578,29ecf9b93bbf306179626feeda1fab70
cache-tag: 556664425596575757287443514006029027187,320197154429204532661449260201797071578,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 364
req-referer: https://live.hotnewsmm.xyz/
content-length: 17318
x-request-id: 7759dda02511ab45c4a4d225df3b39d2
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kiad7000126-IAD, cache-iad-kiad7000087-IAD, cache-sna10740-LGB, cache-iad-kiad7000072-IAD, cache-lon4239-LON
last-modified: Tue, 07 Mar 2023 04:02:40 GMT
server: nginx
x-timer: S1679322214.609763,VS0,VE1
etag: "7d1512d7fd48d077420cbf4cadaa6738"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 27, 1

GET
H2 200 collage-2-110.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//sports.hotnewsmm.xyz/wp-content/uploads/2022/12/ 20 KB
21 KB 33ms
32ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//sports.hotnewsmm.xyz/wp-content/uploads/2022/12/collage-2-110.jpg
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f80289ca9b3bdc717c33985f741bb73410743768098d340a76ce50b1b12eeb00

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 20 Mar 2023 14:23:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//sports.hotnewsmm.xyz/wp-content/uploads/2022/12/collage-2-110.jpg
age: 2395829
edge-cache-tag: 447679430482924177467787670403866251480,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
cache-tag: 447679430482924177467787670403866251480,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 548
req-referer: https://live.hotnewsmm.xyz/
content-length: 20948
x-request-id: e5bfbb0d3e9c7391c0da3c7e9d1f1983
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kiad7000064-IAD, cache-iad-kjyo7100149-IAD, cache-lga21922-LGA, cache-iad-kjyo7100023-IAD, cache-lon4239-LON
last-modified: Wed, 15 Feb 2023 18:42:02 GMT
server: nginx
x-timer: S1679322214.620710,VS0,VE1
etag: "4ef5e7c7617c24a05c2cbe9f2931f50f"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 19, 1

GET
H2 200 7962b3fa8d803041a4ff097565b0f03b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 22 KB
23 KB 31ms
31ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7962b3fa8d803041a4ff097565b0f03b.jpg
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c8ad4efe674d62221756125ac359800c85d1c776ab4da918cb1764c23a40141b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 20 Mar 2023 14:23:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7962b3fa8d803041a4ff097565b0f03b.jpg
age: 2365483
edge-cache-tag: 458192708189807716415125209287388946431,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
cache-tag: 458192708189807716415125209287388946431,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 301
expiration: expiry-date="Fri, 10 Mar 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.wpxi.com/
content-length: 22426
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kiad7000078-IAD, cache-iad-kiad7000024-IAD, cache-bur-kbur8200160-BUR, cache-iad-kiad7000059-IAD, cache-lon4239-LON
last-modified: Tue, 07 Feb 2023 15:01:53 GMT
server: nginx
x-timer: S1679322214.626923,VS0,VE1
etag: "77d71633cd28af07207c4eafbfc19da3"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 345, 1

GET
H2 200 501655e58d5bbbae341f25e6e05c5e86.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 6 KB
7 KB 31ms
31ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/501655e58d5bbbae341f25e6e05c5e86.jpg
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 47d6f4624399a18cb05f4b0597395717227c00c1fa90083f57650c9b98d8377a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 20 Mar 2023 14:23:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/501655e58d5bbbae341f25e6e05c5e86.jpg
age: 6040357
edge-cache-tag: 305687050823887572881452853492068789304,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
cache-tag: 305687050823887572881452853492068789304,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 518
req-referer: https://www.tips-and-tricks.co/
content-length: 5996
x-request-id: 0d861f60379b724f84246fff9a9598e4
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kiad7000138-IAD, cache-iad-kcgs7200175-IAD, cache-bur-kbur8200050-BUR, cache-iad-kjyo7100129-IAD, cache-lon4239-LON
last-modified: Wed, 21 Dec 2022 12:36:34 GMT
server: nginx
x-timer: S1679322214.641906,VS0,VE1
etag: "1db706be1ce00774612f0949d9f059f9"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 117, 1

GET
H2 200 nagng.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//box.tinvn.online/wp-content/uploads/2023/03/ 60 KB
61 KB 32ms
31ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//box.tinvn.online/wp-content/uploads/2023/03/nagng.jpeg
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 508cd8d8007b3855abf3ee2de95c5ed921e4284e29b12141f79fc513f511ea07

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 20 Mar 2023 14:23:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//box.tinvn.online/wp-content/uploads/2023/03/nagng.jpeg
age: 216216
edge-cache-tag: 423386928871043390318738326569542869934,583871214053319515287197068629212291723,29ecf9b93bbf306179626feeda1fab70
cache-tag: 423386928871043390318738326569542869934,583871214053319515287197068629212291723,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 618
req-referer: https://live.hotnewsmm.xyz/
content-length: 61742
x-request-id: 2c8ef7b083dda41a44e9983f1e56ddce
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kcgs7200028-IAD, cache-iad-kjyo7100130-IAD, cache-lga21944-LGA, cache-iad-kjyo7100040-IAD, cache-lon4239-LON
last-modified: Sat, 18 Mar 2023 01:21:54 GMT
server: nginx
x-timer: S1679322214.649212,VS0,VE1
etag: "d48c67d3269098a9e98fc7f7ecb8d96c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 24, 1

GET
H2 200 ro-39.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//live.hotnewsmm.xyz/wp-content/uploads/2023/02/ 56 KB
57 KB 31ms
31ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//live.hotnewsmm.xyz/wp-content/uploads/2023/02/ro-39.jpg
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d5d4cc06a54bc5558710f306550160b5e497fae5f56e71a6755a3c0567479c34

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 20 Mar 2023 14:23:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//live.hotnewsmm.xyz/wp-content/uploads/2023/02/ro-39.jpg
age: 2275358
edge-cache-tag: 627709549716340571618291405353944468035,583871214053319515287197068629212291723,29ecf9b93bbf306179626feeda1fab70
cache-tag: 627709549716340571618291405353944468035,583871214053319515287197068629212291723,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 612
req-referer: https://live.hotnewsmm.xyz/
content-length: 57734
x-request-id: c8fc58691fefe85ac0fa9d133ed37717
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kcgs7200056-IAD, cache-iad-kcgs7200145-IAD, cache-chi-kigq8000030-CHI, cache-iad-kjyo7100028-IAD, cache-lon4239-LON
last-modified: Wed, 22 Feb 2023 01:57:43 GMT
server: nginx
x-timer: S1679322214.653776,VS0,VE1
etag: "070615c4a9dbfe1e21a8c2f923acc757"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 11, 1

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2326
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

103ms
102ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 14:23:33 GMT
expires: Mon, 20 Mar 2023 14:23:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 14:23:33 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 n7KdSiWJFgbDLHajlxoGzrM9J1DJZleIE0kt7I04uFE.js Show response
pagead2.googlesyndication.com/bg/ Frame 6114 36 KB
14 KB 49ms
47ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/n7KdSiWJFgbDLHajlxoGzrM9J1DJZleIE0kt7I04uFE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fb29d4a25891606c32c76a3971a06ceb33d2750c966578813492dec8d38b851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 10:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 187812
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14330
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 17 Mar 2024 10:13:21 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E2BD 0
0 86ms
86ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C2Vq_ZGwYZI7PDbDG1fAP1ZukoAPp48bGb9nSla2cEevF2a6gORABIJHPtSFgu4aAgNAKoAGnh7vDA8gBCakCovHNzpuBtD6oAwHIA8sEqgTQAU_QZY8GS9-73z38OQ5TIsRttftgtaK9hzOgv0wKRcV8vXA6u1c8fc-enpRKLb-A6Hb4HStLrq6fi5V6VV0jCiJodkCCZA8J1pJVK7zTucMClEmjD_IrT4vhbwgDbkjmKNGij3qXBECRv5kuZ9WQIOAXKuxRO_M4ZVt_vTO7At0mASH8BoUVL8mWhA8tEcX4_KnaQqzMzU6I1HV-Oa8OQ620T3hiTCs1qAu1OHq3pUCvwUKNvEeU4kCb_MfiXW8Odnye8uzSwknMpowD9LltlYTABN-7zNygBJIFBAgEGAGSBQQIBRgEoAYugAfB-MQ8qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQmscg0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw2IFAHQFQGAFwGyFxwKGggAEhRwdWItMzA3Mzk4NTcyMzA4NzY5NRgA&sigh=An2Cz_-5xsM&uach_m=[UACH]&cid=CAQSGwDUE5ymSXpvvNgaW4s7zOKA7l0-UJftkRZ0ehgB&template_id=5000

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=3328342826&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211765&bpp=3&bdt=348&idt=400&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9UAp0hnqxg&p=https%3A//live.hotnewsmm.xyz&dtd=407

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=3328342826&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211765&bpp=3&bdt=348&idt=400&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9UAp0hnqxg&p=https%3A//live.hotnewsmm.xyz&dtd=407
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 20 Mar 2023 14:23:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 01BB 16 KB
6 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17171710418869759677/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 05:05:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33470
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5660
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 21 Mar 2023 05:05:43 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 01BB 34 KB
13 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17171710418869759677/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 04:22:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36074
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 21 Mar 2023 04:22:19 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/12521236395472319523/ Frame E2BD 17 KB
17 KB 44ms
44ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12521236395472319523/14763004658117789537?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=3328342826&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211765&bpp=3&bdt=348&idt=400&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9UAp0hnqxg&p=https%3A//live.hotnewsmm.xyz&dtd=407

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

398b1c8c45f50d9a741e2541c2f74e28499ff435ca69029e73f48862c3544bb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 16:32:55 GMT
x-content-type-options: nosniff
age: 78638
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17751
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 15:13:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 18 Mar 2024 16:32:55 GMT

GET
DATA 200
OK truncated
/ Frame E2BD 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E2BD 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3 204 csi
csi.gstatic.com/ Frame D89F 0
17 B 121ms
120ms Ping
image/gif 2607:f8b0:4002:c09::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~lfgx34oo&c=3143030458980&slotId=1571515229490&fas=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.563.0_en.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4002:c09::78 Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 14:23:33 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 66EA 143 B
166 B 44ms
43ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=1862173523&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211774&bpp=1&bdt=357&idt=565&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2809406a65851201-22ee5eaa5edd0034%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MaaXV7gyz5LbaEc46spiLwLQvn9aQ&gpic=UID%3D00000bc97885d817%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MZRRz02Be0AhCo1_BWme-D2xIrL0A&prev_fmts=0x0%2C820x280%2C820x280%2C820x280%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=4143&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=2lCmE2ilsL&p=https%3A//live.hotnewsmm.xyz&dtd=569

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=1862173523&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211774&bpp=1&bdt=357&idt=565&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2809406a65851201-22ee5eaa5edd0034%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MaaXV7gyz5LbaEc46spiLwLQvn9aQ&gpic=UID%3D00000bc97885d817%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MZRRz02Be0AhCo1_BWme-D2xIrL0A&prev_fmts=0x0%2C820x280%2C820x280%2C820x280%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=4143&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=2lCmE2ilsL&p=https%3A//live.hotnewsmm.xyz&dtd=569
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 1611
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 13:56:42 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 spa-detector.20230320-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 34ms
30ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/spa-detector.20230320-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/xaluanau-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 92dc06b1bed5602ee1d937986874bcd419c4859aba4d47686ddc5f7102cdaafb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: V6KqYCMMbkySdcQpnkWtFDqdfNwkB8Tg
content-encoding: gzip
via: 1.1 varnish
date: Mon, 20 Mar 2023 14:23:33 GMT
x-amz-request-id: EECQ9AKVKXFNB9X7
age: 7974
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 809
x-amz-id-2: gNc72SCPrvyNFqKBZMT6qkaTwYZ4jIJJaqHELIVzF//+/1WluZL8TgLE7SETcTGyqH8q58hvR/I=
x-served-by: cache-lon4239-LON
last-modified: Mon, 20 Mar 2023 12:10:40 GMT
server: AmazonS3
x-timer: S1679322214.615702,VS0,VE0
etag: "da963b3cde6d3a5157c09dca2f6e38cb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 48
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 3899

GET
H2 204 supply-feature
am-trc-events.taboola.com/xaluanau-hotnews/log/3/ 0
230 B 144ms
139ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/xaluanau-hotnews/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=669d3e2619cf5123c8b55e50cb4433c2&sd=v2_e3ef93ae59f12b21cee80c04ec52200b_dd902385-503c-48d8-955a-d32a64ee1914-tuctb11f1e4_1679322212_1679322212_CNawjgYQyp5cGK3TnfvvMCABKAEwTTin8g1Aso0QSJik2ANQ____________AVgAYABo6t-6o5P9iuX9AXAA&ui=dd902385-503c-48d8-955a-d32a64ee1914-tuctb11f1e4&pi=/213581&wi=7741171228636352255&pt=text&vi=1679322212781&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=14%3A23%3A33.594&id=1663&llvl=2&cv=20230320-7-RELEASE&
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 20 Mar 2023 14:23:33 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
am-trc-events.taboola.com/xaluanau-hotnews/log/3/ 0
230 B 144ms
139ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/xaluanau-hotnews/log/3/abtests?route=AM:AM:V&lti=deflated&ri=669d3e2619cf5123c8b55e50cb4433c2&sd=v2_e3ef93ae59f12b21cee80c04ec52200b_dd902385-503c-48d8-955a-d32a64ee1914-tuctb11f1e4_1679322212_1679322212_CNawjgYQyp5cGK3TnfvvMCABKAEwTTin8g1Aso0QSJik2ANQ____________AVgAYABo6t-6o5P9iuX9AXAA&ui=dd902385-503c-48d8-955a-d32a64ee1914-tuctb11f1e4&pi=/213581&wi=7741171228636352255&pt=text&vi=1679322212781&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1679322213595%7D&tim=14%3A23%3A33.595&id=7965&llvl=2&cv=20230320-7-RELEASE&
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 20 Mar 2023 14:23:33 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
am-trc-events.taboola.com/xaluanau-hotnews/log/3/ 0
230 B 144ms
140ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/xaluanau-hotnews/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=669d3e2619cf5123c8b55e50cb4433c2&sd=v2_e3ef93ae59f12b21cee80c04ec52200b_dd902385-503c-48d8-955a-d32a64ee1914-tuctb11f1e4_1679322212_1679322212_CNawjgYQyp5cGK3TnfvvMCABKAEwTTin8g1Aso0QSJik2ANQ____________AVgAYABo6t-6o5P9iuX9AXAA&ui=dd902385-503c-48d8-955a-d32a64ee1914-tuctb11f1e4&pi=/213581&wi=7741171228636352255&pt=text&vi=1679322212781&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=14%3A23%3A33.596&id=7963&llvl=2&cv=20230320-7-RELEASE&
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 20 Mar 2023 14:23:33 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
am-trc-events.taboola.com/xaluanau-hotnews/log/3/ 0
230 B 144ms
140ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/xaluanau-hotnews/log/3/abtests?route=AM:AM:V&lti=deflated&ri=669d3e2619cf5123c8b55e50cb4433c2&sd=v2_e3ef93ae59f12b21cee80c04ec52200b_dd902385-503c-48d8-955a-d32a64ee1914-tuctb11f1e4_1679322212_1679322212_CNawjgYQyp5cGK3TnfvvMCABKAEwTTin8g1Aso0QSJik2ANQ____________AVgAYABo6t-6o5P9iuX9AXAA&ui=dd902385-503c-48d8-955a-d32a64ee1914-tuctb11f1e4&pi=/213581&wi=7741171228636352255&pt=text&vi=1679322212781&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1679322213600%7D&tim=14%3A23%3A33.600&id=805&llvl=2&cv=20230320-7-RELEASE&
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 20 Mar 2023 14:23:33 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
DATA 200
OK truncated
/ Frame 01DA 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5fbb9d61562ebac45c6a43b34414482e05800aadfc1c1a7f4646058cca24ca75

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel.gif Show response
ad.vidverto.io/vidverto/test/ Frame D89F 42 B
174 B 36ms
36ms Fetch
image/gif 190.2.153.150
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.563.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.153.150 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:33 GMT
last-modified: Mon, 26 Oct 2020 16:14:05 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5f96f5cd-2a"
content-length: 42
content-type: image/gif

GET
H2 200 pixel.gif Show response
ad.vidverto.io/vidverto/test/ Frame D89F 42 B
174 B 37ms
37ms Fetch
image/gif 190.2.153.150
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.563.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.153.150 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:33 GMT
last-modified: Mon, 26 Oct 2020 16:14:05 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5f96f5cd-2a"
content-length: 42
content-type: image/gif

GET
DATA 200
OK truncated
/ Frame E2BD 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f38d73458b9a297fd670945c082ac37aea3f75d7b87be5cebb258adb85ddec6d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E2BD 0
20 B 85ms
85ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=26&version=r20230315&sample=0.01

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/load_preloaded_resource_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 14:23:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 69C6 564 B
463 B 42ms
41ms Document
text/html 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7uckCFgN0a3WM_2wm1QR0a3WM_2wm1QUAAAAGBvQHJGabOBY252StGK1sbtFyYltLXMvJWrcxrnyblccwsxmGQGK2iWNhc07WitHK5hYtJ7a1xLWcrHUb48q3WXkMM5thCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bQtB0Onyue73YaXvZhX7T3eX7vN124fP6lyw2q-FiDgAAAAAP_____xAAAAAAEQAAAAASAAAAABQBFf8WAhcAAAAAGP____8aAOIcB-jweO0u5z8AAAAAQAAAAABIABCcB0sAYgRrT_7_________YwboM29k_v___28MegAefAAehAAAAC6G9tnLAJb330SICnCLGAEAAABkKxKrHU3qhMqi6v__v98K4AoAIMDw_yyNP0t3UOItDAAAIGBsgR4Wv9_ssGv8bpf9_________5v9n_2jCTn1xKX11gk_qv0CAgCs_QICALCpGwDAmwBc0BG0YjBYXUDMDgAAAODu____Xw-kPCubc7NwuZYzx2RiWWxcLuNgYxitPK7JZDCYeO98jyaqI6D8tS9EWGa_76CgnJ4es8sgKrreFrvDafYcxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BmKxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIgyZnIPJZrhaqwabjVs0HBnXytVq4RZ5JgvbaOVyLBejtej1MV0ci5ljZdqiYIDIXiRPi3Qimy1HnpVltlhubK7FZLMxTlyrlWuwsZhGm83GMhFLNCeLdCK77Fuelc25Wbhcy5ljMrEsNi6XcbAxjFYe12QyGEz8JZNzMNkMV2vVYLNxi4Yj41q5Wi3cIs9kYRutXI7lYrQWvT6mi2Mxc6xM-8Zst9xMJpPFZN-Y7ZabyWSymOw7dIbv6nM2mofXxsfljOo22-3NYVC4DBbvVGrajTvHgvM3LDpVpteyoDP6_X6_3-_3-_1-v0HrOZgNCt82esv2rkFz6To2F8QGgyKWCC7SifBhdj3sDtdb6DfdXb7PRSxRmi7SiV6y2KyGi4lYIjhdpBPRy3i6qP_4IIvdXLEZzhXL2VwxmK0SAAAAAAAAAMAS5sybAAAAAJwGtdstVqt1HsxkNNpNVssFuHhQ0v3pXlzfRYeE211zU7lhxnL4L278GAIfZtfD7nC9hX7T3eX7XBngwkGfefNnglir1bIGAAAQwAYAAAjg1s17ADlciv____-PAwAAkJGjBwAAoN8HqlIJP3Kl2OMnyN1kOQ!&cmcv=&pix=undefined&cb=1679322213889&uv=3262&tms=1679322213889&abt=dfrc_vA!nonrv_vA!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=f6b1af92-14ef-49b6-b592-7c8e73ec0ff0&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.9/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a8565a0aa214e2ecf8ad9dba771e98012ce6303a370e05806269a1c220a0fd0b

Request headers

Referer: https://live.hotnewsmm.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Mon, 20 Mar 2023 14:23:33 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-lon4239-LON
x-timer: S1679322214.907831,VS0,VE10

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 14AC 719 B
804 B 150ms
143ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7uckCFgN0a3WM_2wm1QR0a3WM_2wm1QUAAAAGBvQHJGabOBY252StGK1sbtFyYltLXMvJWrcxrnyblccwsxmGQGK2iWNhc07WitHK5hYtJ7a1xLWcrHUb48q3WXkMM5thCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bQtB0Onyue73YaXvZhX7T3eX7vN124fP6lyw2q-FiDgAAAAAP_____xAAAAAAEQAAAAASAAAAABQBFf8WAhcAAAAAGP____8aAOIcB-jweO0u5z8AAAAAQAAAAABIABCcB0sAYgRrT_7_________YwboM29k_v___28MegAefAAehAAAAC6G9tnLAJb330SICnCLGAEAAABkKxKrHU3qhMqi6v__v98K4AoAIMDw_yyNP0t3UOItDAAAIGBsgR4Wv9_ssGv8bpf9_________5v9n_2jCTn1xKX11gk_qv0CAgCs_QICALCpGwDAmwBc0BG0YjBYXUDMDgAAAODu____Xw-kPCubc7NwuZYzx2RiWWxcLuNgYxitPK7JZDCYeO98jyaqI6D8tS9EWGa_76CgnJ4es8sgKrreFrvDafYcxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BmKxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIgyZnIPJZrhaqwabjVs0HBnXytVq4RZ5JgvbaOVyLBejtej1MV0ci5ljZdqiYIDIXiRPi3Qimy1HnpVltlhubK7FZLMxTlyrlWuwsZhGm83GMhFLNCeLdCK77Fuelc25Wbhcy5ljMrEsNi6XcbAxjFYe12QyGEz8JZNzMNkMV2vVYLNxi4Yj41q5Wi3cIs9kYRutXI7lYrQWvT6mi2Mxc6xM-8Zst9xMJpPFZN-Y7ZabyWSymOw7dIbv6nM2mofXxsfljOo22-3NYVC4DBbvVGrajTvHgvM3LDpVpteyoDP6_X6_3-_3-_1-v0HrOZgNCt82esv2rkFz6To2F8QGgyKWCC7SifBhdj3sDtdb6DfdXb7PRSxRmi7SiV6y2KyGi4lYIjhdpBPRy3i6qP_4IIvdXLEZzhXL2VwxmK0SAAAAAAAAAMAS5sybAAAAAJwGtdstVqt1HsxkNNpNVssFuHhQ0v3pXlzfRYeE211zU7lhxnL4L278GAIfZtfD7nC9hX7T3eX7XBngwkGfefNnglir1bIGAAAQwAYAAAjg1s17ADlciv____-PAwAAkJGjBwAAoN8HqlIJP3Kl2OMnyN1kOQ!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.9/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: fbf08c4d01639c653424ded1023e1d5f1f5010cdaa29d192d10090c9479715d4

Request headers

Referer: https://live.hotnewsmm.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Mon, 20 Mar 2023 14:23:33 GMT
machineid: 3402
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 12 KB
6 KB 512ms
511ms XHR
application/json 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1679322213896&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1507&pt=1238011684&tz=0&viewable=true&ddast=V7uckCFgN0a3WM_2wm1QR0a3WM_2wm1QUAAAAGBvQHJGabOBY252StGK1sbtFyYltLXMvJWrcxrnyblccwsxmGQGK2iWNhc07WitHK5hYtJ7a1xLWcrHUb48q3WXkMM5thCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bQtB0Onyue73YaXvZhX7T3eX7vN124fP6lyw2q-FiDgAAAAAP_____xAAAAAAEQAAAAASAAAAABQBFf8WAhcAAAAAGP____8aAOIcB-jweO0u5z8AAAAAQAAAAABIABCcB0sAYgRrT_7_________YwboM29k_v___28MegAefAAehAAAAC6G9tnLAJb330SICnCLGAEAAABkKxKrHU3qhMqi6v__v98K4AoAIMDw_yyNP0t3UOItDAAAIGBsgR4Wv9_ssGv8bpf9_________5v9n_2jCTn1xKX11gk_qv0CAgCs_QICALCpGwDAmwBc0BG0YjBYXUDMDgAAAODu____Xw-kPCubc7NwuZYzx2RiWWxcLuNgYxitPK7JZDCYeO98jyaqI6D8tS9EWGa_76CgnJ4es8sgKrreFrvDafYcxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BmKxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIgyZnIPJZrhaqwabjVs0HBnXytVq4RZ5JgvbaOVyLBejtej1MV0ci5ljZdqiYIDIXiRPi3Qimy1HnpVltlhubK7FZLMxTlyrlWuwsZhGm83GMhFLNCeLdCK77Fuelc25Wbhcy5ljMrEsNi6XcbAxjFYe12QyGEz8JZNzMNkMV2vVYLNxi4Yj41q5Wi3cIs9kYRutXI7lYrQWvT6mi2Mxc6xM-8Zst9xMJpPFZN-Y7ZabyWSymOw7dIbv6nM2mofXxsfljOo22-3NYVC4DBbvVGrajTvHgvM3LDpVpteyoDP6_X6_3-_3-_1-v0HrOZgNCt82esv2rkFz6To2F8QGgyKWCC7SifBhdj3sDtdb6DfdXb7PRSxRmi7SiV6y2KyGi4lYIjhdpBPRy3i6qP_4IIvdXLEZzhXL2VwxmK0SAAAAAAAAAMAS5sybAAAAAJwGtdstVqt1HsxkNNpNVssFuHhQ0v3pXlzfRYeE211zU7lhxnL4L278GAIfZtfD7nC9hX7T3eX7XBngwkGfefNnglir1bIGAAAQwAYAAAjg1s17ADlciv____-PAwAAkJGjBwAAoN8HqlIJP3Kl2OMnyN1kOQ!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3244725&dpubid=577155&abtst=dfrc_vA!nonrv_vA!t45!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Flive.hotnewsmm.xyz&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.9/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a43737b55603539f29a75a852bae5b4607a5c72e014baabb8ddb59d2ccb78fec

Request headers

Referer: https://live.hotnewsmm.xyz/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Mon, 20 Mar 2023 14:23:34 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1466
x-cache: MISS
x-served-by: cache-lon4239-LON
pragma: no-cache
server: nginx
x-timer: S1679322214.912088,VS0,VE481
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://live.hotnewsmm.xyz
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://ioms.bfmio.com>; rel=preconnect,<https://ioms.bfmio.com>; rel=preconnect,<https://ioms.bfmio.com>; rel=preconnect
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 165ms
92ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V7uckCFgN0a3WM_2wm1QR0a3WM_2wm1QUAAAAGBvQHJGabOBY252StGK1sbtFyYltLXMvJWrcxrnyblccwsxmGQGK2iWNhc07WitHK5hYtJ7a1xLWcrHUb48q3WXkMM5thCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bQtB0Onyue73YaXvZhX7T3eX7vN124fP6lyw2q-FiDgAAAAAP_____xAAAAAAEQAAAAASAAAAABQBFf8WAhcAAAAAGP____8aAOIcB-jweO0u5z8AAAAAQAAAAABIABCcB0sAYgRrT_7_________YwboM29k_v___28MegAefAAehAAAAC6G9tnLAJb330SICnCLGAEAAABkKxKrHU3qhMqi6v__v98K4AoAIMDw_yyNP0t3UOItDAAAIGBsgR4Wv9_ssGv8bpf9_________5v9n_2jCTn1xKX11gk_qv0CAgCs_QICALCpGwDAmwBc0BG0YjBYXUDMDgAAAODu____Xw-kPCubc7NwuZYzx2RiWWxcLuNgYxitPK7JZDCYeO98jyaqI6D8tS9EWGa_76CgnJ4es8sgKrreFrvDafYcxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BmKxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIgyZnIPJZrhaqwabjVs0HBnXytVq4RZ5JgvbaOVyLBejtej1MV0ci5ljZdqiYIDIXiRPi3Qimy1HnpVltlhubK7FZLMxTlyrlWuwsZhGm83GMhFLNCeLdCK77Fuelc25Wbhcy5ljMrEsNi6XcbAxjFYe12QyGEz8JZNzMNkMV2vVYLNxi4Yj41q5Wi3cIs9kYRutXI7lYrQWvT6mi2Mxc6xM-8Zst9xMJpPFZN-Y7ZabyWSymOw7dIbv6nM2mofXxsfljOo22-3NYVC4DBbvVGrajTvHgvM3LDpVpteyoDP6_X6_3-_3-_1-v0HrOZgNCt82esv2rkFz6To2F8QGgyKWCC7SifBhdj3sDtdb6DfdXb7PRSxRmi7SiV6y2KyGi4lYIjhdpBPRy3i6qP_4IIvdXLEZzhXL2VwxmK0SAAAAAAAAAMAS5sybAAAAAJwGtdstVqt1HsxkNNpNVssFuHhQ0v3pXlzfRYeE211zU7lhxnL4L278GAIfZtfD7nC9hX7T3eX7XBngwkGfefNnglir1bIGAAAQwAYAAAjg1s17ADlciv____-PAwAAkJGjBwAAoN8HqlIJP3Kl2OMnyN1kOQ!&cmcv=&pix=31589837&cb=1679322213889&uv=3262&tms=1679322213889&abt=dfrc_vA!nonrv_vA!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1679322210557.6!ts:1679322213889&mntl=1
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:33 GMT
content-length: 0
server: nginx

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame E2BD 28 KB
28 KB 42ms
41ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 17:05:31 GMT
x-content-type-options: nosniff
age: 422282
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Mar 2024 17:05:31 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 66EA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

52ms
52ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=1862173523&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211774&bpp=1&bdt=357&idt=565&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2809406a65851201-22ee5eaa5edd0034%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MaaXV7gyz5LbaEc46spiLwLQvn9aQ&gpic=UID%3D00000bc97885d817%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MZRRz02Be0AhCo1_BWme-D2xIrL0A&prev_fmts=0x0%2C820x280%2C820x280%2C820x280%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=4143&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=2lCmE2ilsL&p=https%3A//live.hotnewsmm.xyz&dtd=569

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 14:23:33 GMT
expires: Mon, 20 Mar 2023 14:23:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 14:23:33 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel.gif Show response
ad.vidverto.io/vidverto/test/ Frame D89F 42 B
174 B 36ms
36ms Fetch
image/gif 190.2.153.150
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.563.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.153.150 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:33 GMT
last-modified: Mon, 26 Oct 2020 16:14:05 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5f96f5cd-2a"
content-length: 42
content-type: image/gif

GET
H2 200 pixel.gif Show response
ad.vidverto.io/vidverto/test/ Frame D89F 42 B
174 B 37ms
37ms Fetch
image/gif 190.2.153.150
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.563.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.153.150 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:33 GMT
last-modified: Mon, 26 Oct 2020 16:14:05 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5f96f5cd-2a"
content-length: 42
content-type: image/gif

GET
H3 200 n7KdSiWJFgbDLHajlxoGzrM9J1DJZleIE0kt7I04uFE.js Show response
pagead2.googlesyndication.com/bg/ Frame 01BB 36 KB
14 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/n7KdSiWJFgbDLHajlxoGzrM9J1DJZleIE0kt7I04uFE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fb29d4a25891606c32c76a3971a06ceb33d2750c966578813492dec8d38b851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 10:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 187812
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14330
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 17 Mar 2024 10:13:21 GMT

GET
H2

200

/
sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/ Frame 69C6
Redirect Chain

https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us...
https://sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/?gdpr=1&us_privacy=1---&taboola_hm=0d3a588aef7a462f9ae57dbaa5d303bd&orig=video

0
99 B

123ms
103ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/?gdpr=1&us_privacy=1---&taboola_hm=0d3a588aef7a462f9ae57dbaa5d303bd&orig=video
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7uckCFgN0a3WM_2wm1QR0a3WM_2wm1QUAAAAGBvQHJGabOBY252StGK1sbtFyYltLXMvJWrcxrnyblccwsxmGQGK2iWNhc07WitHK5hYtJ7a1xLWcrHUb48q3WXkMM5thCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bQtB0Onyue73YaXvZhX7T3eX7vN124fP6lyw2q-FiDgAAAAAP_____xAAAAAAEQAAAAASAAAAABQBFf8WAhcAAAAAGP____8aAOIcB-jweO0u5z8AAAAAQAAAAABIABCcB0sAYgRrT_7_________YwboM29k_v___28MegAefAAehAAAAC6G9tnLAJb330SICnCLGAEAAABkKxKrHU3qhMqi6v__v98K4AoAIMDw_yyNP0t3UOItDAAAIGBsgR4Wv9_ssGv8bpf9_________5v9n_2jCTn1xKX11gk_qv0CAgCs_QICALCpGwDAmwBc0BG0YjBYXUDMDgAAAODu____Xw-kPCubc7NwuZYzx2RiWWxcLuNgYxitPK7JZDCYeO98jyaqI6D8tS9EWGa_76CgnJ4es8sgKrreFrvDafYcxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BmKxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIgyZnIPJZrhaqwabjVs0HBnXytVq4RZ5JgvbaOVyLBejtej1MV0ci5ljZdqiYIDIXiRPi3Qimy1HnpVltlhubK7FZLMxTlyrlWuwsZhGm83GMhFLNCeLdCK77Fuelc25Wbhcy5ljMrEsNi6XcbAxjFYe12QyGEz8JZNzMNkMV2vVYLNxi4Yj41q5Wi3cIs9kYRutXI7lYrQWvT6mi2Mxc6xM-8Zst9xMJpPFZN-Y7ZabyWSymOw7dIbv6nM2mofXxsfljOo22-3NYVC4DBbvVGrajTvHgvM3LDpVpteyoDP6_X6_3-_3-_1-v0HrOZgNCt82esv2rkFz6To2F8QGgyKWCC7SifBhdj3sDtdb6DfdXb7PRSxRmi7SiV6y2KyGi4lYIjhdpBPRy3i6qP_4IIvdXLEZzhXL2VwxmK0SAAAAAAAAAMAS5sybAAAAAJwGtdstVqt1HsxkNNpNVssFuHhQ0v3pXlzfRYeE211zU7lhxnL4L278GAIfZtfD7nC9hX7T3eX7XBngwkGfefNnglir1bIGAAAQwAYAAAjg1s17ADlciv____-PAwAAkJGjBwAAoN8HqlIJP3Kl2OMnyN1kOQ!&cmcv=&pix=undefined&cb=1679322213889&uv=3262&tms=1679322213889&abt=dfrc_vA!nonrv_vA!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=f6b1af92-14ef-49b6-b592-7c8e73ec0ff0&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:34 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 100435

Redirect headers

location: https://sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/?gdpr=1&us_privacy=1---&taboola_hm=0d3a588aef7a462f9ae57dbaa5d303bd&orig=video
date: Mon, 20 Mar 2023 14:23:34 GMT
server: Apache-Coyote/1.1
content-length: 0
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 69C6 70 B
265 B 163ms
54ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7uckCFgN0a3WM_2wm1QR0a3WM_2wm1QUAAAAGBvQHJGabOBY252StGK1sbtFyYltLXMvJWrcxrnyblccwsxmGQGK2iWNhc07WitHK5hYtJ7a1xLWcrHUb48q3WXkMM5thCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bQtB0Onyue73YaXvZhX7T3eX7vN124fP6lyw2q-FiDgAAAAAP_____xAAAAAAEQAAAAASAAAAABQBFf8WAhcAAAAAGP____8aAOIcB-jweO0u5z8AAAAAQAAAAABIABCcB0sAYgRrT_7_________YwboM29k_v___28MegAefAAehAAAAC6G9tnLAJb330SICnCLGAEAAABkKxKrHU3qhMqi6v__v98K4AoAIMDw_yyNP0t3UOItDAAAIGBsgR4Wv9_ssGv8bpf9_________5v9n_2jCTn1xKX11gk_qv0CAgCs_QICALCpGwDAmwBc0BG0YjBYXUDMDgAAAODu____Xw-kPCubc7NwuZYzx2RiWWxcLuNgYxitPK7JZDCYeO98jyaqI6D8tS9EWGa_76CgnJ4es8sgKrreFrvDafYcxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BmKxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIgyZnIPJZrhaqwabjVs0HBnXytVq4RZ5JgvbaOVyLBejtej1MV0ci5ljZdqiYIDIXiRPi3Qimy1HnpVltlhubK7FZLMxTlyrlWuwsZhGm83GMhFLNCeLdCK77Fuelc25Wbhcy5ljMrEsNi6XcbAxjFYe12QyGEz8JZNzMNkMV2vVYLNxi4Yj41q5Wi3cIs9kYRutXI7lYrQWvT6mi2Mxc6xM-8Zst9xMJpPFZN-Y7ZabyWSymOw7dIbv6nM2mofXxsfljOo22-3NYVC4DBbvVGrajTvHgvM3LDpVpteyoDP6_X6_3-_3-_1-v0HrOZgNCt82esv2rkFz6To2F8QGgyKWCC7SifBhdj3sDtdb6DfdXb7PRSxRmi7SiV6y2KyGi4lYIjhdpBPRy3i6qP_4IIvdXLEZzhXL2VwxmK0SAAAAAAAAAMAS5sybAAAAAJwGtdstVqt1HsxkNNpNVssFuHhQ0v3pXlzfRYeE211zU7lhxnL4L278GAIfZtfD7nC9hX7T3eX7XBngwkGfefNnglir1bIGAAAQwAYAAAjg1s17ADlciv____-PAwAAkJGjBwAAoN8HqlIJP3Kl2OMnyN1kOQ!&cmcv=&pix=undefined&cb=1679322213889&uv=3262&tms=1679322213889&abt=dfrc_vA!nonrv_vA!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=f6b1af92-14ef-49b6-b592-7c8e73ec0ff0&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 20 Mar 2023 14:23:34 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
x.bidswitch.net/ Frame 69C6 43 B
146 B 174ms
44ms Image
image/gif 18.185.209.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7uckCFgN0a3WM_2wm1QR0a3WM_2wm1QUAAAAGBvQHJGabOBY252StGK1sbtFyYltLXMvJWrcxrnyblccwsxmGQGK2iWNhc07WitHK5hYtJ7a1xLWcrHUb48q3WXkMM5thCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bQtB0Onyue73YaXvZhX7T3eX7vN124fP6lyw2q-FiDgAAAAAP_____xAAAAAAEQAAAAASAAAAABQBFf8WAhcAAAAAGP____8aAOIcB-jweO0u5z8AAAAAQAAAAABIABCcB0sAYgRrT_7_________YwboM29k_v___28MegAefAAehAAAAC6G9tnLAJb330SICnCLGAEAAABkKxKrHU3qhMqi6v__v98K4AoAIMDw_yyNP0t3UOItDAAAIGBsgR4Wv9_ssGv8bpf9_________5v9n_2jCTn1xKX11gk_qv0CAgCs_QICALCpGwDAmwBc0BG0YjBYXUDMDgAAAODu____Xw-kPCubc7NwuZYzx2RiWWxcLuNgYxitPK7JZDCYeO98jyaqI6D8tS9EWGa_76CgnJ4es8sgKrreFrvDafYcxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BmKxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIgyZnIPJZrhaqwabjVs0HBnXytVq4RZ5JgvbaOVyLBejtej1MV0ci5ljZdqiYIDIXiRPi3Qimy1HnpVltlhubK7FZLMxTlyrlWuwsZhGm83GMhFLNCeLdCK77Fuelc25Wbhcy5ljMrEsNi6XcbAxjFYe12QyGEz8JZNzMNkMV2vVYLNxi4Yj41q5Wi3cIs9kYRutXI7lYrQWvT6mi2Mxc6xM-8Zst9xMJpPFZN-Y7ZabyWSymOw7dIbv6nM2mofXxsfljOo22-3NYVC4DBbvVGrajTvHgvM3LDpVpteyoDP6_X6_3-_3-_1-v0HrOZgNCt82esv2rkFz6To2F8QGgyKWCC7SifBhdj3sDtdb6DfdXb7PRSxRmi7SiV6y2KyGi4lYIjhdpBPRy3i6qP_4IIvdXLEZzhXL2VwxmK0SAAAAAAAAAMAS5sybAAAAAJwGtdstVqt1HsxkNNpNVssFuHhQ0v3pXlzfRYeE211zU7lhxnL4L278GAIfZtfD7nC9hX7T3eX7XBngwkGfefNnglir1bIGAAAQwAYAAAjg1s17ADlciv____-PAwAAkJGjBwAAoN8HqlIJP3Kl2OMnyN1kOQ!&cmcv=&pix=undefined&cb=1679322213889&uv=3262&tms=1679322213889&abt=dfrc_vA!nonrv_vA!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=f6b1af92-14ef-49b6-b592-7c8e73ec0ff0&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.209.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-209-202.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:34 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3 200 n7KdSiWJFgbDLHajlxoGzrM9J1DJZleIE0kt7I04uFE.js Show response
pagead2.googlesyndication.com/bg/ Frame 08BA 36 KB
14 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/n7KdSiWJFgbDLHajlxoGzrM9J1DJZleIE0kt7I04uFE.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=3328342826&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211765&bpp=3&bdt=348&idt=400&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9UAp0hnqxg&p=https%3A//live.hotnewsmm.xyz&dtd=407

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fb29d4a25891606c32c76a3971a06ceb33d2750c966578813492dec8d38b851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 10:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 187812
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14330
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 17 Mar 2024 10:13:21 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 14AC 70 B
264 B 56ms
54ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7uckCFgN0a3WM_2wm1QR0a3WM_2wm1QUAAAAGBvQHJGabOBY252StGK1sbtFyYltLXMvJWrcxrnyblccwsxmGQGK2iWNhc07WitHK5hYtJ7a1xLWcrHUb48q3WXkMM5thCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bQtB0Onyue73YaXvZhX7T3eX7vN124fP6lyw2q-FiDgAAAAAP_____xAAAAAAEQAAAAASAAAAABQBFf8WAhcAAAAAGP____8aAOIcB-jweO0u5z8AAAAAQAAAAABIABCcB0sAYgRrT_7_________YwboM29k_v___28MegAefAAehAAAAC6G9tnLAJb330SICnCLGAEAAABkKxKrHU3qhMqi6v__v98K4AoAIMDw_yyNP0t3UOItDAAAIGBsgR4Wv9_ssGv8bpf9_________5v9n_2jCTn1xKX11gk_qv0CAgCs_QICALCpGwDAmwBc0BG0YjBYXUDMDgAAAODu____Xw-kPCubc7NwuZYzx2RiWWxcLuNgYxitPK7JZDCYeO98jyaqI6D8tS9EWGa_76CgnJ4es8sgKrreFrvDafYcxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BmKxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIgyZnIPJZrhaqwabjVs0HBnXytVq4RZ5JgvbaOVyLBejtej1MV0ci5ljZdqiYIDIXiRPi3Qimy1HnpVltlhubK7FZLMxTlyrlWuwsZhGm83GMhFLNCeLdCK77Fuelc25Wbhcy5ljMrEsNi6XcbAxjFYe12QyGEz8JZNzMNkMV2vVYLNxi4Yj41q5Wi3cIs9kYRutXI7lYrQWvT6mi2Mxc6xM-8Zst9xMJpPFZN-Y7ZabyWSymOw7dIbv6nM2mofXxsfljOo22-3NYVC4DBbvVGrajTvHgvM3LDpVpteyoDP6_X6_3-_3-_1-v0HrOZgNCt82esv2rkFz6To2F8QGgyKWCC7SifBhdj3sDtdb6DfdXb7PRSxRmi7SiV6y2KyGi4lYIjhdpBPRy3i6qP_4IIvdXLEZzhXL2VwxmK0SAAAAAAAAAMAS5sybAAAAAJwGtdstVqt1HsxkNNpNVssFuHhQ0v3pXlzfRYeE211zU7lhxnL4L278GAIfZtfD7nC9hX7T3eX7XBngwkGfefNnglir1bIGAAAQwAYAAAjg1s17ADlciv____-PAwAAkJGjBwAAoN8HqlIJP3Kl2OMnyN1kOQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 20 Mar 2023 14:23:34 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

/
sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/ Frame 14AC
Redirect Chain

https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us...
https://sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/?gdpr=1&us_privacy=1---&taboola_hm=9a88386a803946e1b24b88dffdbdcdbf&orig=video

0
99 B

124ms
103ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/?gdpr=1&us_privacy=1---&taboola_hm=9a88386a803946e1b24b88dffdbdcdbf&orig=video
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7uckCFgN0a3WM_2wm1QR0a3WM_2wm1QUAAAAGBvQHJGabOBY252StGK1sbtFyYltLXMvJWrcxrnyblccwsxmGQGK2iWNhc07WitHK5hYtJ7a1xLWcrHUb48q3WXkMM5thCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bQtB0Onyue73YaXvZhX7T3eX7vN124fP6lyw2q-FiDgAAAAAP_____xAAAAAAEQAAAAASAAAAABQBFf8WAhcAAAAAGP____8aAOIcB-jweO0u5z8AAAAAQAAAAABIABCcB0sAYgRrT_7_________YwboM29k_v___28MegAefAAehAAAAC6G9tnLAJb330SICnCLGAEAAABkKxKrHU3qhMqi6v__v98K4AoAIMDw_yyNP0t3UOItDAAAIGBsgR4Wv9_ssGv8bpf9_________5v9n_2jCTn1xKX11gk_qv0CAgCs_QICALCpGwDAmwBc0BG0YjBYXUDMDgAAAODu____Xw-kPCubc7NwuZYzx2RiWWxcLuNgYxitPK7JZDCYeO98jyaqI6D8tS9EWGa_76CgnJ4es8sgKrreFrvDafYcxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BmKxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIgyZnIPJZrhaqwabjVs0HBnXytVq4RZ5JgvbaOVyLBejtej1MV0ci5ljZdqiYIDIXiRPi3Qimy1HnpVltlhubK7FZLMxTlyrlWuwsZhGm83GMhFLNCeLdCK77Fuelc25Wbhcy5ljMrEsNi6XcbAxjFYe12QyGEz8JZNzMNkMV2vVYLNxi4Yj41q5Wi3cIs9kYRutXI7lYrQWvT6mi2Mxc6xM-8Zst9xMJpPFZN-Y7ZabyWSymOw7dIbv6nM2mofXxsfljOo22-3NYVC4DBbvVGrajTvHgvM3LDpVpteyoDP6_X6_3-_3-_1-v0HrOZgNCt82esv2rkFz6To2F8QGgyKWCC7SifBhdj3sDtdb6DfdXb7PRSxRmi7SiV6y2KyGi4lYIjhdpBPRy3i6qP_4IIvdXLEZzhXL2VwxmK0SAAAAAAAAAMAS5sybAAAAAJwGtdstVqt1HsxkNNpNVssFuHhQ0v3pXlzfRYeE211zU7lhxnL4L278GAIfZtfD7nC9hX7T3eX7XBngwkGfefNnglir1bIGAAAQwAYAAAjg1s17ADlciv____-PAwAAkJGjBwAAoN8HqlIJP3Kl2OMnyN1kOQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:34 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 100435

Redirect headers

location: https://sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/?gdpr=1&us_privacy=1---&taboola_hm=9a88386a803946e1b24b88dffdbdcdbf&orig=video
date: Mon, 20 Mar 2023 14:23:34 GMT
server: Apache-Coyote/1.1
content-length: 0
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 8497 281 B
554 B 165ms
52ms Document
text/html 23.2.211.147
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7uckCFgN0a3WM_2wm1QR0a3WM_2wm1QUAAAAGBvQHJGabOBY252StGK1sbtFyYltLXMvJWrcxrnyblccwsxmGQGK2iWNhc07WitHK5hYtJ7a1xLWcrHUb48q3WXkMM5thCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bQtB0Onyue73YaXvZhX7T3eX7vN124fP6lyw2q-FiDgAAAAAP_____xAAAAAAEQAAAAASAAAAABQBFf8WAhcAAAAAGP____8aAOIcB-jweO0u5z8AAAAAQAAAAABIABCcB0sAYgRrT_7_________YwboM29k_v___28MegAefAAehAAAAC6G9tnLAJb330SICnCLGAEAAABkKxKrHU3qhMqi6v__v98K4AoAIMDw_yyNP0t3UOItDAAAIGBsgR4Wv9_ssGv8bpf9_________5v9n_2jCTn1xKX11gk_qv0CAgCs_QICALCpGwDAmwBc0BG0YjBYXUDMDgAAAODu____Xw-kPCubc7NwuZYzx2RiWWxcLuNgYxitPK7JZDCYeO98jyaqI6D8tS9EWGa_76CgnJ4es8sgKrreFrvDafYcxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BmKxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIgyZnIPJZrhaqwabjVs0HBnXytVq4RZ5JgvbaOVyLBejtej1MV0ci5ljZdqiYIDIXiRPi3Qimy1HnpVltlhubK7FZLMxTlyrlWuwsZhGm83GMhFLNCeLdCK77Fuelc25Wbhcy5ljMrEsNi6XcbAxjFYe12QyGEz8JZNzMNkMV2vVYLNxi4Yj41q5Wi3cIs9kYRutXI7lYrQWvT6mi2Mxc6xM-8Zst9xMJpPFZN-Y7ZabyWSymOw7dIbv6nM2mofXxsfljOo22-3NYVC4DBbvVGrajTvHgvM3LDpVpteyoDP6_X6_3-_3-_1-v0HrOZgNCt82esv2rkFz6To2F8QGgyKWCC7SifBhdj3sDtdb6DfdXb7PRSxRmi7SiV6y2KyGi4lYIjhdpBPRy3i6qP_4IIvdXLEZzhXL2VwxmK0SAAAAAAAAAMAS5sybAAAAAJwGtdstVqt1HsxkNNpNVssFuHhQ0v3pXlzfRYeE211zU7lhxnL4L278GAIfZtfD7nC9hX7T3eX7XBngwkGfefNnglir1bIGAAAQwAYAAAjg1s17ADlciv____-PAwAAkJGjBwAAoN8HqlIJP3Kl2OMnyN1kOQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.2.211.147 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-2-211-147.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://am-match.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 20 Mar 2023 14:23:34 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 8497 33 KB
10 KB 55ms
55ms Script
text/html 23.2.211.147
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.2.211.147 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-2-211-147.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f884d832a91088ec8a5ad92f94d30bd7976e26192d7e5fe2a64e25335027cf65

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Mon, 20 Mar 2023 14:23:34 GMT
Content-Encoding: gzip
Last-Modified: Sun, 19 Mar 2023 17:07:26 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=9835
Connection: keep-alive
Content-Length: 9997
Expires: Mon, 20 Mar 2023 17:07:29 GMT

GET
H2 200 pixel.gif Show response
ad.vidverto.io/vidverto/test/ Frame D89F 42 B
174 B 37ms
37ms Fetch
image/gif 190.2.153.150
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.563.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.153.150 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:34 GMT
last-modified: Mon, 26 Oct 2020 16:14:05 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5f96f5cd-2a"
content-length: 42
content-type: image/gif

GET
H3 200 bridge3.563.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame DD44 708 KB
225 KB 42ms
41ms Document
text/html 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.563.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7769d34413948b167e8357b1e8322ce3ba32e96571fad70d0eb3406998cb253

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://live.hotnewsmm.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 17031
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 230581
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 09:39:43 GMT
expires: Tue, 19 Mar 2024 09:39:43 GMT
last-modified: Wed, 15 Mar 2023 22:09:10 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 51ms
51ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=live.hotnewsmm.xyz

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 67ms
67ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=live.hotnewsmm.xyz

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 15C2 42 B
174 B 81ms
80ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvucG5oVoTOQZEFwbs8pgvt3KG7nwsjEUrSBkoCt-ZDUiFnxT6X_iqsTSA9jCppndPWLzftVqUO5fCSHtBp0AzifMzOutdiM9Xj3_2BUbrmitSmVCu_tAqGi-xrN5a18zjeDuSgZA&sai=AMfl-YT67iodufv5iWlGA03uoWEgdyb4-5Nrp5qbNOPIl_vsxu2FwuSzb3vhvXqrYAkFGgIF_Hc1I2sJeTU6yTZhfpO_y8WMgC3TkGqMHNb1L1f-l8ehC90lAYqZRs4OM-16q-Tki2LqtMpCwmih&sig=Cg0ArKJSzDHMsfQ5_9XlEAE&cid=CAQSSwDUE5ymNSPzznuJD1wQDiZVR7h43pk8_mxieh7BSxGu3dGk1NPISQwMEYjffodS3BtErfj8onIcmlIMsHAXqitOGCUyGZE5AtEEHRgB&id=lidar2&mcvt=1017&p=0,0,520,260&mtos=0,1017,1017,1017,1017&tos=0,1017,0,0,0&v=20230315&bin=7&avms=nio&bs=0,0&mc=0.84&if=1&vu=1&app=0&itpl=4&adk=4189332658&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1679322212407&rpt=881&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 14:23:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 8497 284 B
536 B 441ms
85ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 cmTagFEED_MANAGER.js Show response
vidstat.taboola.com/vpaid/units/32_6_2/infra/ 883 KB
146 KB 259ms
86ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/32_6_2/infra/cmTagFEED_MANAGER.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.9/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 2c7ec7c9178fcbadbb5b0c6a139821b2d0a4f04c4678e71f56dc99f1964a389b

Request headers

Referer: https://live.hotnewsmm.xyz/
Origin: https://live.hotnewsmm.xyz
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-meta-mtime: 1679134053
date: Mon, 20 Mar 2023 14:23:34 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 6TY76C5NPRW1VRHQ
age: 188024
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1679134054
x-amz-meta-mode: 33188
content-length: 148658
x-amz-id-2: twZ/5sNmAcjwEF7D5nUOY7GmUory1Nt3W+b9o3bzQUeOzr8ElLMSSazAKEga/393r0AEvy3mrMY=
x-served-by: cache-lcy-eglc8600050-LCY
last-modified: Sat, 18 Mar 2023 10:07:35 GMT
server: AmazonS3-br
x-timer: S1679322215.605785,VS0,VE0
etag: "40ee97ac27857aa40d49a9c17b1e65c4"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 133851

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/32_6_2/assets/css/ 59 KB
8 KB 30ms
30ms Stylesheet
text/css 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/32_6_2/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.9/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 4e902c64b724e110bbb3a8840f46d79f8569949376c73edf7955dbf388159cc5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-meta-mtime: 1679134070
date: Mon, 20 Mar 2023 14:23:34 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: X056ETW5S45NCZJ5
age: 188022
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1679134070
x-amz-meta-mode: 33188
content-length: 7742
x-amz-id-2: eJ3nuKOdwcJ5n8H1RBYjLJ+Zuwie/MhYfBD4M6Orc7UeN0aN9Vm6B2CU11IgIwSjvz+Weu80B9o=
x-served-by: cache-lon4239-LON
last-modified: Sat, 18 Mar 2023 10:07:52 GMT
server: AmazonS3-br
x-timer: S1679322214.432389,VS0,VE0
etag: "910667a2fde737fb00f85f576307d7c1"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 62509

POST
H2 204 bulk Show response
trc.taboola.com/xaluanau-hotnews/log/3/ 0
333 B 90ms
90ms XHR
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/xaluanau-hotnews/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=10
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230320-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://live.hotnewsmm.xyz/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 11
pragma: no-cache
date: Mon, 20 Mar 2023 14:23:34 GMT
via: 1.1 varnish
x-served-by: cache-lon4239-LON
server: nginx
x-timer: S1679322215.562566,VS0,VE11
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://live.hotnewsmm.xyz
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DD44 69 KB
16 KB 484ms
484ms XHR
text/xml 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?ad_type=video&client=ca-video-pub-3073985723087695&description_url=http%3A%2F%2Fwww.xaluan.com&channel=9573310252&videoad_start_delay=0&hl=en&max_ad_duration=33000&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&sdkv=h.3.563.0&video_product_type=0&min_ad_duration=0&sz=0x0&adsafe=high&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&num_ads=1&t_pyv=exclude&video_format=43&is_amp=0&u_so=l&sdki=445&ptt=20&adk=3287571302&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.563.0&eid=44748969%2C44750824%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&dt=1679322214541&cookie=ID%3D2809406a65851201-22ee5eaa5edd0034%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MaaXV7gyz5LbaEc46spiLwLQvn9aQ&gpic=UID%3D00000bc97885d817%3AT%3D1679322212%3ART%3D1679322212%3AS%3DALNI_MZRRz02Be0AhCo1_BWme-D2xIrL0A&correlator=639458050254049&ad_block=1&ged=ve4_td4_tt3_pd4_la4000_er1639.640.1640.641_vi0.0.1200.1600_vp0_ts2_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.563.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daff39d44409c9edf74398508cda065c4af3be5183a9bdae8aa4b8c4b44a0aef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16238
x-xss-protection: 0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
713 B 39ms
38ms Image
image/png 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Mon, 20 Mar 2023 14:23:34 GMT
via: 1.1 varnish
x-amz-request-id: K27Y7PJWK76QW13K
age: 7241
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: ZkWJ1U7w2AJEcaaA+YMYiRenbHM+XJJyhxy8UdW1X8t7mLQlzHZvIlAt+psysIPMRGFy+DBlplE=
x-served-by: cache-lon4239-LON
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1679322215.593112,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 48
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 1174

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E2BD 42 B
64 B 78ms
77ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst5SzDrakuDTL_4ugsa06KRQKOczewYLhJFTyMfeAzynS313emuJgOgvRR-P-R2Zad3F_tP5VfOSGB4RcxLSZubeYuVlbO9gT8d4ATrlUnDio4uinj8OO7-jvAs8Vr2pBxrfJD-rw&sai=AMfl-YSMyeMyorfUL2-TMMLJ2h52qhVnAoSKtZ92XxBEhINF9ThpGEZ8-fX3O29ZNyJI28jKC6vZ56_HF1tT&sig=Cg0ArKJSzLJ-5EBi71fbEAE&cid=CAQSGwDUE5ymSXpvvNgaW4s7zOKA7l0-UJftkRZ0ehgB&id=lidar2&mcvt=1000&p=0,0,280,820&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230315&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3263145482&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1679322212173&rpt=1788&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 14:23:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 content_v3.js Show response
vidstat.taboola.com/ 16 KB
5 KB 31ms
30ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content_v3.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_6_2/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:35 GMT
via: 1.1 3390f75f0478e466058132c3d8207a8e.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: LHR3-C1
age: 1459919
x-cache: Hit from cloudfront, HIT
content-length: 4839
x-served-by: cache-lon4239-LON
last-modified: Wed, 20 Jul 2022 13:23:50 GMT
server: AmazonS3
x-timer: S1679322215.102630,VS0,VE0
etag: "f7533e747bb02a8eb527ada4f2749620"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: Y0AvJkx3zSmIoK8FyB7p1_1BYsErCfv_-puFPYNAMLO4or7Px_LVYA==
x-cache-hits: 13958

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v15.0.7/ 441 KB
84 KB 31ms
30ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.0.7/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_6_2/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 07ec4e6a98caaba912fb93b8d0546b8a91c4a1c456afc59bbbfa45653b7a82b9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-meta-mtime: 1678701661
date: Mon, 20 Mar 2023 14:23:35 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: DJQXXZQ3XAXW7GYK
age: 620502
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1678701673
x-amz-meta-mode: 33188
content-length: 85610
x-amz-id-2: sedBOB5XJOB08yYbA9i+sszN2IbQ6YIQxNW0TE3YN/Ll/WhCE2MuXxT+30UnuK3GYLATh+4efdc=
x-served-by: cache-lon4239-LON
last-modified: Mon, 13 Mar 2023 10:01:14 GMT
server: AmazonS3-br
x-timer: S1679322215.116835,VS0,VE0
etag: "bcdf92ea8c7a7b406133c12f21506018"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 245275

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 637F 719 B
804 B 85ms
85ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7uckCFgN0a3WM_2wm1QR0a3WM_2wm1QUAAAAGBvQHJGabOBY252StGK1sbtFyYltLXMvJWrcxrnyblccwsxmGQGK2iWNhc07WitHK5hYtJ7a1xLWcrHUb48q3WXkMM5thCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bQtB0Onyue73YaXvZhX7T3eX7vN124fP6lyw2q-FiDgAAAAAP_____xAAAAAAEQAAAAASAAAAABQBFf8WAhcAAAAAGP____8aAOIcB-jweO0u5z8AAAAAQAAAAABIABCcB0sAYgRrT_7_________YwboM29k_v___28MegAefAAehAAAAC6G9tnLAJb330SICnCLGAEAAABkKxKrHU3qhMqi6v__v98K4AoAIMDw_yyNP0t3UOItDAAAIGBsgR4Wv9_ssGv8bpf9_________5v9n_2jCTn1xKX11gk_qv0CAgCs_QICALCpGwDAmwBc0BG0YjBYXUDMDgAAAODu____Xw-kPCubc7NwuZYzx2RiWWxcLuNgYxitPK7JZDCYeO98jyaqI6D8tS9EWGa_76CgnJ4es8sgKrreFrvDafYcxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BmKxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIgyZnIPJZrhaqwabjVs0HBnXytVq4RZ5JgvbaOVyLBejtej1MV0ci5ljZdqiYIDIXiRPi3Qimy1HnpVltlhubK7FZLMxTlyrlWuwsZhGm83GMhFLNCeLdCK77Fuelc25Wbhcy5ljMrEsNi6XcbAxjFYe12QyGEz8JZNzMNkMV2vVYLNxi4Yj41q5Wi3cIs9kYRutXI7lYrQWvT6mi2Mxc6xM-8Zst9xMJpPFZN-Y7ZabyWSymOw7dIbv6nM2mofXxsfljOo22-3NYVC4DBbvVGrajTvHgvM3LDpVpteyoDP6_X6_3-_3-_1-v0HrOZgNCt82esv2rkFz6To2F8QGgyKWCC7SifBhdj3sDtdb6DfdXb7PRSxRmi7SiV6y2KyGi4lYIjhdpBPRy3i6qP_4IIvdXLEZzhXL2VwxmK0SAAAAAAAAAMAS5sybAAAAAJwGtdstVqt1HsxkNNpNVssFuHhQ0v3pXlzfRYeE211zU7lhxnL4L278GAIfZtfD7nC9hX7T3eX7XBngwkGfefNnglir1bIGAAAQwAYAAAjg1s17ADlciv____-PAwAAkJGjBwAAoN8HqlIJP3Kl2OMnyN1kOQ!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_6_2/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: df20e1aa84574d7f16e5a6340e0362e131f3e88749b58f7ee714b2b1b19c69db

Request headers

Referer: https://live.hotnewsmm.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Mon, 20 Mar 2023 14:23:35 GMT
machineid: 3402
server: nginx

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 82ms
82ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V7uckCFgN0a3WM_2wm1QR0a3WM_2wm1QUAAAAGBvQHJGabOBY252StGK1sbtFyYltLXMvJWrcxrnyblccwsxmGQGK2iWNhc07WitHK5hYtJ7a1xLWcrHUb48q3WXkMM5thCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bQtB0Onyue73YaXvZhX7T3eX7vN124fP6lyw2q-FiDgAAAAAP_____xAAAAAAEQAAAAASAAAAABQBFf8WAhcAAAAAGP____8aAOIcB-jweO0u5z8AAAAAQAAAAABIABCcB0sAYgRrT_7_________YwboM29k_v___28MegAefAAehAAAAC6G9tnLAJb330SICnCLGAEAAABkKxKrHU3qhMqi6v__v98K4AoAIMDw_yyNP0t3UOItDAAAIGBsgR4Wv9_ssGv8bpf9_________5v9n_2jCTn1xKX11gk_qv0CAgCs_QICALCpGwDAmwBc0BG0YjBYXUDMDgAAAODu____Xw-kPCubc7NwuZYzx2RiWWxcLuNgYxitPK7JZDCYeO98jyaqI6D8tS9EWGa_76CgnJ4es8sgKrreFrvDafYcxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BmKxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIgyZnIPJZrhaqwabjVs0HBnXytVq4RZ5JgvbaOVyLBejtej1MV0ci5ljZdqiYIDIXiRPi3Qimy1HnpVltlhubK7FZLMxTlyrlWuwsZhGm83GMhFLNCeLdCK77Fuelc25Wbhcy5ljMrEsNi6XcbAxjFYe12QyGEz8JZNzMNkMV2vVYLNxi4Yj41q5Wi3cIs9kYRutXI7lYrQWvT6mi2Mxc6xM-8Zst9xMJpPFZN-Y7ZabyWSymOw7dIbv6nM2mofXxsfljOo22-3NYVC4DBbvVGrajTvHgvM3LDpVpteyoDP6_X6_3-_3-_1-v0HrOZgNCt82esv2rkFz6To2F8QGgyKWCC7SifBhdj3sDtdb6DfdXb7PRSxRmi7SiV6y2KyGi4lYIjhdpBPRy3i6qP_4IIvdXLEZzhXL2VwxmK0SAAAAAAAAAMAS5sybAAAAAJwGtdstVqt1HsxkNNpNVssFuHhQ0v3pXlzfRYeE211zU7lhxnL4L278GAIfZtfD7nC9hX7T3eX7XBngwkGfefNnglir1bIGAAAQwAYAAAjg1s17ADlciv____-PAwAAkJGjBwAAoN8HqlIJP3Kl2OMnyN1kOQ!&cmcv=&pix=31579697&cb=1679322215105&uv=3262&tms=1679322215105&su=3&abt=dfrc_vA!nonrv_vA!t45!ufm_vG&ft=0&unm=FEED_MANAGER&su=3&
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:35 GMT
content-length: 0
server: nginx

POST
H3 204 csi
csi.gstatic.com/ Frame DD44 0
17 B 120ms
119ms Ping
image/gif 2607:f8b0:4002:c09::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lfgx35nn&c=3143030458980&slotId=1571515229490&eee=missing-element&bi=missing-id&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=2&vhc=0&wta=1&hghme=1&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.563.0_en.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4002:c09::78 Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 14:23:35 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ 89 KB
89 KB 31ms
30ms Media
video/mp4 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: https://live.hotnewsmm.xyz/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
date: Mon, 20 Mar 2023 14:23:35 GMT
via: 1.1 9e62047214e4bace813d04a6aad42396.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: LHR62-C2
age: 3897710
x-cache: Miss from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-lon4239-LON
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1679322215.164364,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: RZGUev7jAuWz1hskWIPBNszm82zgCImzsRaAOGk_smfOMIxA69HdBQ==
x-cache-hits: 455353

GET
H2 200 video_playlist.js Show response
ad.vidverto.io/vidverto/player/ui/js/ 111 KB
32 KB 76ms
76ms Script
application/javascript 190.2.153.150
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/player/ui/js/video_playlist.js?v=1653047028
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.153.150 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: c252a63cc3245c852e13332a77220c033b56a952344862770bfe104e76a0d436

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:35 GMT
content-encoding: gzip
last-modified: Thu, 18 Aug 2022 08:21:47 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"62fdf69b-1bc07"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Mon, 20 Mar 2023 15:23:35 GMT

GET
H2 200 video_playlist.css
ad.vidverto.io/vidverto/player/ui/css/ 61 KB
9 KB 112ms
112ms Stylesheet
text/css 190.2.153.150
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1653047028
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.153.150 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:35 GMT
content-encoding: gzip
last-modified: Sun, 28 Feb 2021 22:32:40 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"603c1a08-f52f"
vary: Accept-Encoding
content-type: text/css

GET
DATA 200
OK truncated
/ 212 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d34083a65ff0e36a3d645ece2161f69414caf9f8aed2d21e288e7607c5ddd6dc

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56f90a84ab6429264698fd0480ef391cb63c524b8326fc61cb42e773d4e81e99

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3 204 csi
csi.gstatic.com/ Frame DD44 0
17 B 119ms
119ms Ping
image/gif 2607:f8b0:4002:c09::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lfgx365h&c=3143030458980&slotId=1571515229490&qqid=CPK7weDa6v0CFcHF7Qod7G0FgA&gqid=ZmwYZOPhIv2emLAPrt-pmAw&fb=ima_html5-lima&sdkv=h.3.563.0&mrd=4&aab=1&itv=1&ghmsh_eids=44748969%2C44750824%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&met.4=ghmsh_s.lfgx365j~ghmsh_s.lfgx365k&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=Gmaw_nOzjslB9axn
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.563.0_en.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4002:c09::78 Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 14:23:35 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v12/ 18 KB
18 KB 44ms
44ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v12/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/moxplayer/moxplayer.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.vidverto.io/
Origin: https://live.hotnewsmm.xyz
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 06:17:54 GMT
x-content-type-options: nosniff
age: 288341
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18684
x-xss-protection: 0
last-modified: Tue, 07 Nov 2017 15:24:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Mar 2024 06:17:54 GMT

GET
H3 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v12/ 19 KB
19 KB 45ms
45ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v12/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/moxplayer/moxplayer.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.vidverto.io/
Origin: https://live.hotnewsmm.xyz
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 09:24:52 GMT
x-content-type-options: nosniff
age: 277123
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18956
x-xss-protection: 0
last-modified: Tue, 07 Nov 2017 15:27:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Mar 2024 09:24:52 GMT

GET
H2 200 logo.svg
ad.vidverto.io/vidverto/player/ 414 B
551 B 37ms
37ms Image
image/svg+xml 190.2.153.150
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidverto.io/vidverto/player/logo.svg
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.153.150 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:35 GMT
last-modified: Wed, 04 May 2022 14:39:21 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "62729019-19e"
content-length: 414
content-type: image/svg+xml

GET
H3 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 361 KB
120 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0afdfec0cc81ad101710150812834831dd21e1d766c380af5114509ff56b7eb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123281
x-xss-protection: 0
expires: Mon, 20 Mar 2023 14:23:35 GMT

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/data/JEQXU6MQ2q7FNgL/1226/video/1934/ 72 KB
0 128ms
39ms Media
video/mp4 185.180.223.225
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/data/JEQXU6MQ2q7FNgL/1226/video/1934/480_650.mp4
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.223.225 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-180-223-225.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://live.hotnewsmm.xyz/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Range: bytes=0-

Response headers

Date: Mon, 20 Mar 2023 14:23:35 GMT
Last-Modified: Thu, 02 Sep 2021 16:30:03 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6130fc0b-3de803f"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 0-64913470/64913471
Connection: keep-alive
Content-Length: 64913471

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 30ms
30ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230320-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Mon, 20 Mar 2023 14:23:35 GMT
x-amz-request-id: QT0YX14SJ48QM86R
age: 3462
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: 4pr601BPfJ15bafe0WW7tXahS8TbOuqLvdGdCybKO/ubvGpQZBs8WgOlIj6w7iYjVkqQXVjvGFc=
x-served-by: cache-lon4239-LON
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1679322215.382468,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 48
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 4406

GET
H2 200 getmu Show response
ioms.bfmio.com/ 49 B
507 B 474ms
209ms XHR
application/xml 44.194.148.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ioms.bfmio.com/getmu?aid=f3ba7097-c379-4680-c2af-b76fbd71dc0e&output=html5&width=700&height=393&v=1&pageurl=https%3A%2F%2Flive.hotnewsmm.xyz&i_type=out&stream=out&playback=2&cb=R0.1679322215396&us_privacy=1---

Requested by

Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.0.7/OvaMediaPlayer.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.194.148.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-194-148-77.compute-1.amazonaws.com

Software

Resource Hash

ed8a3320b85003e4acda56beba20a58f9d931cbabc95024476a99be054813fe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://live.hotnewsmm.xyz/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 14:23:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: Origin, Accept-Encoding, User-Agent
content-type: application/xml
access-control-allow-origin: https://live.hotnewsmm.xyz
access-control-expose-headers: location
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 getmu Show response
ioms.bfmio.com/ 49 B
506 B 485ms
222ms XHR
application/xml 44.194.148.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ioms.bfmio.com/getmu?aid=f95473e1-db9b-47f3-a234-19c11cd2680d&output=html5&width=700&height=393&v=1&pageurl=https%3A%2F%2Flive.hotnewsmm.xyz&i_type=out&stream=out&playback=2&cb=R0.1679322215399&us_privacy=1---

Requested by

Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.0.7/OvaMediaPlayer.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.194.148.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-194-148-77.compute-1.amazonaws.com

Software

Resource Hash

ed8a3320b85003e4acda56beba20a58f9d931cbabc95024476a99be054813fe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://live.hotnewsmm.xyz/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 14:23:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: Origin, Accept-Encoding, User-Agent
content-type: application/xml
access-control-allow-origin: https://live.hotnewsmm.xyz
access-control-expose-headers: location
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 getmu Show response
ioms.bfmio.com/ 49 B
507 B 487ms
225ms XHR
application/xml 44.194.148.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ioms.bfmio.com/getmu?aid=451778c9-7900-4542-916a-95dd2097ac72&output=html5&width=700&height=393&v=1&pageurl=https%3A%2F%2Flive.hotnewsmm.xyz&i_type=out&stream=out&playback=2&cb=R0.1679322215399&us_privacy=1---

Requested by

Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.0.7/OvaMediaPlayer.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.194.148.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-194-148-77.compute-1.amazonaws.com

Software

Resource Hash

ed8a3320b85003e4acda56beba20a58f9d931cbabc95024476a99be054813fe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://live.hotnewsmm.xyz/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 14:23:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: Origin, Accept-Encoding, User-Agent
content-type: application/xml
access-control-allow-origin: https://live.hotnewsmm.xyz
access-control-expose-headers: location
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

/
sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/ Frame 637F
Redirect Chain

https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us...
https://sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/?gdpr=1&us_privacy=1---&taboola_hm=0d3a588aef7a462f9ae57dbaa5d303bd&orig=video

0
98 B

104ms
104ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/?gdpr=1&us_privacy=1---&taboola_hm=0d3a588aef7a462f9ae57dbaa5d303bd&orig=video
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7uckCFgN0a3WM_2wm1QR0a3WM_2wm1QUAAAAGBvQHJGabOBY252StGK1sbtFyYltLXMvJWrcxrnyblccwsxmGQGK2iWNhc07WitHK5hYtJ7a1xLWcrHUb48q3WXkMM5thCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bQtB0Onyue73YaXvZhX7T3eX7vN124fP6lyw2q-FiDgAAAAAP_____xAAAAAAEQAAAAASAAAAABQBFf8WAhcAAAAAGP____8aAOIcB-jweO0u5z8AAAAAQAAAAABIABCcB0sAYgRrT_7_________YwboM29k_v___28MegAefAAehAAAAC6G9tnLAJb330SICnCLGAEAAABkKxKrHU3qhMqi6v__v98K4AoAIMDw_yyNP0t3UOItDAAAIGBsgR4Wv9_ssGv8bpf9_________5v9n_2jCTn1xKX11gk_qv0CAgCs_QICALCpGwDAmwBc0BG0YjBYXUDMDgAAAODu____Xw-kPCubc7NwuZYzx2RiWWxcLuNgYxitPK7JZDCYeO98jyaqI6D8tS9EWGa_76CgnJ4es8sgKrreFrvDafYcxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BmKxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIgyZnIPJZrhaqwabjVs0HBnXytVq4RZ5JgvbaOVyLBejtej1MV0ci5ljZdqiYIDIXiRPi3Qimy1HnpVltlhubK7FZLMxTlyrlWuwsZhGm83GMhFLNCeLdCK77Fuelc25Wbhcy5ljMrEsNi6XcbAxjFYe12QyGEz8JZNzMNkMV2vVYLNxi4Yj41q5Wi3cIs9kYRutXI7lYrQWvT6mi2Mxc6xM-8Zst9xMJpPFZN-Y7ZabyWSymOw7dIbv6nM2mofXxsfljOo22-3NYVC4DBbvVGrajTvHgvM3LDpVpteyoDP6_X6_3-_3-_1-v0HrOZgNCt82esv2rkFz6To2F8QGgyKWCC7SifBhdj3sDtdb6DfdXb7PRSxRmi7SiV6y2KyGi4lYIjhdpBPRy3i6qP_4IIvdXLEZzhXL2VwxmK0SAAAAAAAAAMAS5sybAAAAAJwGtdstVqt1HsxkNNpNVssFuHhQ0v3pXlzfRYeE211zU7lhxnL4L278GAIfZtfD7nC9hX7T3eX7XBngwkGfefNnglir1bIGAAAQwAYAAAjg1s17ADlciv____-PAwAAkJGjBwAAoN8HqlIJP3Kl2OMnyN1kOQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:23:35 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 95953

Redirect headers

location: https://sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/?gdpr=1&us_privacy=1---&taboola_hm=0d3a588aef7a462f9ae57dbaa5d303bd&orig=video
date: Mon, 20 Mar 2023 14:23:35 GMT
server: Apache-Coyote/1.1
content-length: 0
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 637F 70 B
264 B 54ms
53ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7uckCFgN0a3WM_2wm1QR0a3WM_2wm1QUAAAAGBvQHJGabOBY252StGK1sbtFyYltLXMvJWrcxrnyblccwsxmGQGK2iWNhc07WitHK5hYtJ7a1xLWcrHUb48q3WXkMM5thCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bQtB0Onyue73YaXvZhX7T3eX7vN124fP6lyw2q-FiDgAAAAAP_____xAAAAAAEQAAAAASAAAAABQBFf8WAhcAAAAAGP____8aAOIcB-jweO0u5z8AAAAAQAAAAABIABCcB0sAYgRrT_7_________YwboM29k_v___28MegAefAAehAAAAC6G9tnLAJb330SICnCLGAEAAABkKxKrHU3qhMqi6v__v98K4AoAIMDw_yyNP0t3UOItDAAAIGBsgR4Wv9_ssGv8bpf9_________5v9n_2jCTn1xKX11gk_qv0CAgCs_QICALCpGwDAmwBc0BG0YjBYXUDMDgAAAODu____Xw-kPCubc7NwuZYzx2RiWWxcLuNgYxitPK7JZDCYeO98jyaqI6D8tS9EWGa_76CgnJ4es8sgKrreFrvDafYcxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BmKxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIgyZnIPJZrhaqwabjVs0HBnXytVq4RZ5JgvbaOVyLBejtej1MV0ci5ljZdqiYIDIXiRPi3Qimy1HnpVltlhubK7FZLMxTlyrlWuwsZhGm83GMhFLNCeLdCK77Fuelc25Wbhcy5ljMrEsNi6XcbAxjFYe12QyGEz8JZNzMNkMV2vVYLNxi4Yj41q5Wi3cIs9kYRutXI7lYrQWvT6mi2Mxc6xM-8Zst9xMJpPFZN-Y7ZabyWSymOw7dIbv6nM2mofXxsfljOo22-3NYVC4DBbvVGrajTvHgvM3LDpVpteyoDP6_X6_3-_3-_1-v0HrOZgNCt82esv2rkFz6To2F8QGgyKWCC7SifBhdj3sDtdb6DfdXb7PRSxRmi7SiV6y2KyGi4lYIjhdpBPRy3i6qP_4IIvdXLEZzhXL2VwxmK0SAAAAAAAAAMAS5sybAAAAAJwGtdstVqt1HsxkNNpNVssFuHhQ0v3pXlzfRYeE211zU7lhxnL4L278GAIfZtfD7nC9hX7T3eX7XBngwkGfefNnglir1bIGAAAQwAYAAAjg1s17ADlciv____-PAwAAkJGjBwAAoN8HqlIJP3Kl2OMnyN1kOQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 20 Mar 2023 14:23:35 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame A927 281 B
554 B 36ms
36ms Document
text/html 23.2.211.147
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7uckCFgN0a3WM_2wm1QR0a3WM_2wm1QUAAAAGBvQHJGabOBY252StGK1sbtFyYltLXMvJWrcxrnyblccwsxmGQGK2iWNhc07WitHK5hYtJ7a1xLWcrHUb48q3WXkMM5thCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bQtB0Onyue73YaXvZhX7T3eX7vN124fP6lyw2q-FiDgAAAAAP_____xAAAAAAEQAAAAASAAAAABQBFf8WAhcAAAAAGP____8aAOIcB-jweO0u5z8AAAAAQAAAAABIABCcB0sAYgRrT_7_________YwboM29k_v___28MegAefAAehAAAAC6G9tnLAJb330SICnCLGAEAAABkKxKrHU3qhMqi6v__v98K4AoAIMDw_yyNP0t3UOItDAAAIGBsgR4Wv9_ssGv8bpf9_________5v9n_2jCTn1xKX11gk_qv0CAgCs_QICALCpGwDAmwBc0BG0YjBYXUDMDgAAAODu____Xw-kPCubc7NwuZYzx2RiWWxcLuNgYxitPK7JZDCYeO98jyaqI6D8tS9EWGa_76CgnJ4es8sgKrreFrvDafYcxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BmKxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIgyZnIPJZrhaqwabjVs0HBnXytVq4RZ5JgvbaOVyLBejtej1MV0ci5ljZdqiYIDIXiRPi3Qimy1HnpVltlhubK7FZLMxTlyrlWuwsZhGm83GMhFLNCeLdCK77Fuelc25Wbhcy5ljMrEsNi6XcbAxjFYe12QyGEz8JZNzMNkMV2vVYLNxi4Yj41q5Wi3cIs9kYRutXI7lYrQWvT6mi2Mxc6xM-8Zst9xMJpPFZN-Y7ZabyWSymOw7dIbv6nM2mofXxsfljOo22-3NYVC4DBbvVGrajTvHgvM3LDpVpteyoDP6_X6_3-_3-_1-v0HrOZgNCt82esv2rkFz6To2F8QGgyKWCC7SifBhdj3sDtdb6DfdXb7PRSxRmi7SiV6y2KyGi4lYIjhdpBPRy3i6qP_4IIvdXLEZzhXL2VwxmK0SAAAAAAAAAMAS5sybAAAAAJwGtdstVqt1HsxkNNpNVssFuHhQ0v3pXlzfRYeE211zU7lhxnL4L278GAIfZtfD7nC9hX7T3eX7XBngwkGfefNnglir1bIGAAAQwAYAAAjg1s17ADlciv____-PAwAAkJGjBwAAoN8HqlIJP3Kl2OMnyN1kOQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.2.211.147 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-2-211-147.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://am-match.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 20 Mar 2023 14:23:35 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 / Show response
pips.taboola.com/ 4 B
125 B 82ms
76ms XHR
text/plain 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-served-by: cache-lcy-eglc8600050-LCY
date: Mon, 20 Mar 2023 14:23:35 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://live.hotnewsmm.xyz
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H3 200 bridge3.563.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 086D 708 KB
225 KB 42ms
41ms Document
text/html 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.563.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7769d34413948b167e8357b1e8322ce3ba32e96571fad70d0eb3406998cb253

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://live.hotnewsmm.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 17032
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 230581
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 09:39:43 GMT
expires: Tue, 19 Mar 2024 09:39:43 GMT
last-modified: Wed, 15 Mar 2023 22:09:10 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame A927 33 KB
10 KB 45ms
44ms Script
text/html 23.2.211.147
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.2.211.147 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-2-211-147.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f884d832a91088ec8a5ad92f94d30bd7976e26192d7e5fe2a64e25335027cf65

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Mon, 20 Mar 2023 14:23:35 GMT
Content-Encoding: gzip
Last-Modified: Sun, 19 Mar 2023 17:07:26 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=9834
Connection: keep-alive
Content-Length: 9997
Expires: Mon, 20 Mar 2023 17:07:29 GMT

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 549ms
145ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=dd902385-503c-48d8-955a-d32a64ee1914-tuctb11f1e4&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://live.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 20 Mar 2023 14:23:35 GMT
cache-control: no-store
server: nginx

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame A927 284 B
536 B 94ms
94ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

POST
H3 204 csi
csi.gstatic.com/ Frame DD44 0
17 B 120ms
120ms Ping
image/gif 2607:f8b0:4002:c09::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lfgx3665&c=3143030458980&slotId=1571515229490&qqid=CPK7weDa6v0CFcHF7Qod7G0FgA&gqid=ZmwYZOPhIv2emLAPrt-pmAw&fb=ima_html5-lima&sdkv=h.3.563.0&mrd=4&aab=1&itv=1&met.4=ghmsh_s.lfgx3667
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.563.0_en.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4002:c09::78 Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 14:23:35 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/data/JEQXU6MQ2q7FNgL/1226/video/1934/ 544 KB
544 KB 116ms
39ms Media
video/mp4 185.180.223.225
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/data/JEQXU6MQ2q7FNgL/1226/video/1934/480_650.mp4
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.223.225 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-180-223-225.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 45ee0b739f1e2b9f26c17943e0f5c64aeca8793daadf4fd17a07c9db0ad15861

Request headers

Referer: https://live.hotnewsmm.xyz/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Range: bytes=64356352-

Response headers

Date: Mon, 20 Mar 2023 14:23:35 GMT
Last-Modified: Thu, 02 Sep 2021 16:30:03 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6130fc0b-3de803f"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 64356352-64913470/64913471
Connection: keep-alive
Content-Length: 557119

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/data/JEQXU6MQ2q7FNgL/1226/video/1934/ 44 KB
0 42ms
42ms Media
video/mp4 185.180.223.225
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/data/JEQXU6MQ2q7FNgL/1226/video/1934/480_650.mp4
Requested by: Host: live.hotnewsmm.xyz
URL: https://live.hotnewsmm.xyz/213581?fbclid=IwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.223.225 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-180-223-225.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://live.hotnewsmm.xyz/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Range: bytes=65536-

Response headers

Date: Mon, 20 Mar 2023 14:23:36 GMT
Last-Modified: Thu, 02 Sep 2021 16:30:03 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6130fc0b-3de803f"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 65536-64913470/64913471
Connection: keep-alive
Content-Length: 64847935

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 2 KB
997 B 64ms
64ms XHR
application/json 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1679322216617&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1507&pt=-792469858&tz=0&viewable=true&ddast=V7uckCFgN0a3WM_2wm1QR0a3WM_2wm1QUAAAAGBvQHJGabOBY252StGK1sbtFyYltLXMvJWrcxrnyblccwsxmGQGK2iWNhc07WitHK5hYtJ7a1xLWcrHUb48q3WXkMM5thCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bQtB0Onyue73YaXvZhX7T3eX7vN124fP6lyw2q-FiDgAAAAAP_____xAAAAAAEQAAAAASAAAAABQBFf8WAhcAAAAAGP____8aAOIcB-jweO0u5z8AAAAAQAAAAABIABCcB0sAYgRrT_7_________YwboM29k_v___28MegAefAAehAAAAC6G9tnLAJb330SICnCLGAEAAABkKxKrHU3qhMqi6v__v98K4AoAIMDw_yyNP0t3UOItDAAAIGBsgR4Wv9_ssGv8bpf9_________5v9n_2jCTn1xKX11gk_qv0CAgCs_QICALCpGwDAmwBc0BG0YjBYXUDMDgAAAODu____Xw-kPCubc7NwuZYzx2RiWWxcLuNgYxitPK7JZDCYeO98jyaqI6D8tS9EWGa_76CgnJ4es8sgKrreFrvDafYcxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BmKxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIgyZnIPJZrhaqwabjVs0HBnXytVq4RZ5JgvbaOVyLBejtej1MV0ci5ljZdqiYIDIXiRPi3Qimy1HnpVltlhubK7FZLMxTlyrlWuwsZhGm83GMhFLNCeLdCK77Fuelc25Wbhcy5ljMrEsNi6XcbAxjFYe12QyGEz8JZNzMNkMV2vVYLNxi4Yj41q5Wi3cIs9kYRutXI7lYrQWvT6mi2Mxc6xM-8Zst9xMJpPFZN-Y7ZabyWSymOw7dIbv6nM2mofXxsfljOo22-3NYVC4DBbvVGrajTvHgvM3LDpVpteyoDP6_X6_3-_3-_1-v0HrOZgNCt82esv2rkFz6To2F8QGgyKWCC7SifBhdj3sDtdb6DfdXb7PRSxRmi7SiV6y2KyGi4lYIjhdpBPRy3i6qP_4IIvdXLEZzhXL2VwxmK0SAAAAAAAAAMAS5sybAAAAAJwGtdstVqt1HsxkNNpNVssFuHhQ0v3pXlzfRYeE211zU7lhxnL4L278GAIfZtfD7nC9hX7T3eX7XBngwkGfefNnglir1bIGAAAQwAYAAAjg1s17ADlciv____-PAwAAkJGjBwAAoN8HqlIJP3Kl2OMnyN1kOQ!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3244725&dpubid=577155&abtst=dfrc_vA!nonrv_vA!t45!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Flive.hotnewsmm.xyz&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.9/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 95db6a553c9aba07fa53c5f34209d933af031d29b21aab659a2e112ce2483143

Request headers

Referer: https://live.hotnewsmm.xyz/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Mon, 20 Mar 2023 14:23:36 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1491
x-cache: MISS
x-served-by: cache-lon4239-LON
pragma: no-cache
server: nginx
x-timer: S1679322217.632206,VS0,VE33
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://live.hotnewsmm.xyz
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 OpportunityServlet
am-vid-events.taboola.com/ 1 B
123 B 206ms
206ms Ping
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-vid-events.taboola.com/OpportunityServlet
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_6_2/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://live.hotnewsmm.xyz/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://live.hotnewsmm.xyz
date: Mon, 20 Mar 2023 14:23:40 GMT
access-control-allow-credentials: true
server: nginx
content-length: 1

POST VideoBidRequestHandlerServlet
am-wf.taboola.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: am-wf.taboola.com
URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1679322221392&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1507&pt=-792469858&tz=0&viewable=true&ddast=V7uckCFgN0a3WM_2wm1QR0a3WM_2wm1QUAAAAGBvQHJGabOBY252StGK1sbtFyYltLXMvJWrcxrnyblccwsxmGQGK2iWNhc07WitHK5hYtJ7a1xLWcrHUb48q3WXkMM5thCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bQtB0Onyue73YaXvZhX7T3eX7vN124fP6lyw2q-FiDgAAAAAP_____xAAAAAAEQAAAAASAAAAABQBFf8WAhcAAAAAGP____8aAOIcB-jweO0u5z8AAAAAQAAAAABIABCcB0sAYgRrT_7_________YwboM29k_v___28MegAefAAehAAAAC6G9tnLAJb330SICnCLGAEAAABkKxKrHU3qhMqi6v__v98K4AoAIMDw_yyNP0t3UOItDAAAIGBsgR4Wv9_ssGv8bpf9_________5v9n_2jCTn1xKX11gk_qv0CAgCs_QICALCpGwDAmwBc0BG0YjBYXUDMDgAAAODu____Xw-kPCubc7NwuZYzx2RiWWxcLuNgYxitPK7JZDCYeO98jyaqI6D8tS9EWGa_76CgnJ4es8sgKrreFrvDafYcxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BmKxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIgyZnIPJZrhaqwabjVs0HBnXytVq4RZ5JgvbaOVyLBejtej1MV0ci5ljZdqiYIDIXiRPi3Qimy1HnpVltlhubK7FZLMxTlyrlWuwsZhGm83GMhFLNCeLdCK77Fuelc25Wbhcy5ljMrEsNi6XcbAxjFYe12QyGEz8JZNzMNkMV2vVYLNxi4Yj41q5Wi3cIs9kYRutXI7lYrQWvT6mi2Mxc6xM-8Zst9xMJpPFZN-Y7ZabyWSymOw7dIbv6nM2mofXxsfljOo22-3NYVC4DBbvVGrajTvHgvM3LDpVpteyoDP6_X6_3-_3-_1-v0HrOZgNCt82esv2rkFz6To2F8QGgyKWCC7SifBhdj3sDtdb6DfdXb7PRSxRmi7SiV6y2KyGi4lYIjhdpBPRy3i6qP_4IIvdXLEZzhXL2VwxmK0SAAAAAAAAAMAS5sybAAAAAJwGtdstVqt1HsxkNNpNVssFuHhQ0v3pXlzfRYeE211zU7lhxnL4L278GAIfZtfD7nC9hX7T3eX7XBngwkGfefNnglir1bIGAAAQwAYAAAjg1s17ADlciv____-PAwAAkJGjBwAAoN8HqlIJP3Kl2OMnyN1kOQ!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3244725&dpubid=577155&abtst=dfrc_vA!nonrv_vA!t45!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Flive.hotnewsmm.xyz&en=1&subu=3

Verdicts & Comments Add Verdict or Comment

216 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ad.vidverto.io/	1970-01-20 20:04:42	Name: moxuuid Value: 37ffaf42-50a5-426b-924a-5d4a4f9eb015
ad.vidverto.io/	1970-01-20 10:30:08	Name: _mwayss_zone_imp[8725][count] Value: 0
ad.vidverto.io/	1970-01-20 10:30:08	Name: _mwayss_zone_imp[8725][frequencyPeriodEnd] Value: 1679408611
.hotnewsmm.xyz/	1970-01-20 20:04:42	Name: _ga_V8FD1SYQLQ Value: GS1.1.1679322211.1.0.1679322211.0.0.0
.hotnewsmm.xyz/	1970-01-20 20:04:42	Name: _ga Value: GA1.2.1578177201.1679322212
.hotnewsmm.xyz/	1970-01-20 10:30:08	Name: _gid Value: GA1.2.1091341078.1679322212
.hotnewsmm.xyz/	1970-01-20 10:28:42	Name: _gat_gtag_UA_203682812_1 Value: 1
.hotnewsmm.xyz/	1970-01-20 10:28:42	Name: _gat_gtag_UA_203682812_5 Value: 1
.hotnewsmm.xyz/	1970-01-20 10:28:42	Name: _gat_gtag_UA_93483023_9 Value: 1
.hotnewsmm.xyz/	1970-01-20 19:50:18	Name: __gads Value: ID=2809406a65851201-22ee5eaa5edd0034:T=1679322212:RT=1679322212:S=ALNI_MaaXV7gyz5LbaEc46spiLwLQvn9aQ
.hotnewsmm.xyz/	1970-01-20 19:50:18	Name: __gpi Value: UID=00000bc97885d817:T=1679322212:RT=1679322212:S=ALNI_MZRRz02Be0AhCo1_BWme-D2xIrL0A
.scorecardresearch.com/	1970-01-20 20:04:42	Name: UID Value: 1657ba00115a0a198abe8441679322212
.doubleclick.net/	1970-01-20 10:28:45	Name: DSID Value: NO_DATA
live.hotnewsmm.xyz/	1970-01-20 19:14:18	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3Ddd902385-503c-48d8-955a-d32a64ee1914-tuctb11f1e4
.doubleclick.net/	1970-01-20 19:50:18	Name: IDE Value: AHWqTUn7VDwInbP03gHwRA2oOhakWveU8hE1wLqKt4K3sQFNtZZYJWUBwGIkTG8JCxw
.tremorhub.com/	1970-01-20 20:04:42	Name: tv_UISTB Value: <taboolaUserId>
.tremorhub.com/	1970-01-20 10:35:54	Name: tvssa Value: 1679322214241
.tremorhub.com/	1970-01-20 19:14:39	Name: tvid Value: 0d3a588aef7a462f9ae57dbaa5d303bd

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 468) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&h=280&slotname=4969152155&adk=3263145482&adf=3673390029&pi=t.ma~as.4969152155&w=820&fwrn=4&fwrnh=100&lmt=1679322212&rafmt=1&format=820x280&url=https%3A%2F%2Flive.hotnewsmm.xyz%2F213581%3Ffbclid%3DIwAR1lV4Y5N0_L1yz_0LgFk85H9KzxVCY_ydzEVmvZb2hp_0aRvO5fZPDWhjs%23utm_campaign%3Dmidesport%26utm_source%3Dn2304%26utm_medium%3DMU-TN&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679322211769&bpp=1&bdt=352&idt=504&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280&nras=1&correlator=3143030458980&frm=20&pv=1&ga_vid=1578177201.1679322212&ga_sid=1679322212&ga_hid=1842950848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2188&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072663%2C31072665%2C42531705%2C31072952%2C31072953%2C31073103%2C31073104%2C31073128%2C31073262&oid=2&pvsid=858913829541652&tmod=1245768270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mvOQLe1PIS&p=https%3A//live.hotnewsmm.xyz&dtd=507 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 468) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 468) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.vidverto.io
ads.eu.criteo.com
adservice.google.co.uk
adservice.google.com
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
cat.fr.eu.criteo.com
cdn.images.express.co.uk
cdn.taboola.com
cdn.unibotscdn.com
cdn.vidverto.io
cdnjs.cloudflare.com
cds.taboola.com
csi.gstatic.com
csm.eu.criteo.net
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
images.taboola.com
images2.thanhnien.vn
imasdk.googleapis.com
imprammp.taboola.com
ioms.bfmio.com
live.hotnewsmm.xyz
match.adsrvr.org
pagead2.googlesyndication.com
partner.googleadservices.com
pips.taboola.com
pix.eu.criteo.net
pubads.g.doubleclick.net
region1.google-analytics.com
rtb.nl3.eu.criteo.com
s0.2mdn.net
sb.scorecardresearch.com
secure.gravatar.com
static.criteo.net
sync-t1.taboola.com
taboola-supply-partners.tremorhub.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
znews-photo.zingcdn.me
am-wf.taboola.com
103.39.92.67
103.90.222.26
13.32.99.21
141.226.224.32
141.226.228.48
151.101.129.44
151.101.65.44
169.150.247.37
178.250.0.160
18.185.209.202
185.180.223.225
190.2.153.150
2001:4860:4802:34::36
2001:4860:4802:36::178
23.2.211.147
2600:1f18:612b:4200:ce75:68a1:ce5b:da41
2600:9000:2490:600:1d:b722:f80:93a1
2606:4700::6811:180e
2606:4700:e4::ac40:aa26
2607:f8b0:4002:c09::78
2a00:1450:4001:802::2001
2a00:1450:4001:802::200a
2a00:1450:4001:803::2003
2a00:1450:4001:803::2008
2a00:1450:4001:80e::2002
2a00:1450:4001:813::200a
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:829::2004
2a00:1450:4001:829::2006
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a02:2638:3::3
2a02:2638:3::9
2a02:2638:3::c
2a02:2638::21
2a02:2638::b
2a02:2638::c
2a04:fa87:fffe::c000:4902
3.33.220.150
44.194.148.77
69.173.144.138
01def5089442d635c894f137b8303b065e073f6f9d062ad3d5cb7607526d3666
01ebf90fc9d6690595bffcbd4bb1df69043d026a8a0e1660dfa784921b63869d
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
04a436758e8992373a49eb612d5b5f54a6fe9e6b1aedab24b510411630fa99b8
07ec4e6a98caaba912fb93b8d0546b8a91c4a1c456afc59bbbfa45653b7a82b9
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a59a09d0828c191b5e9b3532bf82e8ee85a32cd258a44ed0c3366426ce5b18d
0afdfec0cc81ad101710150812834831dd21e1d766c380af5114509ff56b7eb1
110200a04ed45d35bea55ae6a418f6fcedee64bad512eee6a7008c338837b718
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
130c0d87b30a22be4794319cba3126d6fb3981d4500494c4646669d8ef9fb1c7
16d9bc8359f0a6b91cd24c2c3b409d1365e5f1a86a622756feea3200aabc0df1
17b61fc9d02b3bc06af65d0af208ae3a6cd190b31fd914122c8a209ad3c5ab3f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18a037a68910e62b5dbe331182e2c6b88b3d0ca8cf8074b1a93a7460cae479f1
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1c0664a6ed925e9b0fc6891d739594e645ce446270b376844cfdca802ad6aca9
1c1c2c0acbf37a407288dd7fc9961d1922ef3e6526b936211fac48a64681d9aa
1e14df8959e1419a8217bf6ab3f42e147713989b0044fb17a6e1d83f1a048b4b
205758cecf2805a935a8e97b23d97c8c2cc4e75aba61486c1805e3f8b1998ce5
22bf44cc06799d79558157036279433076f4f4c1dae02fa3daf94906fc550ac2
235649053d29728a3890ad95f58b77b333a49b7ab8ee6a5cedbecf4955f9f9af
24e9c0a2c28d7d47264d174392bc87da4477b613e48d05828b578373cb267708
2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116
2ad07bbc35a558a764ec3bdf945f608867c7e18c751588227a49503993e34a66
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2af82781c1a76344212e7efcfe39b88897905098de34e64ecd11bc5708d64e22
2b30328045ecdecf844f2ad5804be1ba8926133379f2ef6320ba41e3b9e129a9
2c7ec7c9178fcbadbb5b0c6a139821b2d0a4f04c4678e71f56dc99f1964a389b
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c
30e7a53377c8e0353c77f726f27d04aedda43968b79117806e05185fe7117d98
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
326095055f1bf218098d0b15d5f2fd61eba1e0392ae3ef16ee62dede80c31ab2
3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb
357d56a2dfe1bb58ce926eac893cc2c06e4ea9d83065bac4939e644b5d2dd2cc
398b1c8c45f50d9a741e2541c2f74e28499ff435ca69029e73f48862c3544bb1
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
39bdfe633a2ee53d37200d717e79e15d7dc1014cd8fd6add8faeb8a240dad516
39e02ec52b7cd0b075979ede40415dc0e6bd3261dd8b0dde2bab139d4e8222ae
3b990f0c6934b5f7dd71e2b708f8835e8476d994449fc45bfe8c12c3ac80e3d9
3bc0f977321db7b15e8aed56295feb8dc950978d31670e06937cce5fc5208187
3c471c0e628b3d4e812dd18a9b380ac8c79899dbf3b164e50e681095bda209fe
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3eb8f63bc90af0d8d6754cf3c0a7d6ddced9fc7734caeaf3faee8944d1124d44
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4559580e9c218381ef9e14d17c63c4aefe396b2d304538375418c101d1ff95ab
45e51aa0f856a074f6c4165df263cde72d31e0ba167b7a0f74bbfa00f2dab3f5
45ee0b739f1e2b9f26c17943e0f5c64aeca8793daadf4fd17a07c9db0ad15861
47d6f4624399a18cb05f4b0597395717227c00c1fa90083f57650c9b98d8377a
48657bba943e3f611762ca1b78f788460f5e7030eeb268abda065a9cf56d7fb4
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
4bd938863d8e473540c7300aec8fd156822f4701cee5fb6b3328a2cc9b0a012b
4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e902c64b724e110bbb3a8840f46d79f8569949376c73edf7955dbf388159cc5
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
4efa6855a0003e0d9d350ac6b87b6ea8809fe18d4469caf5c5fa68d59f2d9593
5044282488bb118b2f5a2b1d9c49b022e187390846387de4f5b6f71bb651017d
508cd8d8007b3855abf3ee2de95c5ed921e4284e29b12141f79fc513f511ea07
52bf9c4e2d9b966a5085356b55004db40ed02213f7292516290290f2e22df4ef
5380162498ca0d298a0d0b4a791542d972f0d0d616f8255126a8e73dab1332e7
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56f90a84ab6429264698fd0480ef391cb63c524b8326fc61cb42e773d4e81e99
58d1a7f9162a96349d53823a2c6b388fd906f57d3fcdb857d951fa3380bcd629
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5ae2b18203325ac2876b69455e08e3eefa59a4dca46ee55b033f1fbd80b28b5b
5d446fcf37af83e12e12e348cac38d3c910a1269e29ad27da66afcd79eb51ffa
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5faa5febd660adcf719fc8dc56871d868e4a084c176abd34683dd2e14c3ef7cf
5fbb9d61562ebac45c6a43b34414482e05800aadfc1c1a7f4646058cca24ca75
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6
63340719217a1d488dd40cf84fd77f54dc9887ef48b5111214499a45e348671a
6335371655876fd9d72874902a9be510c002b9b9b7aaf424702603a9b404663e
69e610e63fe0e471f194e35ce48e403148432684e75d4c7e83264fd12e917b97
69e9bf8cabef87d7a120c9089bcc39139a0c79071355daae37e4a2ff223e4f66
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f810de46471d174c95cb4b8f8ed92a897e46e421c3b08b95a053257e5ab04db
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1
7e3559d6ffac7fc54d6edaa79b6e7330fab33fbdffc174a27c58b25e5b3952d2
8387013ae7c0a3cb9f15765f5b7693e4011a26d041b9109781d554ee93031bcc
849e42e2182fd13ce149850f53374cb6c0dd7ee4a87e033a23b3047128164aa4
854a296202cdd5d0b84e39db04abcdfa71561e9714199827417dd79857d3d244
85d3987a45a0fdca18652344761e0dce4f3616d51f7788ad3447c18a8eea5291
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e6b611703c79eeb635949505378d729bb8cd235353a316cb4b4996aac480d1e
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
91776f13a61ee7a80a85f2eee13926ceddfad25c8311ddb5e6b9c618c1f179b2
9242977ce2032fc467c6b4a6eafdf140805193c44be7e51b7aeb10c7e4f5e927
92dc06b1bed5602ee1d937986874bcd419c4859aba4d47686ddc5f7102cdaafb
94251660d3e84ebb2701f0a4275065b8445ca67ed96895ec13251463c57622de
949da193fa53945ed19468b8e7a6badd0358c846b3b22061cd0adb3addfed050
95db6a553c9aba07fa53c5f34209d933af031d29b21aab659a2e112ce2483143
9cb93fc023cca355260310e41056be397ecad26f94a578c5b147762b40fc6d3b
9fb29d4a25891606c32c76a3971a06ceb33d2750c966578813492dec8d38b851
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1fc449201f61ca3ea21d70a29c7539f8bcb19be28423a4e1258e7e1e994b042
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a43737b55603539f29a75a852bae5b4607a5c72e014baabb8ddb59d2ccb78fec
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b3b91b775b356ac4b5c34ac94dbcc1212ef23b5e89bfa9bfcc92e285a4447a
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7fe9347c265a8ef227a2c0e3e0e6e62e75f14784355f556fa9ddb864c5753f6
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a8565a0aa214e2ecf8ad9dba771e98012ce6303a370e05806269a1c220a0fd0b
aaaeff283d77d5f0d27c6ae7768ea2bba13a624a99b79208db30e0a7ca2e7c27
acc6e767760a4a7b2cce7aabd83ea4773ce42aef68b8d357258011b15bab8f4e
ae5aa53ef20713196ea8df5240200659b2d589fb1b01604d8166d9d6f9032211
b21d3c84a56e96a787129c9b016a36df3ee65aadec3d5c693c5e88eb808e76de
b40ed885c6eabc68309c7e3377008ec3aaba2add66e43fcf6fc2851cdc6a2f98
b81e011e0e5932a62615b2b8140ffbba3c90c0200b4b89f4a7a5792aad991c20
b9e8722e8c411c31be6e69ba0c29d37521b9582eec6ab752c83a4a6660b7c577
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
be31352c0d78585ebf18c903b26311efc0b63b9266d9149474067aff86fe49d2
bf20634fb43f6e33fbf4d022432e0d4e998de586210350ca8392fb65ad721fbb
c0a7b78b741975a40bcc99c4b89e39855248aa76b3c8d639c8dc39245ebe1441
c22d828ce4cfcc353fd19fb159a27befcdfc329df2de208e8b4c1d487a1a554d
c252a63cc3245c852e13332a77220c033b56a952344862770bfe104e76a0d436
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c33efaa4f69ab159c9ebaafa59ed6921113646d0e745c40b4eb2069113ffa3b5
c4a0ef38673b76bc063e2948a08e6c6f296e35497d582de8414d90fb7e97db29
c8ad4efe674d62221756125ac359800c85d1c776ab4da918cb1764c23a40141b
c9c5d16c69195dcdee08bb0968f08d1437a32f3d42209a3e3c28c252cc6f63e2
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cb1c332e100d3945ca1e53f853210247730b1b305cfca79d69dc6882cdcfbb3b
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
ce9e81978c38abc877702c4bb005f64b3b717b4efd28214f7acf60417695e8f5
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d251488c9ca5e6de113e970778045f5337aabccde3fd3220036c9f613b7a5fee
d34083a65ff0e36a3d645ece2161f69414caf9f8aed2d21e288e7607c5ddd6dc
d41f7c34fe91a733b1f7afff4b479b66c5bd119ee46bdb1dbcdef806d7ca3ebe
d5d449964b98c3b2bb88a3531d59db3f9644c7ab1a1175349f50e6c8fbd9397d
d5d4cc06a54bc5558710f306550160b5e497fae5f56e71a6755a3c0567479c34
d7769d34413948b167e8357b1e8322ce3ba32e96571fad70d0eb3406998cb253
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d8e8b70424cd0f3f1f5a9285e3b0d2a0d5546f371544550969facf69b81a0d90
d9a3e8f06cc8581fd6eeb011535e3fe287f9d38d22be1ec1f9fd9bf804adf62a
daff39d44409c9edf74398508cda065c4af3be5183a9bdae8aa4b8c4b44a0aef
dcc25392bc501616ab10758195f6d72976b1b7262ad713025c33489feefa9746
df20e1aa84574d7f16e5a6340e0362e131f3e88749b58f7ee714b2b1b19c69db
dfb251ab625fc65ba9da3b27cc16fc25459480c929e6e8ff1efb2fa87fd72659
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e1c150a784ff7261cc614a33314ba4f5c98f82d968fc719a954b85c26a98eda6
e2a387f6a7cdac265c90c59daa4f30eeb1d183b8bcce4858384ab51d33c94533
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7c0414c684bfa4486c8b0b0cd11410cebc03d78bc913a06382203cc80719541
e85b4be623658d2ed5a5adf2b8de0e6b5edfdc2d1c7c8972cd8f2d380dc4d293
ed8a3320b85003e4acda56beba20a58f9d931cbabc95024476a99be054813fe5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2dae02c92b3348935a3b5aca7978095c8c39526c4e122640972f92a733268c8
f38d73458b9a297fd670945c082ac37aea3f75d7b87be5cebb258adb85ddec6d
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f80289ca9b3bdc717c33985f741bb73410743768098d340a76ce50b1b12eeb00
f884d832a91088ec8a5ad92f94d30bd7976e26192d7e5fe2a64e25335027cf65
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fbf08c4d01639c653424ded1023e1d5f1f5010cdaa29d192d10090c9479715d4
fdfa58611e601da60b2897ad25cd381b93f18b9414d85913cf051fe176e8401f
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

live.hotnewsmm.xyz Open in urlscan Pro 2606:4700:e4::ac40:aa26 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

274 Requests

98 %HTTPS

64 %IPv6

28 Domains

55 Subdomains

43 IPs

6 Countries

6624 kBTransfer

14575 kBSize

18 Cookies

23 Outgoing links

Redirected requests

274 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

live.hotnewsmm.xyz Open in urlscan Pro
2606:4700:e4::ac40:aa26 Public Scan

Screenshot
Live screenshot

Full Image

274
Requests

98 %
HTTPS

64 %
IPv6

28
Domains

55
Subdomains

43
IPs

6
Countries

6624 kB
Transfer

14575 kB
Size

18
Cookies

274 HTTP transactions
11 data transactions