www.matichonweekly.com Open in urlscan Pro
2606:4700:20::ac43:4b8a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.matichonweekly.com/hot-news/article_563338?fbclid=IwAR3o9CbHkSog1-_U97WLgPspQz5PUgtIYx4SXKIpoGeWS9Horg61nmUYHbY
Effective URL:
https://www.matichonweekly.com/hot-news/article_563338
Submission: On July 31 via manual (July 31st 2022, 1:30:20 am UTC) from DE — Scanned from DE

Summary HTTP 381 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 96 IPs in 16 countries across 55 domains to perform 381 HTTP transactions. The main IP is 2606:4700:20::ac43:4b8a, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.matichonweekly.com. The Cisco Umbrella rank of the primary domain is 536546.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 11th 2022. Valid for: a year.

This is the only time www.matichonweekly.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 33	2606:4700:20:... 2606:4700:20::ac43:4b8a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6812:d841	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:a800:6:b871:4f00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:206... 2600:9000:206f:9600:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:10:... 2606:4700:10::6816:4e7b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a02:26f0:350... 2a02:26f0:3500:16::215:1484	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:440... 2606:4700:440e::6812:2fe6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	65.9.66.63 65.9.66.63	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
4	119.63.193.220 119.63.193.220	38627 (BAIDUJP B...) (BAIDUJP Baidu)
6	104.111.225.233 104.111.225.233	16625 (AKAMAI-AS) (AKAMAI-AS)
2	203.150.243.253 203.150.243.253	4618 (INET-TH-A...) (INET-TH-AS Internet Thailand Company Limited)
1	27.254.32.27 27.254.32.27	9891 (CSLOX-IDC...) (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited.)
1	143.204.215.50 143.204.215.50	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
15	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	99.86.1.145 99.86.1.145	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:214... 2600:9000:214f:b800:1a:f2c5:bfc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::ac43:47fe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:206... 2600:9000:206f:a000:15:a80b:45c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
4	13.209.232.2 13.209.232.2	16509 (AMAZON-02) (AMAZON-02)
1 3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	192.96.200.41 192.96.200.41	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
2	2600:1901:0:7... 2600:1901:0:7a0b::	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
23	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
11	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
2	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
36	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	37.157.2.248 37.157.2.248	198622 (ADFORM) (ADFORM)
6	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	178.250.0.139 178.250.0.139	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	178.250.0.162 178.250.0.162	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
10	2600:9000:206... 2600:9000:206f:4800:13:dd95:c600:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
8	193.108.153.10 193.108.153.10	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	43.134.100.94 43.134.100.94	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
2	3.34.229.18 3.34.229.18	16509 (AMAZON-02) (AMAZON-02)
2	52.19.54.25 52.19.54.25	16509 (AMAZON-02) (AMAZON-02)
1 2	211.249.220.158 211.249.220.158	9457 (DREAMX-AS...) (DREAMX-AS DREAMLINE CO.)
1 1	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1	52.78.181.17 52.78.181.17	16509 (AMAZON-02) (AMAZON-02)
1	183.110.238.136 183.110.238.136	4766 (KIXS-AS-K...) (KIXS-AS-KR Korea Telecom)
1	103.243.202.190 103.243.202.190	45974 (NHN-AS-KR...) (NHN-AS-KR NHN)
1	119.63.197.150 119.63.197.150	38627 (BAIDUJP B...) (BAIDUJP Baidu)
7	119.63.198.143 119.63.198.143	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1	2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
1	87.240.190.78 87.240.190.78	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
1	217.20.155.208 217.20.155.208	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
2	2600:9000:214... 2600:9000:214f:8c00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	18.138.171.139 18.138.171.139	16509 (AMAZON-02) (AMAZON-02)
1 1	139.162.117.143 139.162.117.143	63949 (LINODE-AP...) (LINODE-AP Linode)
1	34.111.114.222 34.111.114.222	15169 (GOOGLE) (GOOGLE)
2	23.106.249.95 23.106.249.95	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:401... 2a00:1450:4014:80f::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:401... 2a00:1450:4014:80b::2003	15169 (GOOGLE) (GOOGLE)
1 1	31.220.27.155 31.220.27.155	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
5	104.244.36.20 104.244.36.20	7415 (ADSAFE-1) (ADSAFE-1)
2	3.37.25.164 3.37.25.164	16509 (AMAZON-02) (AMAZON-02)
1	34.199.182.125 34.199.182.125	14618 (AMAZON-AES) (AMAZON-AES)
12	119.63.198.180 119.63.198.180	38627 (BAIDUJP B...) (BAIDUJP Baidu)
9	2600:9000:211... 2600:9000:211e:3800:11:9be7:da80:93a1	16509 (AMAZON-02) (AMAZON-02)
3	119.63.198.188 119.63.198.188	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1	119.63.197.136 119.63.197.136	38627 (BAIDUJP B...) (BAIDUJP Baidu)
4	18.138.163.233 18.138.163.233	16509 (AMAZON-02) (AMAZON-02)
2	18.156.195.47 18.156.195.47	16509 (AMAZON-02) (AMAZON-02)
1	185.94.180.123 185.94.180.123	35220 (SPOTX-AMS) (SPOTX-AMS)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	185.86.137.32 185.86.137.32	201081 (SMARTADSE...) (SMARTADSERVER)
1	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.251.149.69 54.251.149.69	16509 (AMAZON-02) (AMAZON-02)
7	54.251.102.136 54.251.102.136	16509 (AMAZON-02) (AMAZON-02)
3	2404:6800:400... 2404:6800:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400e:1b::a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:62::8	15169 (GOOGLE) (GOOGLE)
1	142.250.185.102 142.250.185.102	15169 (GOOGLE) (GOOGLE)
4	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0a::8a	15169 (GOOGLE) (GOOGLE)
1	198.47.127.18 198.47.127.18	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	52.172.204.196 52.172.204.196	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
381	96

33 2606:4700:20::ac43:4b8a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.matichonweekly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:d841 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.izooto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:a800:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:9600:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:4e7b (United States)

ASN13335 (CLOUDFLARENET, US)

code.th.giraff.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:3500:16::215:1484 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.ivideosmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ivx-cdn.ivideosmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:440e::6812:2fe6 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-63.fra56.r.cloudfront.net

cdn.qgr.ph	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 119.63.193.220 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

api.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.111.225.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-225-233.deploy.static.akamaitechnologies.com

static.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 203.150.243.253 (Bangkok, Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 253.243.150.203.sta.inet.co.th

lvs2.truehits.in.th	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 27.254.32.27 (Thailand)

ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH)

stat.matichon.co.th	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-50.fra53.r.cloudfront.net

cdn.qgraph.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.1.145 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-1-145.fra6.r.cloudfront.net

d2wy8f7a9ursnm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:b800:1a:f2c5:bfc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

hdrbd.ivstracker.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:47fe (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.aralego.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:a000:15:a80b:45c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

ivxplayer.ivideosmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.209.232.2 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-209-232-2.ap-northeast-2.compute.amazonaws.com

api.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.96.200.41 (West Mifflin, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.2.248 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:206f:4800:13:dd95:c600:93a1 (United States)

ASN16509 (AMAZON-02, US)

3001653-matichon-weekly.cf.ivideosmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 193.108.153.10 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-10.deploy.static.akamaitechnologies.com

p-events.ivideosmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 43.134.100.94 (Singapore, Singapore)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

data.th.giraff.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.34.229.18 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-34-229-18.ap-northeast-2.compute.amazonaws.com

r-log.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.19.54.25 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-54-25.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 211.249.220.158 (Korea, Republic Of) 1 redirects

ASN9457 (DREAMX-AS DREAMLINE CO., KR)

analytics.ad.daum.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
act.ds.kakao.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.78.181.17 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-78-181-17.ap-northeast-2.compute.amazonaws.com

adx.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 183.110.238.136 (Korea, Republic Of)

ASN4766 (KIXS-AS-KR Korea Telecom, KR)

idsync.admixer.co.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.243.202.190 (Korea, Republic Of)

ASN45974 (NHN-AS-KR NHN, KR)

cm-exchange.toast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.63.197.150 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

th.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 119.63.198.143 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

log.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:800e:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.240.190.78 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv78-190-240-87.vk.com

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.20.155.208 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: ip208.155.odnoklassniki.ru

connect.ok.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:214f:8c00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.138.171.139 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-171-139.ap-southeast-1.compute.amazonaws.com

api.quantumgraph.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.117.143 (Tokyo, Japan) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1601-143.members.linode.com

gocm.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.114.222 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 222.114.111.34.bc.googleusercontent.com

jscdn.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.106.249.95 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

a.th.giraff.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
code.yengo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4014:80f::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4014:80b::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.155 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.244.36.20 (United States)

ASN7415 (ADSAFE-1, US)
PTR: nyidt.adsafeprotected.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.37.25.164 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-37-25-164.ap-northeast-2.compute.amazonaws.com

sp-api.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.199.182.125 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-182-125.compute-1.amazonaws.com

in.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 119.63.198.180 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

imageaws.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:211e:3800:11:9be7:da80:93a1 (United States)

ASN16509 (AMAZON-02, US)

d2cli4kgl5uxre.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 119.63.198.188 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

r.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.63.197.136 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

inrecsys.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.138.163.233 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-163-233.ap-southeast-1.compute.amazonaws.com

aiqua-sdk.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com

c2shb.pubgw.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.94.180.123 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.32 (France)

ASN201081 (SMARTADSERVER, FR)

prg8.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.251.149.69 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-251-149-69.ap-southeast-1.compute.amazonaws.com

a.ivstracker.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.251.102.136 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-251-102-136.ap-southeast-1.compute.amazonaws.com

r.ivstracker.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4001:808::2003 (Australia)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:1b::a (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

rr5---sn-5hnednss.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:62::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

rr3---sn-4g5e6nsk.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::8a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

s.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.18 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.172.204.196 (Pune, India)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

nhwimp.izooto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 159 ade.googlesyndication.com — Cisco Umbrella Rank: 288	363 KB
47	criteo.net static.criteo.net — Cisco Umbrella Rank: 615 pix.eu.criteo.net — Cisco Umbrella Rank: 7179 csm.eu.criteo.net — Cisco Umbrella Rank: 7348	689 KB
33	matichonweekly.com 1 redirects www.matichonweekly.com — Cisco Umbrella Rank: 536546	607 KB
28	popin.cc api.popin.cc — Cisco Umbrella Rank: 19880 th.popin.cc — Cisco Umbrella Rank: 84511 log.popin.cc — Cisco Umbrella Rank: 20630 imageaws.popin.cc — Cisco Umbrella Rank: 40014 r.popin.cc — Cisco Umbrella Rank: 21838 inrecsys.popin.cc — Cisco Umbrella Rank: 23837	490 KB
26	ivideosmart.com player.ivideosmart.com — Cisco Umbrella Rank: 41978 ivxplayer.ivideosmart.com — Cisco Umbrella Rank: 47673 3001653-matichon-weekly.cf.ivideosmart.com p-events.ivideosmart.com — Cisco Umbrella Rank: 46023 ivx-cdn.ivideosmart.com — Cisco Umbrella Rank: 440739	671 KB
25	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 56 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 211 stats.g.doubleclick.net — Cisco Umbrella Rank: 117 cm.g.doubleclick.net — Cisco Umbrella Rank: 205 pubads.g.doubleclick.net — Cisco Umbrella Rank: 477 ad.doubleclick.net — Cisco Umbrella Rank: 202	209 KB
17	adform.net track.adform.net — Cisco Umbrella Rank: 3758 s1.adform.net — Cisco Umbrella Rank: 8623	239 KB
15	dable.io static.dable.io — Cisco Umbrella Rank: 17633 api.dable.io — Cisco Umbrella Rank: 16677 r-log.dable.io — Cisco Umbrella Rank: 18448 adx.dable.io — Cisco Umbrella Rank: 16099 images.dable.io — Cisco Umbrella Rank: 18644 sp-api.dable.io — Cisco Umbrella Rank: 35781	68 KB
12	criteo.com rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 13433 ads.eu.criteo.com — Cisco Umbrella Rank: 7319 rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11035 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9410	200 KB
11	google.com adservice.google.com — Cisco Umbrella Rank: 96 www.google.com — Cisco Umbrella Rank: 10	2 KB
10	cloudfront.net d2wy8f7a9ursnm.cloudfront.net d2cli4kgl5uxre.cloudfront.net	9 MB
9	adsafeprotected.com pixel.adsafeprotected.com — Cisco Umbrella Rank: 570 static.adsafeprotected.com — Cisco Umbrella Rank: 559 dt.adsafeprotected.com — Cisco Umbrella Rank: 499	96 KB
9	ivstracker.net hdrbd.ivstracker.net — Cisco Umbrella Rank: 49211 a.ivstracker.net — Cisco Umbrella Rank: 41751 r.ivstracker.net — Cisco Umbrella Rank: 50154	106 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	284 KB
6	appier.net 1 redirects gocm.c.appier.net — Cisco Umbrella Rank: 2368 jscdn.appier.net — Cisco Umbrella Rank: 44068 aiqua-sdk.c.appier.net — Cisco Umbrella Rank: 101453	21 KB
6	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 226	33 KB
5	gstatic.com fonts.gstatic.com csi.gstatic.com	21 KB
5	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 434 ajax.googleapis.com — Cisco Umbrella Rank: 303 fonts.googleapis.com — Cisco Umbrella Rank: 72	365 KB
4	google.de adservice.google.de — Cisco Umbrella Rank: 8252 www.google.de — Cisco Umbrella Rank: 5701	2 KB
4	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 101 graph.facebook.com — Cisco Umbrella Rank: 134	966 B
4	giraff.io code.th.giraff.io — Cisco Umbrella Rank: 55281 data.th.giraff.io — Cisco Umbrella Rank: 53142 a.th.giraff.io — Cisco Umbrella Rank: 54943	36 KB
4	izooto.com cdn.izooto.com — Cisco Umbrella Rank: 14359 nhwimp.izooto.com — Cisco Umbrella Rank: 22927	55 KB
3	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 508 search.spotxchange.com — Cisco Umbrella Rank: 419	2 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 424	80 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52 region1.google-analytics.com — Cisco Umbrella Rank: 2841	20 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 668 syndication.twitter.com — Cisco Umbrella Rank: 871	133 KB
3	optad360.io cmp.optad360.io — Cisco Umbrella Rank: 43225 get.optad360.io — Cisco Umbrella Rank: 25380	211 KB
2	googlevideo.com 1 redirects rr5---sn-5hnednss.googlevideo.com — Cisco Umbrella Rank: 56556 rr3---sn-4g5e6nsk.googlevideo.com — Cisco Umbrella Rank: 98607	1 KB
2	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 505 image8.pubmatic.com — Cisco Umbrella Rank: 587	163 B
2	yahoo.com c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 905	199 B
2	quantumgraph.com 1 redirects api.quantumgraph.com — Cisco Umbrella Rank: 43294	650 B
2	bugsnag.com sessions.bugsnag.com — Cisco Umbrella Rank: 1010	34 B
2	truehits.in.th lvs2.truehits.in.th — Cisco Umbrella Rank: 83151	10 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	87 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 93	120 KB
1	youtube.com s.youtube.com — Cisco Umbrella Rank: 697
1	casalemedia.com htlb.casalemedia.com — Cisco Umbrella Rank: 553	642 B
1	smartadserver.com prg8.smartadserver.com — Cisco Umbrella Rank: 20833	564 B
1	treasuredata.com in.treasuredata.com — Cisco Umbrella Rank: 3914	559 B
1	yengo.com code.yengo.com — Cisco Umbrella Rank: 79431	341 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 3831	208 B
1	ok.ru connect.ok.ru — Cisco Umbrella Rank: 23117	2 KB
1	vk.com vk.com — Cisco Umbrella Rank: 5436	567 B
1	toast.com cm-exchange.toast.com — Cisco Umbrella Rank: 4576	607 B
1	admixer.co.kr idsync.admixer.co.kr — Cisco Umbrella Rank: 2740	884 B
1	kakao.com act.ds.kakao.com — Cisco Umbrella Rank: 18553	492 B
1	daum.net 1 redirects analytics.ad.daum.net — Cisco Umbrella Rank: 16997	569 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 273	17 KB
1	aralego.com sync.aralego.com — Cisco Umbrella Rank: 1734	413 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 873	421 B
1	aralego.net cdn.aralego.net — Cisco Umbrella Rank: 4734	1 KB
1	qgraph.io cdn.qgraph.io — Cisco Umbrella Rank: 53185	107 KB
1	matichon.co.th stat.matichon.co.th — Cisco Umbrella Rank: 137967	222 B
1	qgr.ph cdn.qgr.ph — Cisco Umbrella Rank: 100785	991 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1311	5 KB
381	55

	Domain	Requested by
36	static.criteo.net	ads.eu.criteo.com
33	www.matichonweekly.com	1 redirects www.matichonweekly.com static.cloudflareinsights.com
23	tpc.googlesyndication.com	3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com www.matichonweekly.com imasdk.googleapis.com pagead2.googlesyndication.com tpc.googlesyndication.com
17	pagead2.googlesyndication.com	www.matichonweekly.com pagead2.googlesyndication.com www.googletagservices.com tpc.googlesyndication.com
12	imageaws.popin.cc	www.matichonweekly.com
11	track.adform.net	www.matichonweekly.com s1.adform.net 3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com
11	securepubads.g.doubleclick.net	www.googletagservices.com get.optad360.io securepubads.g.doubleclick.net www.matichonweekly.com
10	3001653-matichon-weekly.cf.ivideosmart.com	cdn.jsdelivr.net
9	d2cli4kgl5uxre.cloudfront.net	www.matichonweekly.com
8	p-events.ivideosmart.com	player.ivideosmart.com
8	www.google.com	www.matichonweekly.com 3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com tpc.googlesyndication.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.matichonweekly.com
7	r.ivstracker.net	player.ivideosmart.com
7	log.popin.cc	www.matichonweekly.com
7	csm.eu.criteo.net	ads.eu.criteo.com
7	3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
7	www.googletagservices.com	www.matichonweekly.com 3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com
6	cdnjs.cloudflare.com	ads.eu.criteo.com player.ivideosmart.com
6	s1.adform.net	track.adform.net s1.adform.net 3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com
6	player.ivideosmart.com	www.matichonweekly.com player.ivideosmart.com client
5	dt.adsafeprotected.com	www.matichonweekly.com
5	static.dable.io	www.matichonweekly.com api.dable.io
4	ade.googlesyndication.com
4	aiqua-sdk.c.appier.net	cdn.qgraph.io
4	pix.eu.criteo.net	ads.eu.criteo.com
4	cat.nl.eu.criteo.com	ads.eu.criteo.com
4	ads.eu.criteo.com	3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com
4	api.dable.io	static.dable.io
4	api.popin.cc	www.matichonweekly.com api.popin.cc
3	csi.gstatic.com	imasdk.googleapis.com
3	pubads.g.doubleclick.net	imasdk.googleapis.com www.matichonweekly.com
3	r.popin.cc	www.matichonweekly.com
3	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net imasdk.googleapis.com
3	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net imasdk.googleapis.com
3	www.facebook.com	1 redirects www.matichonweekly.com connect.facebook.net
3	cdn.jsdelivr.net	player.ivideosmart.com get.optad360.io
3	imasdk.googleapis.com	player.ivideosmart.com imasdk.googleapis.com www.matichonweekly.com
3	cdn.izooto.com	www.matichonweekly.com cdn.izooto.com
2	c2shb.pubgw.yahoo.com	hdrbd.ivstracker.net
2	sp-api.dable.io	www.matichonweekly.com
2	fonts.gstatic.com	fonts.googleapis.com
2	api.quantumgraph.com	1 redirects www.matichonweekly.com
2	static.adsafeprotected.com	pixel.adsafeprotected.com www.matichonweekly.com
2	pixel.adsafeprotected.com	static.dable.io www.matichonweekly.com
2	r-log.dable.io	static.dable.io www.matichonweekly.com
2	rtb.nl.eu.criteo.com	www.matichonweekly.com
2	rtb.fr.eu.criteo.com	www.matichonweekly.com
2	sessions.bugsnag.com	d2wy8f7a9ursnm.cloudfront.net
2	sync.search.spotxchange.com	1 redirects www.matichonweekly.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	lvs2.truehits.in.th	www.matichonweekly.com
2	platform.twitter.com	www.matichonweekly.com platform.twitter.com
2	connect.facebook.net	www.matichonweekly.com connect.facebook.net
2	www.googletagmanager.com	www.matichonweekly.com www.googletagmanager.com
2	code.th.giraff.io	www.matichonweekly.com
2	get.optad360.io	www.matichonweekly.com get.optad360.io
1	nhwimp.izooto.com	cdn.izooto.com
1	image8.pubmatic.com
1	s.youtube.com
1	ad.doubleclick.net
1	rr3---sn-4g5e6nsk.googlevideo.com	www.matichonweekly.com
1	rr5---sn-5hnednss.googlevideo.com	1 redirects
1	ivx-cdn.ivideosmart.com	www.matichonweekly.com
1	a.ivstracker.net	imasdk.googleapis.com
1	htlb.casalemedia.com	hdrbd.ivstracker.net
1	prg8.smartadserver.com	hdrbd.ivstracker.net
1	hbopenbid.pubmatic.com	hdrbd.ivstracker.net
1	search.spotxchange.com	hdrbd.ivstracker.net
1	inrecsys.popin.cc	www.matichonweekly.com
1	in.treasuredata.com	api.popin.cc
1	code.yengo.com	www.matichonweekly.com
1	s.uuidksinc.net	1 redirects
1	images.dable.io	static.dable.io
1	fonts.googleapis.com	api.dable.io
1	ajax.googleapis.com	api.dable.io
1	a.th.giraff.io	code.th.giraff.io
1	jscdn.appier.net	cdn.qgraph.io
1	gocm.c.appier.net	1 redirects
1	connect.ok.ru	code.th.giraff.io
1	vk.com	code.th.giraff.io
1	graph.facebook.com	code.th.giraff.io
1	th.popin.cc	api.popin.cc
1	cm-exchange.toast.com	www.matichonweekly.com
1	idsync.admixer.co.kr	www.matichonweekly.com
1	adx.dable.io	www.matichonweekly.com
1	cm.g.doubleclick.net	1 redirects
1	act.ds.kakao.com	www.matichonweekly.com
1	analytics.ad.daum.net	1 redirects
1	data.th.giraff.io	code.th.giraff.io
1	s0.2mdn.net	imasdk.googleapis.com
1	syndication.twitter.com	platform.twitter.com
1	www.google.de	www.matichonweekly.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
1	sync.aralego.com	cdn.aralego.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	ivxplayer.ivideosmart.com	player.ivideosmart.com
1	cdn.aralego.net	player.ivideosmart.com
1	hdrbd.ivstracker.net	player.ivideosmart.com
1	d2wy8f7a9ursnm.cloudfront.net	player.ivideosmart.com
1	cdn.qgraph.io	cdn.qgr.ph
1	stat.matichon.co.th	www.matichonweekly.com
1	cdn.qgr.ph	www.matichonweekly.com
1	static.cloudflareinsights.com	www.matichonweekly.com
1	cmp.optad360.io	www.matichonweekly.com
381	105

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
twitter.com
www.youtube.com
www.technologychaoban.com
www.silpa-mag.com
www.sentangsedtee.com
plus.google.com
lineit.line.me
ivideosmart.com
asiansmelody.com
tadamaew.com
udipedia-one.ru
trk7.perfectinstall.net
truehits.net
www.matichon.co.th

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.optad360.io Amazon	`2021-11-17` - `2022-12-15`	a year	crt.sh
player-objects.ivideosmart.com R3	`2022-06-13` - `2022-09-11`	3 months	crt.sh
aiqua.appier.com Amazon	`2022-04-08` - `2023-05-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-09` - `2022-08-07`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.popin.cc DigiCert Secure Site Pro CN CA G3	`2021-10-22` - `2022-10-22`	a year	crt.sh
static.dable.io R3	`2022-07-26` - `2022-10-24`	3 months	crt.sh
lvs2.truehits.in.th Sectigo RSA Domain Validation Secure Server CA	`2022-01-29` - `2023-02-27`	a year	crt.sh
*.matichon.co.th Sectigo RSA Domain Validation Secure Server CA	`2022-01-17` - `2023-02-17`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.ivstracker.net Amazon	`2021-11-26` - `2022-12-24`	a year	crt.sh
*.ivideosmart.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-29` - `2023-03-29`	a year	crt.sh
*.dable.io Amazon	`2022-06-26` - `2023-07-25`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-21` - `2022-11-20`	a year	crt.sh
*.bugsnag.com Sectigo RSA Domain Validation Secure Server CA	`2022-04-26` - `2023-04-26`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-07-22` - `2022-10-19`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-27` - `2022-08-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-22` - `2022-08-24`	3 months	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-21` - `2022-09-23`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-12` - `2022-09-12`	3 months	crt.sh
*.cf.ivideosmart.com Amazon	`2021-12-27` - `2023-01-25`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
data.th.giraff.io R3	`2022-07-16` - `2022-10-14`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
*.admixer.co.kr GeoTrust RSA CA 2018	`2022-04-29` - `2023-05-01`	a year	crt.sh
*.toast.com Sectigo RSA Organization Validation Secure Server CA	`2022-06-30` - `2023-07-31`	a year	crt.sh
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-03-18` - `2023-04-03`	a year	crt.sh
*.ok.ru GeoTrust RSA CA 2018	`2022-02-28` - `2023-03-31`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
jscdn.appier.net R3	`2022-06-27` - `2022-09-25`	3 months	crt.sh
a.th.giraff.io R3	`2022-06-24` - `2022-09-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.adsafeprotected.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-18` - `2023-06-18`	a year	crt.sh
*.treasuredata.com Amazon	`2021-09-17` - `2022-10-16`	a year	crt.sh
*.api.qgraph.io Amazon	`2022-03-25` - `2023-04-23`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-08` - `2022-08-31`	6 months	crt.sh
*.spotxchange.com GeoTrust RSA CA 2018	`2022-03-11` - `2023-03-29`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.izooto.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-08` - `2023-03-11`	a year	crt.sh

This page contains 26 frames:

Primary Page: https://www.matichonweekly.com/hot-news/article_563338
Frame ID: 367FF45FACC7AC5B5F28F618C9878FB4
Requests: 199 HTTP requests in this frame

Frame: https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Frame ID: 5F4ECD708930DB0EBB52DE4659E2325F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220727/r20190131/zrt_lookup.html
Frame ID: F8DC61ACBCABFCFA42DDF8DC0FC8AC25
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/sync.html
Frame ID: C602EBE50A5BF9F83D53BA38346663CF
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1354716955228626&output=html&adk=1812271804&adf=3025194257&lmt=1659231005&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659231004871&bpp=2&bdt=1608&idt=180&shv=r20220727&mjsv=m202207250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7266885146716&frm=20&pv=2&ga_vid=894751020.1659231005&ga_sid=1659231005&ga_hid=1021787086&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C44761793%2C31068638%2C42531605&oid=2&pvsid=2341100944955711&tmod=618209250&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=200
Frame ID: 57D0BC9715F56389419F2BA7869E5EFD
Requests: 1 HTTP requests in this frame

Frame: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2A2198887ED7B6116B3ADFB13449B1CE
Requests: 1 HTTP requests in this frame

Frame: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C605D4E0D6796D1B7F3034FAB4108C25
Requests: 10 HTTP requests in this frame

Frame: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E645445AA019F06A463917747CC76C91
Requests: 9 HTTP requests in this frame

Frame: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 116DC58D96AF2EA6ECC47E0F39314846
Requests: 9 HTTP requests in this frame

Frame: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E34366BBBE0E7CD248FB1126FF92530E
Requests: 1 HTTP requests in this frame

Frame: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 28A073024EEFA6A9BEBD7B2D14738FC1
Requests: 1 HTTP requests in this frame

Frame: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4AC6CE23DAA9008ECBD3FE2ED9EFDCBE
Requests: 10 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.dc05643fdb8d0e2b89e5cc3c1d26d1b5.html?origin=https%3A%2F%2Fwww.matichonweekly.com
Frame ID: 32964E304A7642228BCF2D83751E84A5
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D930911267030013%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df31b725af330dc%2526domain%253Dwww.matichonweekly.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.matichonweekly.com%25252Ff116c096251ee9c%2526relation%253Dparent.parent%26container_width%3D322%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fmatichonweekly%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%26width
Frame ID: F987039CFD4346986EC66E628E1EE7FF
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuXbHQADmagK4GiBAA8IVVmjKq38eUfwl5oosA&u=%7Cicvy%2BNkreb2AP0WwMNQXgDhK3YF5yqPRqRxI9YPFp%2Fg%3D%7C&c1=0n2XosTo5cmJbNb7DNNVBd09feAUrRU5KgFh9XNQv4I0A_64YSM0HeTEAVbYfjkwagOn2ee-KscXR3GuaZC9wE0vl9rtksJ8Dc7yiDzy99ixeyYz3KATJ3fJRHDyal0fFijPZDKnfJhwKjLzQJkmo_pbCEzs68oL4yx8t4NLJbI4zF4cocvpuK9AXoqhiG82LD3SN8-wjrvuYaood7rUzwOJ0CKw9epq4E-bSpd18q9GfB5LRaFDAxmlHc7SPtN6ZDLWXbXWJPoxADu1ScPWmeMr9OeSaYNF-FNcz4A8WKha1mWxXcFsEySqCvr9_QNG4PRV7xBCFkcGwFk7VE513VHbmsdNAMe3QV7WY1ji31I2-470PNQVw2yw_iGXOzEPNKzKaXIGLchvbNxCuyIAOrxCt9BXNL3B42_AUdMDVedY4nBUeXDCtbFuMKdZfxVB-DTegSuCAzn2v55vM9Bcsc44yE0U9eLX7oXCQ5uOKvQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDiG_HdvlYqizDoHRgQfVkLy4Bcme0rFc1Z2R93DAjbcBEAEgAGCV0qOCsAeCARdjYS1wdWItMTM1NDcxNjk1NTIyODYyNsgBCakCBDJji1YlsT7gAgCoAwGqBI0CT9CSWxFu-M5IZUcWtvF8QrX-agbkdnlTdN2HEfmvugsMm8QM9fzgFq83-oJpVdpDNAFPLtDqz2WcQBJGmchHLZNsQ1UjH9z0rZhmV99jhtUmWLwZAm1LTJQlREsBuaNJtfr_yXmRe1meLtnm0H1FsNTxNBwmVy7b5e9d58ksRwIU760KH4QPhZGf9NwZLA-Po6lpdfFfGRBdB7UW3YFggH-oWPubgqCOI14sX1Pk7ee19ywJ81a0qw4ti0WgGfnTRlIBtiRIG1mBfDgpYoY7aGLHFRcASBPT4mk9XqLyHJDRg4zmTFeGt7k762Zja2Fijq0LkvbnCrcEdS2vfhWPb8BlfzO8Ax39ahbIFWzgBAGABu-dgaTXla2bG6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0FscV1Zaf3AeDaD1ZYYvLTxs0g0w%26client%3Dca-pub-1354716955228626%26adurl%3D
Frame ID: D357C1AACBC225EFC505A81BF23CA2F2
Requests: 15 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuXbHQADmaUK4GiBAA8IVeh_LYgHsxBkBbxYQA&u=%7CgNMOE4LdLXqnApI2hN%2FFImBd1AzwdeKk8l%2F1qIbtcEM%3D%7C&c1=0n2XosTo5cmJbNb7DNNVBd09feAUrRU5KgFh9XNQv4JdLNIKaOnb5OzEWkIpq6r1BJdkqejnNl45Kh9Y2SghDXabwdx6ifBMrst4K_FNPK2ekluEuX0ttZocwHxBLNZgB0Xe1lL-7BYuK5p5kw0kW94s5rdg3zwlc_ii7tVg8COp2oA-EVtDgNrafb6m7AGZGs2-ExjUh12g0rIlz8GGS57UuzKEY7TUJXM6FEM9JUBuDusYUKILaZRxXwp-2Om4tN4kDntYUZuksfJ-tLAZb1QTU0Dibu2QOT2QBcVrGkvDtZQqyvs7BOWA6H2pDPUCbwbTObKn8VejONcrDcniHkYRJA0pozYt0vxBN3WkNiDuzfvihnRpEAngdlDolQrmo1iaBz-DtxeEpOBSFr20sMF9R_cVjkC3lyU9YZEkWCAt4VfYBIs86nciLQQXRdTcaDa7NblTWi4omIg8COL6ehVCRjfkuq-aEgtgmD5nAwQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEAvMHdvlYqWzDoHRgQfVkLy4Bcme0rFc1Z2R93DAjbcBEAEgAGCV0qOCsAeCARdjYS1wdWItMTM1NDcxNjk1NTIyODYyNsgBCakCBDJji1YlsT7gAgCoAwGqBJUCT9DttmYxnscC3RL6h_FCgcZiZxZpb0toOZZG4uTxZWJKFJ84xnZ8BDgEy-wmnb4mkAtVZAD7fG-dxuZTrDqfwGWObO2zofcQr3yoHI9tD8ecekAm2N7QwwfePWqoezlAxvfJkf2mHKrc5lpC3AaN3_grGeqmx5Js01l2AKTaXB-h7BVXVLM--FVP8VDfQoTbYu6WLY7vVhICLU9-4kTqunO-en29J3wylgFtilSZdsgn2dqmENLdR0RoYRdjXoqi8GA_p3DeDqssCwmSWUC235B9zot4KjZFfTXtvn0w4omBa2g4Fa4JeuJstKzTLig9Ndl3OkSHxM7PxBhyTMXg_Cw6OOciUz4hKs-HEdO9JTJy9z4BmuAEAYAG752BpNeVrZsboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0fL5BqIoP-8tATixSJhOd4PQnKzw%26client%3Dca-pub-1354716955228626%26adurl%3D
Frame ID: 2F8E93CE492B3E15A24DF3B6D6F71D39
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cv0xdHdvlYqezDoHRgQfVkLy4Bei-mJRcoKWzyf0IwI23ARABIABgldKjgrAHggEXY2EtcHViLTEzNTQ3MTY5NTUyMjg2MjbIAQmpAv_reKI4boI-4AIAqAMBqgSXAk_QMHQ6rM_HyNvEsOETL1G_jEaAxEl9ChJnJ1UTrQbDweEPv6SwNNUYu8HIPyQ8GQ1ihU01zdwqfglqzoIuowEIa0s2ECJ-vdUXR3RPZidE1Hk876v7npleX8hb65MWTaq4ZhWMZW8jsi-L0H3egUXrT2BqmqJQLlG1UELnl_NLSeUiythY1-zYduJOw4s6WCe4lyj3lL_sNULF1yc7oU-2CA1Tv4_6WEnNcUJqv4SYptJzERgxw_imH7ULHQEc_RWPhtm0Jrbpdqoz2PO9kqLjPtMKcXjPz7KZO6QqKwlsnpi45xWNDWG0JxH4hg9LDRcQowe4TKgNsafRa0WKkdz4PYTU4QIbcQcj65Cc0Yj_kL_SoL_aKeAEAYAGntrM3dSpt52QAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTEzNTQ3MTY5NTUyMjg2MjYYypQi&sigh=ZIZOwnqyyBU&uach_m=[UACH]&cid=CAQSPgCsnQUxswLW5mw8UbURwjTgMiA5yDQehrQ5x3c3ETggoQvTCV8pJgN_4kkkK2QDUR7Vz8f0k_qRlkjFnaaZGAE
Frame ID: CCD0529B48D80B5CB6974094C52EBF2C
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pagead/adview?ai=C_8jwHdvlYqazDoHRgQfVkLy4Bei-mJRcoKWzyf0IwI23ARABIABgldKjgrAHggEXY2EtcHViLTEzNTQ3MTY5NTUyMjg2MjbIAQmpAv_reKI4boI-4AIAqAMBqgSRAk_QjbOTEpcuZyir11qOaaoOsrB67wWvCblv6wPh47C5wWDbc4XaoUBHZhQ42wXmOynx0H9p06GbyZkbZ2KWFnrzh8TvGxC-RZIhTX4j2Jz1cozz34GjhW4-t5s5Xz1PrplNQmecsWAUI33U_O6PPSwKaY6TGcF_dDLm5Pa5ltEYmrbndUHiG0_3tPCy9KMLIpyIU9FBo76PqSOYVCzk3hQjgsB7EvpsX4WjwbAltyVo7kvbHg4LhG8hiOVqw73d8dycRfeSWTEmphmGTHvmjnKlCOaSb0N9RQE1OVPyAW-xq7X4F0h4Dv-LZt2r5hpqhIpVZzvYXwRtbh5eJuPWx6iv9qv3B5gtQEEz_SZZXxVfq-AEAYAGi_eMnI323oB2oAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgECACgH6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMTM1NDcxNjk1NTIyODYyNhjKlCI&sigh=8Y5gH9MC-GI&uach_m=[UACH]&cid=CAQSPgCsnQUxswLW5mw8UbURwjTgMiA5yDQehrQ5x3c3ETggoQvTCV8pJgN_4kkkK2QDUR7Vz8f0k_qRlkjFnaaZGAE
Frame ID: 1D8B03D8F582DB8231EB76E50CBAD640
Requests: 18 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuXbHQADmaMK4GiBAA8IVW2-bBXN1mDt3tiH9A&u=%7CgNMOE4LdLXru7p9QL9qXiUsehgWGCftpsEyufOZkM%2Bg%3D%7C&c1=0n2XosTo5cmJbNb7DNNVBd09feAUrRU5KgFh9XNQv4I0A_64YSM0HeTEAVbYfjkwagOn2ee-KscXR3GuaZC9wE0vl9rtksJ8Dc7yiDzy99ixeyYz3KATJ5jUNyNZ-rw2S9QDl3gXX7bAkYetAha2wFwSkjEYjvctyx_NVpiqA4VcBUuYGS3nVz1F1HD_cX8rXyJtWh6XO2R5QSjLKKJu5P6QEosezpD0txk24CaaiBfmdGZMVrvLDkKqTnnqw6to8FBMh6SRmppZeLihk6cbAJ7x45999v3Mo6d437zCTvb8Da-a78jnWc1_H25oQ9BB2iTjc6PO24X8x3xb7UBie6HK9-deEVvEui0Nu6ExcBpOuA9TYzz6IRXBU-eJLxXmRi3ImYBAIejuhvi2166nKCzlFicXbDiCSpNUzcZHmuWW66b6_VS5UJ4_8xn0yWS-y5Ol1pMBFYSwQACHWRls4gmI97D-n6_N1tmDA2LenSJA_li00STC5g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEqi1HdvlYqOzDoHRgQfVkLy4Bcme0rFc1Z2R93DAjbcBEAEgAGCV0qOCsAeCARdjYS1wdWItMTM1NDcxNjk1NTIyODYyNsgBCakCBDJji1YlsT7gAgCoAwGqBIwCT9A17GPIgIMXzPoMzHNRIvMEQ55nYgLC2UbbktxSN4IH9WrwYo6JAKZqKv8iznUbv_poG1Q5vUzka0SYxyGxn6n86G4Ho0GW54vlClrYM5KufA1l6jH6zKQ6enKt51wwESzxKhwfSEGLFgb0x8PwGFuUPP1OBKvKJhFSLWQRwlt9kiqiNg_N5gSD_jdfoJD3MJ9Mhh_LUh5c2tJMrs6Nhb9rAVY4tHzj5ChDkcuQQtr6bCQBy-qvYZOWUzKi21WN_YjRpS5Uonp8XnprYVVFWSfVw_wCZ4jg_EUf6cFwiAiqjfk3dJpOB-F5NcJqSQICud3mphpJ26NVmewTSi8jnetjgZCrwGJq7N4zxeAEAYAG752BpNeVrZsboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2CDi7e1y0aOjZ_qKrrKvlhPzJcvg%26client%3Dca-pub-1354716955228626%26adurl%3D
Frame ID: 23C9DF60343395CE5E0AC4A1F0ADD348
Requests: 15 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuXbHQADmaQK4GiBAA8IVeoKsHZqnDcwQ0SN_Q&u=%7CgNMOE4LdLXpkDU845oKtbJ4NYXzDDCUc3pvxxYw1DGQ%3D%7C&c1=0n2XosTo5cmJbNb7DNNVBd09feAUrRU5KgFh9XNQv4JdLNIKaOnb5OzEWkIpq6r1BJdkqejnNl45Kh9Y2SghDXabwdx6ifBMChPCl-FdT_23wDCir6bFv5O2XJZXcDZ-WokB8xDe7tUlfHDKnzp8lqojUPHvGk8LeN-IFzSLCIzbB73dqhCqQBfS1XjMAGLdloG8WbHuJDJCpN5LvM8Y91VggIzRlFYBVC7s4E3o1B_mgUed5CBLebBTADqW0ALAmp3NkSyXo2M43vcB4c6ihLV1bhyta9uCJbJsreI9TI3evZlDraEDq2yHtfEp1SQ2PkjUFy37NH2Unfp15K6wjnsTxsmru5gIoOYtNMfz4r5qGG_tk2g1ZUl8QA3-rcJp2bpJzl5xDT7U-t3GegH2wI-LRBDltTW7qxFc0Mh8zQgBF3u2G-4w_PTV0ckGzBS1IkcxLTlVPn5KOyemhEIPxRK4JjxWHlt7xfuzC5LiVKY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCenk2HdvlYqSzDoHRgQfVkLy4Bcme0rFc1Z2R93DAjbcBEAEgAGCV0qOCsAeCARdjYS1wdWItMTM1NDcxNjk1NTIyODYyNsgBCakCBDJji1YlsT7gAgCoAwGqBJECT9DGm0TqyqHXyiWaTUNxiWQRWtB91EeALnxz-UoRUuh1Bi37ok7D_kvb-DW7Wfkef0PsrQHLc3dKlEWv0BydVIrlTiepKEo-bveka9MpyUKbowBlYbfznRDJYXWn-pXnws2IOLgFRwEg788cNF0JOqIhMjSmDUINA-8UyfWbgGmgKUGx4dkj4RCM0q6TpwA_6ao2-Ws7PT1VG-YjKz1GH_U5IwbY8FYJU_i7cL3iEzvxN-TzzwEEtSOOQw3h-z7Y2HMI0lVfycmgDFTT9C_eT8axQWlNXDVOkyGlMJe8EZjs1AdssQhFgTFFciHNFTAdEX9cf8pkMQonsWN2Ly_br2sb1FwlcyUo0-xbNudU1d6I4AQBgAbvnYGk15WtmxugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0rWWVumyUP_jWvmL7rTIcjeX97ww%26client%3Dca-pub-1354716955228626%26adurl%3D
Frame ID: 753F182EF4AA62D2CB9BEF3C25DD1ABD
Requests: 15 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.522.0_en.html
Frame ID: 396F7F05C4C6B59CFDEEC9C35807060B
Requests: 33 HTTP requests in this frame

Frame: https://api.dable.io/widgets/id/57wjnOo8/users/71941740.1659231006062?from=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&url=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&ref=&cid=71941740.1659231006062&uid=71941740.1659231006062&site=matichonweekly.com&id=dablewidget_57wjnOo8_WXp4M4XY&category1=%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%94%E0%B9%88%E0%B8%99&ad_params=%7B%7D&item_id=563338&item_pub_date=2022-06-07T08%3A29%3A53%2B00%3A00&pixel_ratio=1&client_width=694&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
Frame ID: 538293C4C27D09ECFC0CAC8CA72731FB
Requests: 13 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 9E52626957B256E9E7E1A0EC733ECAF2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: 15D3001912F00A6B3CBEAEAAD8208AC7
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 34F4604860B28EB85C2F94B6F5F7E071
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C17295085041FDFE8B288EC9C1182E6B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

บก. ปอศ.พบ นักออกแบบในกรุงเทพฯ WFH ใช้ซอฟต์แวร์ผิดกฎหมาย! - มติชนสุดสัปดาห์

Page URL History Show full URLs

https://www.matichonweekly.com/hot-news/article_563338?fbclid=IwAR3o9CbHkSog1-_U97WLgPspQz5PUgtIYx4SXKIpoGe... HTTP 301
https://www.matichonweekly.com/hot-news/article_563338 Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

BugSnag (Analytics) Expand

Overall confidence: 100%
Detected patterns

/bugsnag.*\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Izooto (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.izooto\.\w+

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

381
Requests

98 %
HTTPS

46 %
IPv6

55
Domains

105
Subdomains

96
IPs

16
Countries

14829 kB
Transfer

27858 kB
Size

51
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/matichonweekly

Search URL Search Domain Scan URL

URL: https://www.instagram.com/matichon_weekly/

Search URL Search Domain Scan URL

URL: https://twitter.com/matichonweekly

Search URL Search Domain Scan URL

URL: https://www.youtube.com/playlist?list=PLugpZ9d_PMwlwAZONo7A5xQLItfgQoCMl

Search URL Search Domain Scan URL

URL: https://www.technologychaoban.com/

Search URL Search Domain Scan URL

URL: https://www.silpa-mag.com/

Search URL Search Domain Scan URL

URL: https://www.sentangsedtee.com/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=%E0%B8%9A%E0%B8%81.+%E0%B8%9B%E0%B8%AD%E0%B8%A8.%E0%B8%9E%E0%B8%9A+%E0%B8%99%E0%B8%B1%E0%B8%81%E0%B8%AD%E0%B8%AD%E0%B8%81%E0%B9%81%E0%B8%9A%E0%B8%9A%E0%B9%83%E0%B8%99%E0%B8%81%E0%B8%A3%E0%B8%B8%E0%B8%87%E0%B9%80%E0%B8%97%E0%B8%9E%E0%B8%AF+WFH+%E0%B9%83%E0%B8%8A%E0%B9%89%E0%B8%8B%E0%B8%AD%E0%B8%9F%E0%B8%95%E0%B9%8C%E0%B9%81%E0%B8%A7%E0%B8%A3%E0%B9%8C%E0%B8%9C%E0%B8%B4%E0%B8%94%E0%B8%81%E0%B8%8E%E0%B8%AB%E0%B8%A1%E0%B8%B2%E0%B8%A2%21&url=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&via=%E0%B8%A1%E0%B8%95%E0%B8%B4%E0%B8%8A%E0%B8%99%E0%B8%AA%E0%B8%B8%E0%B8%94%E0%B8%AA%E0%B8%B1%E0%B8%9B%E0%B8%94%E0%B8%B2%E0%B8%AB%E0%B9%8C
Title: Twitter

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=https://www.matichonweekly.com/hot-news/article_563338
Title: Google+

Search URL Search Domain Scan URL

URL: https://lineit.line.me/share/ui?url=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338
Title: LINE

Search URL Search Domain Scan URL

URL: https://ivideosmart.com/privacy-policy/
Title: click here

Search URL Search Domain Scan URL

URL: https://asiansmelody.com/click.php?key=grjvyje7hkd9qmyubp3g&cs=1&c1={teaser}&c2=www.matichonweekly.com&c3=4126029
Title: งูหลามกลืนเศรฐินีสาวทั้งเป็นที่กรุงเทพฯ!!PR

Search URL Search Domain Scan URL

URL: https://asiansmelody.com/click.php?key=h3ah5xefv3u0u3y70unf&cs=0.6&c1={teaser}&c2=www.matichonweekly.com&c3=4017128
Title: โศกนาฏกรรมหลังบ้าน!งูหลามกลืนเศรฐินีสาวทั้งเป็นที่กรุงเทพฯPR

Search URL Search Domain Scan URL

URL: https://asiansmelody.com/click.php?key=7dofqrut7xk5vadiqyj8&cs=1&c1={teaser}&c2=www.matichonweekly.com&c3=4069101
Title: โศกนาฏกรรมในกรุงเทพฯ สัตว์ร้ายโจมตีชายชราในรถของเขาPR

Search URL Search Domain Scan URL

URL: https://tadamaew.com/
Title: สิ่งศักดิ์สิทธิ์ จากถ้ำนาคาพร้อมกับเกจิอาจารย์ดัง ให้แม่นทุกงวดPR

Search URL Search Domain Scan URL

URL: https://udipedia-one.ru/preview/new?utm_campaign=36741&utm_content=521ca997-288d-4f7d-92c5-6b0ed73c44df&utm_source=www.matichonweekly.com&utm_medium=3557&sid6=4090783&is_visitor=1
Title: กล้องถูกติดตั้งในโลงศพที่มีศพ: สิ่งที่ถ่ายทำที่นั่นทำให้ทุกคนตกใจPR

Search URL Search Domain Scan URL

URL: https://trk7.perfectinstall.net/click.php?key=ivqngk7geq10zpzzhym1&pub=www.matichonweekly.com&banner=4121715&title=%E0%B8%81%E0%B8%B2%E0%B8%A3%E0%B8%84%E0%B9%89%E0%B8%99%E0%B8%9E%E0%B8%9A%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%99%E0%B9%88%E0%B8%B2%E0%B9%81%E0%B8%9B%E0%B8%A5%E0%B8%81%E0%B9%83%E0%B8%88!%20%E0%B8%9E%E0%B8%9A%E0%B8%99%E0%B8%B2%E0%B8%87%E0%B9%80%E0%B8%87%E0%B8%B7%E0%B8%AD%E0%B8%81%E0%B8%9A%E0%B8%99%E0%B8%8A%E0%B8%B2%E0%B8%A2%E0%B8%9D%E0%B8%B1%E0%B9%88%E0%B8%87&device=Win32&timestamp=1659231007&campaign=1355326&cost=0.6
Title: การค้นพบที่น่าแปลกใจ! พบนางเงือกบนชายฝั่งPR

Search URL Search Domain Scan URL

URL: https://asiansmelody.com/click.php?key=w4maxm6nwzcqirl2pw80&cs=0.6&c1={teaser}&c2=www.matichonweekly.com&c3=4105467
Title: นี่คือเมียของเศรษฐีลุงแก่ที่กรุงเทพ!!PR

Search URL Search Domain Scan URL

URL: https://asiansmelody.com/click.php?key=7dofqrut7xk5vadiqyj8&cs=1&c1={teaser}&c2=www.matichonweekly.com&c3=4072027
Title: ทำไมเศรษฐีในกรุงเทพคนนี้ถึงพยายามจะขับให้ชนรถ?PR

Search URL Search Domain Scan URL

URL: https://trk7.perfectinstall.net/click.php?key=ivqngk7geq10zpzzhym1&pub=www.matichonweekly.com&banner=4131033&title=%E0%B8%9E%E0%B8%9A%E0%B8%99%E0%B8%B2%E0%B8%87%E0%B9%80%E0%B8%87%E0%B8%B7%E0%B8%AD%E0%B8%81%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%A1%E0%B8%B5%E0%B8%8A%E0%B8%B5%E0%B8%A7%E0%B8%B4%E0%B8%95%E0%B8%9A%E0%B8%99%E0%B8%8A%E0%B8%B2%E0%B8%A2%E0%B8%9D%E0%B8%B1%E0%B9%88%E0%B8%87:%20%E0%B8%A0%E0%B8%B2%E0%B8%9E%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B9%84%E0%B8%A1%E0%B9%88%E0%B9%80%E0%B8%84%E0%B8%A2%E0%B8%A1%E0%B8%B5%E0%B8%A1%E0%B8%B2%E0%B8%81%E0%B9%88%E0%B8%AD%E0%B8%99&device=Win32&timestamp=1659231007&campaign=1356245&cost=0.6
Title: พบนางเงือกที่มีชีวิตบนชายฝั่ง: ภาพที่ไม่เคยมีมาก่อนPR

Search URL Search Domain Scan URL

URL: https://asiansmelody.com/click.php?key=h3ah5xefv3u0u3y70unf&cs=0.6&c1={teaser}&c2=www.matichonweekly.com&c3=4119713
Title: เศรษฐีจากกรุงเทพฯ เอาพิษงูมานอนด้วยนำโชคมาให้!PR

Search URL Search Domain Scan URL

URL: https://truehits.net/stat.php?login=matichonweekly

Search URL Search Domain Scan URL

URL: https://www.matichon.co.th/privacy-policy
Title: อ่านเพิ่มเติมคลิก (Privacy Policy) และ (Cookies Policy)

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.matichonweekly.com/hot-news/article_563338?fbclid=IwAR3o9CbHkSog1-_U97WLgPspQz5PUgtIYx4SXKIpoGeWS9Horg61nmUYHbY HTTP 301
https://www.matichonweekly.com/hot-news/article_563338 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66

https://sync.search.spotxchange.com/partner?source=220182&sync_limit=7&gdpr=0&gdpr_consent=1 HTTP 302
https://sync.search.spotxchange.com/partner?source=220182&sync_limit=7&gdpr=0&gdpr_consent=1&__user_check__=1&sync_id=4e2168a6-1070-11ed-9051-153cf9b00406

Request Chain 102

https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=930911267030013&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df31b725af330dc%26domain%3Dwww.matichonweekly.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.matichonweekly.com%252Ff116c096251ee9c%26relation%3Dparent.parent&container_width=322&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fmatichonweekly%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=&width= HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D930911267030013%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df31b725af330dc%2526domain%253Dwww.matichonweekly.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.matichonweekly.com%25252Ff116c096251ee9c%2526relation%253Dparent.parent%26container_width%3D322%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fmatichonweekly%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%26width

Request Chain 231

https://analytics.ad.daum.net/match?d=111&uid=71941740.1659231006062 HTTP 307
https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220220731%22,%22u%22:%2271941740.1659231006062%22%7D%7D

Request Chain 232

https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm HTTP 302
https://adx.dable.io/pixel/google?google_gid=CAESEJMv8ntxw0F2_RWYu4Vrg8s&google_cver=1

Request Chain 250

https://api.quantumgraph.com/web/cm/ HTTP 302
https://gocm.c.appier.net/qg?a_i=/web/cm/?from=dback HTTP 302
https://api.quantumgraph.com/web/cm/?from=dback&qaid=vuVCJuiWX6dFyx82OYb_0Q&noredir=1

Request Chain 267

https://s.uuidksinc.net/match/480/?remote_uid=417644797 HTTP 302
https://code.yengo.com/sync?dsp=kadam&id=at9CSRw6rIkZIW13dqda

Request Chain 341

https://rr5---sn-5hnednss.googlevideo.com/videoplayback?expire=1659259810&ei=ItvlYp-cF5KJ6dsPzs63sAs&ip=37.58.57.1&id=df93ee1eca784fbd&itag=22&source=youtube&requiressl=yes&mh=es&mm=31&mn=sn-5hnednss&ms=au&mv=m&mvi=5&pl=21&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=50.178&lmt=1657034435387500&mt=1659230213&txp=5318224&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhAMHqCxOcK19CSI5vk6cWdIp-d6ZwIvfwchkbHNTxuafmAiEAt35GBKYUk5U72S3ZlRgydMrXrC-6StiuSva9SQwdmfk=&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhALuYEE37knUQPwHJNyjenQgzpkSO6i3HGG9MWJZpZ9O3AiBDn4wSEX4-s7-F0IIfEf7CyIV_XL1olVbv7DQHePqiVg==&cpn=C2dalHnMkW_qkhWW HTTP 302
https://rr3---sn-4g5e6nsk.googlevideo.com/videoplayback?expire=1659259810&ei=ItvlYp-cF5KJ6dsPzs63sAs&ip=37.58.57.1&id=df93ee1eca784fbd&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=50.178&lmt=1657034435387500&txp=5318224&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhAMHqCxOcK19CSI5vk6cWdIp-d6ZwIvfwchkbHNTxuafmAiEAt35GBKYUk5U72S3ZlRgydMrXrC-6StiuSva9SQwdmfk=&cpn=C2dalHnMkW_qkhWW&redirect_counter=1&rm=sn-5hnezs76&req_id=f7b743f86ecf36e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=es&mip=2a00:c98:2030:a004:1::4&mm=31&mn=sn-4g5e6nsk&ms=au&mt=1659230854&mv=u&mvi=3&pl=32&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAPBxR_bwIWH3AKimndEX2fhNPU2dkRkK0tKKgm8wd-ltAiBhCkZJP3ptzd5NOqMmhqot3Nqcew9nxm8PYMQrBXuB4Q%3D%3D

381 HTTP transactions
17 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request article_563338 Show response
www.matichonweekly.com/hot-news/
Redirect Chain

https://www.matichonweekly.com/hot-news/article_563338?fbclid=IwAR3o9CbHkSog1-_U97WLgPspQz5PUgtIYx4SXKIpoGeWS9Horg61nmUYHbY
https://www.matichonweekly.com/hot-news/article_563338

113 KB
25 KB

522ms
520ms

Document
text/html

2606:4700:20::ac43:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.matichonweekly.com/hot-news/article_563338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93072530d1228ef896a3aebb64d86f39fb57f35c32883b07168571651f02f27c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-apo-via: origin,no-cache
cf-cache-status: BYPASS
cf-edge-cache: cache,platform=wordpress
cf-ray: 733291071ab18fdd-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 31 Jul 2022 01:30:03 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link: <https://www.matichonweekly.com/wp-json/>; rel="https://api.w.org/", <https://www.matichonweekly.com/wp-json/wp/v2/posts/563338>; rel="alternate"; type="application/json", <https://www.matichonweekly.com/?p=563338>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2BV4rsYQ%2Fe1IeELJZXgewKiYI0VVwxqTpyZFOrN8LWz9BTTjCQ7WmF3mxRTLw5mO%2BD3xfRtfYtLJZk5um%2B9ckAHk4Ti9Y4fHudeno5e%2Flp04eycLmy%2FSlALoRPnMwKYVK1N%2BX3r8TbC8YFUbBipBapKHSnM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubdomains;
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
x-fastcgi-cache: MISS
x-frame-options: SAMEORIGIN

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-apo-via: origin,no-cache
cf-cache-status: BYPASS
cf-ray: 73329101cffc8fdd-FRA
content-type: text/html
date: Sun, 31 Jul 2022 01:30:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://www.matichonweekly.com/hot-news/article_563338
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JYmFSNE8nIryksQ6cULbONGjJPQuyJOskDdvZ%2F7LiK5Exyp6HmR6KR5EEJnAr2GvQPkoBOj%2B718PujFO%2FlN%2FHErGjD3bC67SO1iSPm01kYapvAtxZkADmu8%2FRmdomlu8E3U2aV%2FH1njRLhxeluOZ1zkj9PQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubdomains;
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H3 200 pdpa.js Show response
www.matichonweekly.com/wp-content/plugins/plugin-pdpa/js/ 2 KB
1 KB 891ms
890ms Script
application/javascript 2606:4700:20::ac43:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.matichonweekly.com/wp-content/plugins/plugin-pdpa/js/pdpa.js
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b8a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b839a7d12b81f1a32ae704bb6e911b2416e9eda8e81aa7642599c07e65299291

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/hot-news/article_563338
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:04 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=1791
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Mon, 21 Feb 2022 21:44:23 GMT
server: cloudflare
etag: W/"621407b7-6ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kd7t6uQNrM5KucejyI4he5xXuePNqfm8stUuS6gJVh2Q%2B1JFbE6Z4tgszsg3muHL%2FQvWMUaf129knXaru0CMO3FTveIJfz7%2BTCHB4NJtZXOkWh7uIK%2FeDVkukZGkye2QaLSW99vEO2jMzXxJI6wJAUwGUak%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800, must-revalidate, proxy-revalidate
cf-ray: 7332910a78509152-FRA
cf-bgj: minify

GET
H3 200 pdpa.css
www.matichonweekly.com/wp-content/plugins/plugin-pdpa/css/ 1 KB
1 KB 918ms
911ms Stylesheet
text/css 2606:4700:20::ac43:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.matichonweekly.com/wp-content/plugins/plugin-pdpa/css/pdpa.css?ver=1656231798
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b8a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d93020493ab455746716fd097c26728a1a85ab9533d51714020bf1c84b75d604

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/hot-news/article_563338
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:04 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=1624
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Mon, 21 Feb 2022 21:44:23 GMT
server: cloudflare
etag: W/"621407b7-658"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JEYwrTQeMKBhme025JRmmT2hjYKwBg7X2jNgfxQFu87E%2BjYe%2BP53ctUM3BpFJ87Vi4ypi4q7w807OpDF68B8zTLQaO7w5W%2Bf3wEkM0JEoieh2sSLyWMbznHwcaPxQVt%2B03WOzEOn%2Fn9lZexEu3t9iV%2FNjF4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=1800, must-revalidate, proxy-revalidate
cf-ray: 7332910a78599152-FRA
cf-bgj: minify

GET
H3 200 style.min.css
www.matichonweekly.com/wp-includes/css/dist/block-library/ 81 KB
12 KB 25ms
18ms Stylesheet
text/css 2606:4700:20::ac43:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.matichonweekly.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b8a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/hot-news/article_563338
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 625
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Mon, 13 Jun 2022 07:25:52 GMT
server: cloudflare
etag: W/"62a6e680-145db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=th7TWS%2BvNA1I7ImL7bmPC1iZ2wL597gvM2IJTerXx9ov45OWQ8d0EJg3M0Dx%2Buq%2Fksn%2B0tJ7RFG3aCevxGPGs8LGf88W55PgpvyPDfPcyTD5nava4lg3vE88XZLARKn1EssEoa%2BLnjMna9cKARe5E2W10j4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=1800, must-revalidate, proxy-revalidate
cf-ray: 7332910a785a9152-FRA

GET
H3 200 unixdev.css
www.matichonweekly.com/wp-content/themes/matichonweekly-theme/ 115 B
720 B 879ms
873ms Stylesheet
text/css 2606:4700:20::ac43:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.matichonweekly.com/wp-content/themes/matichonweekly-theme/unixdev.css?ver=1656231799
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b8a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d65a168b39aa7ed07e34ce77d62b8b06e2b684f82d4d59482005d458c363504

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/hot-news/article_563338
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:04 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=135
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Sun, 26 Jun 2022 08:26:34 GMT
server: cloudflare
etag: W/"62b8183a-87"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=76LI%2BXdkNonRXqkp6yJInfkjS311piKfmCLqHa0dnanjSy3uAypsi02978Dl4w%2FuicwKj9G%2ByMk3Etmn5tNM3NXyI28qfJ9iQRPGqCmWJgm4QLqt6bzZo4dgEMZyGjcUkqdrbFf3ASy%2FCN49yfXFBd%2BWfFA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=1800, must-revalidate, proxy-revalidate
cf-ray: 7332910a885c9152-FRA
cf-bgj: minify

GET
H3 404 font.css
www.matichonweekly.com/wp-content/plugins/seed-fonts/fonts/upcxibold/ 0
0 1292ms
1286ms Stylesheet
text/html 2606:4700:20::ac43:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.matichonweekly.com/wp-content/plugins/seed-fonts/fonts/upcxibold/font.css?ver=5.9.3
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b8a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/hot-news/article_563338
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-edge-cache: cache,platform=wordpress
date: Sun, 31 Jul 2022 01:30:04 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
link: <https://www.matichonweekly.com/wp-json/>; rel="https://api.w.org/"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NesxLmXwj4WNGlyz7hpqevp%2BWVP4eU9U6gbmkebceuP3fvMZr7MjopdRXaqvEo0Y2mwyOlHR1TSQapNot0HgyOVesV21awS4oOFVy9yjsfh3b3%2BP6Vn%2F3B5lj13BX7P8%2B2ai2H1CWJA%2FsRD6AOyqwO58hEo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=1800, must-revalidate
cf-ray: 7332910a885e9152-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 404 font.css
www.matichonweekly.com/wp-content/plugins/seed-fonts/fonts/upcxdregular/ 0
0 1264ms
1259ms Stylesheet
text/html 2606:4700:20::ac43:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.matichonweekly.com/wp-content/plugins/seed-fonts/fonts/upcxdregular/font.css?ver=5.9.3
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b8a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/hot-news/article_563338
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-edge-cache: cache,platform=wordpress
date: Sun, 31 Jul 2022 01:30:04 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
link: <https://www.matichonweekly.com/wp-json/>; rel="https://api.w.org/"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FOZBwuse%2BQRc196ltncOijEGqPSI6%2BWOXDjnn14VSWt5SHUJvLlMwmBr68TvUhW0a%2F0W95CXx1474EvzHqenyr7hN4A4EF%2BSRuaENWGHRDdYjKM7x6I4YlFkFwZK60rKUj4n8BXooMewoLTdhUd3%2BY6EUC4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=1800, must-revalidate
cf-ray: 7332910a88609152-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 style.css
www.matichonweekly.com/wp-content/themes/matichonweekly-theme/ 585 KB
77 KB 897ms
892ms Stylesheet
text/css 2606:4700:20::ac43:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.matichonweekly.com/wp-content/themes/matichonweekly-theme/style.css?ver=1656231799
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b8a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 714844e6baefe74b0264c15dd042e6d47bd054144f4cfc48cebb68ac211dc959

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/hot-news/article_563338
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:04 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=600266
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Mon, 13 Jun 2022 08:32:27 GMT
server: cloudflare
etag: W/"62a6f61b-928ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q8Rz1mhW4tLDUhF620BwljqPYwk0ohCzUYfBm4WReL9ghXuLWjowmT3mCeY7YsPZ5GX48S%2FFRjGgDdv%2Bd%2BPG7g%2F3gauPcJZDrLIYLPOwYNqLCz5qrNHRaJAJj6DVWNovWztuYio2Tmw6axZrH4vyn801ERs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=1800, must-revalidate, proxy-revalidate
cf-ray: 7332910a88629152-FRA
cf-bgj: minify

GET
H3 200 pdpa.js Show response
www.matichonweekly.com/wp-content/plugins/plugin-pdpa/js/ 2 KB
1 KB 865ms
861ms Script
application/javascript 2606:4700:20::ac43:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.matichonweekly.com/wp-content/plugins/plugin-pdpa/js/pdpa.js?ver=1656231798
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b8a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b839a7d12b81f1a32ae704bb6e911b2416e9eda8e81aa7642599c07e65299291

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/hot-news/article_563338
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:04 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=1791
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Mon, 21 Feb 2022 21:44:23 GMT
server: cloudflare
etag: W/"621407b7-6ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yi6g839mddJi9wd8013mCDh5LXQY1yBjIOaPtDzxzWQ%2FtUw5TocWp4fTj4JqSV0rVwnE5OME3L4JXtZUUb5xVlAsDvwI8sSuRDZ9KgLGcUjKxVlgkfRS9P11skJ%2BlKdd2jxpoWyqU6qSkSi87S4ABAm3k3g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800, must-revalidate, proxy-revalidate
cf-ray: 7332910a88639152-FRA
cf-bgj: minify

GET
H3 200 jquery.min.js Show response
www.matichonweekly.com/wp-includes/js/jquery/ 87 KB
32 KB 28ms
24ms Script
application/javascript 2606:4700:20::ac43:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.matichonweekly.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b8a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/hot-news/article_563338
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 623
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Mon, 21 Feb 2022 21:44:24 GMT
server: cloudflare
etag: W/"621407b8-15db1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tY0f0rtXDEhssUn3%2F91sgpjF5iEl7EtK3s8O3PVXUAxyuPXLtEeAu2%2B13%2BV3qP1pG%2FzskDVW8qyFHON6uo6VMG%2FBBFQsYgrkIqIPNEwMeYlckiVRW2GGkS1oM1SLsL8Kzbmu62jnATXUpSL%2B%2Bi3R6UGJ6CI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800, must-revalidate, proxy-revalidate
cf-ray: 7332910a88649152-FRA

GET
H3 200 jquery-migrate.min.js Show response
www.matichonweekly.com/wp-includes/js/jquery/ 11 KB
5 KB 26ms
18ms Script
application/javascript 2606:4700:20::ac43:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.matichonweekly.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b8a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/hot-news/article_563338
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 620
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Mon, 21 Feb 2022 21:44:24 GMT
server: cloudflare
etag: W/"621407b8-2bd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YY7a1y1R8gOJbQwz4zHuGXYSWoQ9AsQMzO3oAWoebZfjliXjZBic7x%2BxBrkpO5grqVt0ClIe%2BkW2ar9DB6UZAWVTJUcLmU9jBmWbES3IxhzhKsKt%2FJZ5UFknBJRpwlQjEYEeBdUHKa7kmDW1nDSSehY98bM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800, must-revalidate, proxy-revalidate
cf-ray: 73329112deb39152-FRA

GET
H2 200 e0b52bdcc815768ff5770075177e67901c75bd54.js Show response
cdn.izooto.com/scripts/ 3 KB
2 KB 47ms
18ms Script
application/javascript 2606:4700::6812:d841
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/e0b52bdcc815768ff5770075177e67901c75bd54.js

Requested by

Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6291200fb4b26ede6d46247883ef48aedf1f2a26170d947e85346ef62d758997

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:03 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 622250
x-xss-protection: 1; mode=block
last-modified: Tue, 21 Dec 2021 07:02:36 GMT
server: cloudflare
etag: W/"61c17c0c-bd2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
access-control-allow-origin: *
expires: Wed, 31 Aug 2022 01:30:03 GMT
cache-control: public, max-age=2678400
cf-ray: 7332910aab6b698f-FRA
cf-bgj: minify

GET
H3 200 wp-emoji-release.min.js Show response
www.matichonweekly.com/wp-includes/js/ 18 KB
5 KB 902ms
895ms Script
application/javascript 2606:4700:20::ac43:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.matichonweekly.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b8a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/hot-news/article_563338
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: public
date: Sun, 31 Jul 2022 01:30:05 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 21 Feb 2022 21:44:24 GMT
server: cloudflare
etag: W/"621407b8-4705"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zD8%2FdFAE8tjfv2XcnaOum%2BRaRBUSaSse%2F26scY%2FIJ%2BCa5J8cOQcMSKjdVO0%2FBc%2FRyacZKb8AF0AxHClPZRNm7kn4uQFD4PkNgFlTZDb84LroDYEDu%2Bwp%2B0oA32W17kUKtQxbr8YaTk6Oxkx7atYeC6mZiDg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800, must-revalidate, proxy-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73329112deb59152-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 78ms
37ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b41447094b55af7ccffa35209b132e812859f30bdce59e357a6021cc49f1a08c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51883
x-xss-protection: 0
server: cafe
etag: 11879295337865612742
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 31 Jul 2022 01:30:04 GMT

GET
H2 200 854dc2ae-2921-41cd-8cc0-fa7e0948345a.min.js Show response
cmp.optad360.io/items/ 497 B
849 B 72ms
24ms Script
application/javascript 2600:9000:206f:a800:6:b871:4f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.optad360.io/items/854dc2ae-2921-41cd-8cc0-fa7e0948345a.min.js
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:a800:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:12:14 GMT
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
last-modified: Mon, 12 Apr 2021 08:54:56 GMT
server: AmazonS3
age: 1071
etag: "7acdc116a0830ba0aef5e087010246ba"
vary: Accept-Encoding
x-cache: Error from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 497
x-amz-cf-id: sRxDbb9WGf1efZdTjN-2qHrsWdi_4S5nscWsGQAawgNKgtZZqr89SA==

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/72dba841-a232-41b6-9192-77c6056db5e2/ 263 KB
58 KB 139ms
93ms Script
application/javascript 2600:9000:206f:9600:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/72dba841-a232-41b6-9192-77c6056db5e2/plugin.min.js
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:9600:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 66a4f6f4681744137dbb6e09072d4c35e771163213a2b1a66902ba318ded22cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
content-encoding: gzip
last-modified: Fri, 13 May 2022 12:33:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: W/"2d06846f5e29f6f8275b666522320f57"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-id: crgjeIo3rRHaQkOyVs3LxBpGpxY_KRzhBCTNpKR7dqD101DM0SfX2A==

GET
H2 200 widget-matichonweeklycom.js Show response
code.th.giraff.io/data/ 166 KB
35 KB 1311ms
1267ms Script
application/javascript 2606:4700:10::6816:4e7b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://code.th.giraff.io/data/widget-matichonweeklycom.js
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4e7b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b95cdee26b59ba4c7ab3e4e6512d7d19db6234a124f01746477958b05101c7dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Mon, 18 Jul 2022 14:10:11 GMT
server: cloudflare
etag: W/"62d569c3-296c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
cf-ray: 7332911319938ffb-FRA
expires: Sun, 31 Jul 2022 01:31:05 GMT

GET
H3 200 matichonweekly-logo.png
www.matichonweekly.com/wp-content/themes/matichonweekly-theme/images/ 55 KB
56 KB 1294ms
1288ms Image
image/png 2606:4700:20::ac43:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.matichonweekly.com/wp-content/themes/matichonweekly-theme/images/matichonweekly-logo.png
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b8a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fedc75dd4569afd0c848fbb9a9ee3353314db54eaa583b32b488b8e3f7a36ce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/hot-news/article_563338
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56597
pragma: public
last-modified: Tue, 29 Dec 2020 11:16:35 GMT
server: cloudflare
etag: "5feb1013-dd15"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IUY0BU%2FQu5dQEy0L0Z23Yxpr2q%2BPKjAn5s2lnEr28qKGICnOsWConkYX7JnKG2qtgw4C01CS4L0Qgj8bI%2FnxQJ%2F5BDs7CntMShQ23RV7SfkCmmIrhkb4uKT5Kel8j6N6xAQGSWXURLtQfQ6dvqUiICp8sWY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=1800, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 73329112deb69152-FRA

GET
H3 200 286130853_706081487118454_6239794186772126587_n-696x391.jpg
www.matichonweekly.com/wp-content/uploads/2022/06/ 46 KB
47 KB 1069ms
1063ms Image
image/jpeg 2606:4700:20::ac43:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.matichonweekly.com/wp-content/uploads/2022/06/286130853_706081487118454_6239794186772126587_n-696x391.jpg
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b8a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cba2108d103c0d9b11deac5697dc1e61808c753c71da6841186dd3ee0d71318

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/hot-news/article_563338
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: public
date: Sun, 31 Jul 2022 01:30:05 GMT
cf-cache-status: MISS
last-modified: Tue, 07 Jun 2022 05:57:47 GMT
server: cloudflare
etag: W/"629ee8db-b8d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=liqP%2FncdMyb509z0d1mKMZ8tPz7d0OyferM9xt37%2FOvF%2F0YiYRTVru9W5Ll%2Fxi4p%2F%2FeedPd7WFcP%2FUUOJBDOhw9xJirJwCWohCT%2B9TphjVDvErkhbEZd0%2Bs317aUi34jwPHKf83HAOZJ%2BeemO%2BvY6uUCvfs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=1800, must-revalidate, proxy-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73329112deb79152-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 285524290_5261220373900616_60092939351164654_n.jpg
www.matichonweekly.com/wp-content/uploads/2022/06/ 98 KB
99 KB 1140ms
1134ms Image
image/jpeg 2606:4700:20::ac43:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.matichonweekly.com/wp-content/uploads/2022/06/285524290_5261220373900616_60092939351164654_n.jpg
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b8a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12796fdde0d04c84163ea0b09a577b3a84d1a0dfe85f12ec643ba1476a91f014

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/hot-news/article_563338
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: public
date: Sun, 31 Jul 2022 01:30:05 GMT
cf-cache-status: MISS
last-modified: Tue, 07 Jun 2022 05:55:02 GMT
server: cloudflare
etag: W/"629ee836-18939"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sPKrDw57tpemruGUs20q9Q%2FkUrXvmx2I1FhH%2BhA9u8tRpKcyZM3XI4osuX2PKDKOTZ1WJtAoIcoc2iMabj0ffF06PtPiH5apZd2uCSDUjHpf%2FNs47yKRIAc1i7dtA8M5bGnOFRqeVUWHmOJOo8cK%2BJuXEbA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=1800, must-revalidate, proxy-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73329112deb89152-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK loader.js Show response
player.ivideosmart.com/ivsplayer/v4/dist/js/ 10 KB
4 KB 84ms
7ms Script
application/javascript 2a02:26f0:3500:16::215:1484
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/loader.js
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f7e464dbae19da0d1dbc647186d3573cebb1b5bc384f0685494e8d2eb954cca6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 31 Jul 2022 01:30:04 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Amz-Cf-Pop: LHR61-C1
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1125181
Content-Length: 3470
AMP-Access-Control-Allow-Source-Origin: *
Last-Modified: Thu, 28 Jul 2022 08:07:08 GMT
Server: AmazonS3
ETag: W/"7aa2ed03524c6c859e7adce115e22726"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200
Access-Control-Allow-Credentials: true
X-Amz-Cf-Id: nkR9ZZw4SjNMZhhZsy6l3jdGLLd8YOXqQ5j4DDaEEgjUk9I6PQ2jnA==

GET
H3 200 pt-218x150.jpg
www.matichonweekly.com/wp-content/uploads/2022/07/ 6 KB
6 KB 875ms
869ms Image
image/jpeg 2606:4700:20::ac43:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.matichonweekly.com/wp-content/uploads/2022/07/pt-218x150.jpg
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b8a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc9f94672474b5de1b97483bd55200ffc418aa413b2c7dc119b1ff9dbd368695

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/hot-news/article_563338
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: public
date: Sun, 31 Jul 2022 01:30:05 GMT
cf-cache-status: MISS
last-modified: Tue, 26 Jul 2022 04:31:38 GMT
server: cloudflare
etag: W/"62df6e2a-16f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=df00bMyGP%2FHk6fEWs8bduF9corm1TSc2Yn2P9J%2BRzw25ovB9vRkyRoF6zTr%2F%2Bm7AaewQlf7%2FUJR2FCIQrZLbJdZpurGN%2FUPqkf6YKFA0CLVKns2u3yP%2BSKzDXG18nu7WzOsJPZg8KCZ9fgnNYkg90TfcxR4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=1800, must-revalidate, proxy-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73329112deb99152-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 aHR0cHM6Ly9zLmlzYW5vb2suY29tL3RyLzAvdWQvMjg1LzE0MjYxMjkvZ3RuLmpwZw-218x150.jpg
www.matichonweekly.com/wp-content/uploads/2022/07/ 10 KB
10 KB 926ms
921ms Image
image/jpeg 2606:4700:20::ac43:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.matichonweekly.com/wp-content/uploads/2022/07/aHR0cHM6Ly9zLmlzYW5vb2suY29tL3RyLzAvdWQvMjg1LzE0MjYxMjkvZ3RuLmpwZw-218x150.jpg
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b8a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd7be141712bd08e101d53cbd4155c341cadb977a37e0cbb4d0adf17ad4a9c71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/hot-news/article_563338
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: public
date: Sun, 31 Jul 2022 01:30:05 GMT
cf-cache-status: MISS
last-modified: Thu, 28 Jul 2022 05:58:30 GMT
server: cloudflare
etag: W/"62e22586-263f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tMjiaSIIaCuGcE5gLeh3n6dBnDU%2B00EXFSt4o%2FvdSXyq81BSgdQMLwVo2Q9Feu3papr1vSQE3EfkqTJF%2FR%2FAI2Uw90HeKsKblyLXXWAP%2B6ImcB43hvi9VEJee%2BIMvL%2FeRD6PcFOskm6pQ0B6EoxutMXwp%2FU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=1800, must-revalidate, proxy-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73329112debb9152-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 %E0%B8%93%E0%B8%B1%E0%B8%90%E0%B8%9E%E0%B8%A5%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88-copy-2-218x150.jpg
www.matichonweekly.com/wp-content/uploads/2022/07/ 8 KB
8 KB 884ms
879ms Image
image/jpeg 2606:4700:20::ac43:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.matichonweekly.com/wp-content/uploads/2022/07/%E0%B8%93%E0%B8%B1%E0%B8%90%E0%B8%9E%E0%B8%A5%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88-copy-2-218x150.jpg
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b8a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50d33039f12b5b24478c81c7f1b1ee879d63c1cdbf5abf2651bf2c58d2f8d45a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/hot-news/article_563338
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: public
date: Sun, 31 Jul 2022 01:30:05 GMT
cf-cache-status: MISS
last-modified: Thu, 21 Jul 2022 03:57:21 GMT
server: cloudflare
etag: W/"62d8cea1-1e22"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=les%2BeBIY%2FzbXKI6bLVosCeiFURByG2rsKPQwlvbsjbmYL28RUPJ9vjSRSh923wwse7Ac8PxpRbk6rM45X1bQr34aCDxmsu3m2AlYljeNYQ5eBHSab8dRTZx0KlOPjE2sxygkJdpESBnVDUDWq3%2BgeQnNZCk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=1800, must-revalidate, proxy-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73329112debd9152-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 weed-2517251_960_720-218x150.jpg
www.matichonweekly.com/wp-content/uploads/2022/07/ 7 KB
7 KB 918ms
914ms Image
image/jpeg 2606:4700:20::ac43:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.matichonweekly.com/wp-content/uploads/2022/07/weed-2517251_960_720-218x150.jpg
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b8a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44b225ce41883f563770b5b123f708803b72d6134bdee1894af3115f60966be1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/hot-news/article_563338
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: public
date: Sun, 31 Jul 2022 01:30:05 GMT
cf-cache-status: MISS
last-modified: Tue, 26 Jul 2022 09:27:45 GMT
server: cloudflare
etag: W/"62dfb391-1ba4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mHJxQAC6iEqXpWFfFcACm6ts5BLsQmY4St13JsWJAfQgHLoUTNSh6%2BYiGLYWsC2MJkbSWfZkbipwfpjPPzUhom5ZiwCej7TAP0PAr82xABU9BHLEaLqBmNnUITWnADjjdGEL8Z6HNV4i0S67f%2F0ghRFrwl4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=1800, must-revalidate, proxy-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73329112debf9152-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 %E0%B8%84%E0%B8%B8%E0%B8%81%E0%B8%81%E0%B8%B0%E0%B9%80%E0%B8%AB%E0%B8%A3%E0%B8%B5%E0%B9%88%E0%B8%A2%E0%B8%87-218x150.jpg
www.matichonweekly.com/wp-content/uploads/2022/07/ 11 KB
11 KB 896ms
892ms Image
image/jpeg 2606:4700:20::ac43:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.matichonweekly.com/wp-content/uploads/2022/07/%E0%B8%84%E0%B8%B8%E0%B8%81%E0%B8%81%E0%B8%B0%E0%B9%80%E0%B8%AB%E0%B8%A3%E0%B8%B5%E0%B9%88%E0%B8%A2%E0%B8%87-218x150.jpg
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b8a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9262f9c429d4fb251053f4d7d6d9f8dd871dc6b2df438ba19ca442e3f7bcfc86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/hot-news/article_563338
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: public
date: Sun, 31 Jul 2022 01:30:05 GMT
cf-cache-status: MISS
last-modified: Wed, 27 Jul 2022 09:21:36 GMT
server: cloudflare
etag: W/"62e103a0-2ae5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FQPXcvH%2FxxMUJ%2BxQ2%2F15KM0hbb7YClVCJYaSC32zMwn2iOvOlXMpiwTtuKtm1PNDVGR5FySHapg0qXnNmxmfene7eg%2BcCLIxNZZh0FUMiSBeLWZNQm7dO%2FAhvbG6aZOOvpkUjLzsv7TNfBp2ipGmot1qlLM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=1800, must-revalidate, proxy-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73329112dec09152-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 tagdiv_theme.min.js Show response
www.matichonweekly.com/wp-content/themes/matichonweekly-theme/js/ 209 KB
50 KB 871ms
869ms Script
application/javascript 2606:4700:20::ac43:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.matichonweekly.com/wp-content/themes/matichonweekly-theme/js/tagdiv_theme.min.js?ver=1656231799
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b8a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 751c34b114333af17ad58fd47e026fc298b2ec96e64c5145a54b339374f10986

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/hot-news/article_563338
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: public
date: Sun, 31 Jul 2022 01:30:05 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 06 Sep 2021 05:28:13 GMT
server: cloudflare
etag: W/"6135a6ed-343e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=obmTOC7Wr%2BYFkXH47fDDYn4FiZ6r8mndMp6Nb2EJKRvp2Jn56PvQojigF5LS2BuLLxfaTAhafFhq3VTVQOCpbpXBY1O20wyhEiCdIljB3y0K6aA9BYKp6z8CSomF83U8MTxlKZjToScyMbKmvsCUpUb%2BLz0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800, must-revalidate, proxy-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 733291129e859152-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 comment-reply.min.js Show response
www.matichonweekly.com/wp-includes/js/ 3 KB
2 KB 30ms
23ms Script
application/javascript 2606:4700:20::ac43:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.matichonweekly.com/wp-includes/js/comment-reply.min.js?ver=5.9.3
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b8a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a10b9570a1c7858442b42f1cd48b69a191638269f37e4046607bf5fe188e38bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/hot-news/article_563338
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 623
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Mon, 13 Jun 2022 07:25:52 GMT
server: cloudflare
etag: W/"62a6e680-ba3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=guugIdmz0hVe3Ug4e1qtWU%2BXPpluL5ZPrEnPq56wV3kP%2FWcu8nkrLpGmty7s%2FdrZZsEePRKHpzab3Bx53Mab7iW3wuvaurM8Jn2hciYaYw8z5pUBF771jqyHJNOG%2BX3kn7yuchrWfiAAJaBivYmrX22TJUc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800, must-revalidate, proxy-revalidate
cf-ray: 73329112deb09152-FRA

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 61ms
32ms Script
text/javascript 2606:4700:440e::6812:2fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://www.matichonweekly.com/
Origin: https://www.matichonweekly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:04 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 733291130f2ebbad-FRA

GET
H2 200 izooto.js Show response
cdn.izooto.com/scripts/sdk/ 209 KB
52 KB 23ms
18ms Script
application/javascript 2606:4700::6812:d841
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sdk/izooto.js

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/e0b52bdcc815768ff5770075177e67901c75bd54.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

599d48c6dc3d6053f15a101fdc6320d97018bc589a7bf19b4918ef5723aa4ba6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:04 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 242546
x-xss-protection: 1; mode=block
last-modified: Thu, 28 Jul 2022 06:06:44 GMT
server: cloudflare
etag: W/"62e22774-3441a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
access-control-allow-origin: *
expires: Wed, 31 Aug 2022 01:30:04 GMT
cache-control: public, max-age=2678400
cf-ray: 73329112d816698f-FRA
cf-bgj: minify

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 83 KB
29 KB 87ms
23ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee54ef1afbdc76b2fec5a8aa092fd0c220071a5b4ee412ebc7f123b86780d4c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28650
x-xss-protection: 0
server: sffe
etag: "1289 / 665 of 1000 / last-modified: 1659132347"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 31 Jul 2022 01:30:04 GMT

GET
H2 200 qgraph.73ad50a3dfb780a32ec4.js Show response
cdn.qgr.ph/ 1015 B
991 B 45ms
11ms Script
text/javascript 65.9.66.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.qgr.ph/qgraph.73ad50a3dfb780a32ec4.js
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-63.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 258244a42788eab80744e7ad1ee234f8fd7dcb2680189d02c93c33db9f5e2e53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: XRu3PvXk450ku7eIFKMaSUGL3gOL3k2V
content-encoding: gzip
last-modified: Thu, 27 Feb 2020 08:29:48 GMT
server: AmazonS3
age: 3595
etag: W/"2ddc12a1f839ee3f11d169d7ecc73ab4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
date: Sun, 31 Jul 2022 00:30:10 GMT
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: NiHLm7XgdaODzajy7o9IKvkztJWEvlVRB_M6NhXUYxVcUWcxt55-ag==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 146 KB
49 KB 66ms
28ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TN82RP9

Requested by

Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

12d3107d37f7fc791f9f9f1577064060f60f06cc7e4870a6d81652762316c74b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:04 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49780
x-xss-protection: 0
last-modified: Sun, 31 Jul 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 31 Jul 2022 01:30:04 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 30ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5d35b0a7c4239b58fce4228835ef69328907b86e5e2b2f207fdfd85967d7d16b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 0fwJngQ2ThrVnTP3sfmu2w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: 6ePOD9qXOsUw81ktAerKhLI1Z62CHXidrIm27IAcqgl0dCAtOJEVbF7QpYIunBDy3QO3O2QSc/XUGW5K634Maw==
x-fb-trip-id: 686109401
x-fb-content-md5: bd6d2ed3f0cafadc46b6564d44211ef4
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 31 Jul 2022 01:30:04 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "c48be135b76971a1acb5d8d8741030cd"
timing-allow-origin: *
priority: u=3,i
expires: Sun, 31 Jul 2022 01:45:43 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 63ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6723) /
Resource Hash: ccaf59e06eb4f607fdedb30b166d8ab31ae2f92eaf4a2f998504204f1a2bf526

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 31 Jul 2022 01:30:04 GMT
Content-Encoding: gzip
Age: 668
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length: 29212
x-tw-cdn: VZ
Last-Modified: Tue, 19 Jul 2022 20:07:06 GMT
Server: ECS (frb/6723)
Etag: "3b16e031477759af620cd0de990c6783+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H3 200 newspaper.woff
www.matichonweekly.com/wp-content/themes/matichonweekly-theme/images/icons/ 15 KB
15 KB 20ms
20ms Font
font/woff 2606:4700:20::ac43:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.matichonweekly.com/wp-content/themes/matichonweekly-theme/images/icons/newspaper.woff?14
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/wp-content/themes/matichonweekly-theme/style.css?ver=1656231799
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b8a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc7375f568ea439c4f544ac6488b963a8d57d6cd65b0a8a551230d330e55483f

Request headers

Referer: https://www.matichonweekly.com/wp-content/themes/matichonweekly-theme/style.css?ver=1656231799
Origin: https://www.matichonweekly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 622
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15184
pragma: public
last-modified: Tue, 29 Dec 2020 11:16:35 GMT
server: cloudflare
etag: "5feb1013-3b50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ctaHIKp6DgsyY9QmhlOMUJ%2Bi4miITye1AMwLLIyUifQtlpESzhQD5SiTSK%2FUEweyE%2FySBe8uKEyuTrEygtLdLOg4wVqC08q6cdGVUj1AneY9HtwZxJVaVG2sFeZtnWSuHMcZi14UaoW8bwt6VhsyHjmVE3g%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: public, max-age=1800, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 73329112eec59152-FRA

GET
H3 200 thsarabunnew-bold.woff2
www.matichonweekly.com/wp-content/themes/matichonweekly-theme/includes/fonts/ 24 KB
25 KB 849ms
849ms Font
font/woff2 2606:4700:20::ac43:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.matichonweekly.com/wp-content/themes/matichonweekly-theme/includes/fonts/thsarabunnew-bold.woff2
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/wp-content/themes/matichonweekly-theme/style.css?ver=1656231799
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b8a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8e4803f10ffe472af238b835964e6d6031eda6383aade8113297c7038915006

Request headers

Referer: https://www.matichonweekly.com/wp-content/themes/matichonweekly-theme/style.css?ver=1656231799
Origin: https://www.matichonweekly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24844
pragma: public
last-modified: Tue, 29 Dec 2020 11:16:35 GMT
server: cloudflare
etag: "5feb1013-610c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UrDuqHrDUlEQeWLjVgJWNhxud14%2BgBdUxFfL0cSCXQCle8IQSz0Auch2Do63dkOzst4PiXEo6ydbQhc1ixPqrULPs3E483V8ggSSQsVjXnpBbvwarD8kkmbLncTWezg1bR24uLk8lFnFtU%2FYGIyKXzkr72w%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=1800, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 73329112eec79152-FRA

GET
H3 200 thsarabunnew.woff2
www.matichonweekly.com/wp-content/themes/matichonweekly-theme/includes/fonts/ 24 KB
25 KB 878ms
878ms Font
font/woff2 2606:4700:20::ac43:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.matichonweekly.com/wp-content/themes/matichonweekly-theme/includes/fonts/thsarabunnew.woff2
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/wp-content/themes/matichonweekly-theme/style.css?ver=1656231799
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b8a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05e360f2c3667bbad4d17ff01852dd8ec11532ace3d9f9e3c3e43b62ff5705e1

Request headers

Referer: https://www.matichonweekly.com/wp-content/themes/matichonweekly-theme/style.css?ver=1656231799
Origin: https://www.matichonweekly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24964
pragma: public
last-modified: Tue, 29 Dec 2020 11:16:35 GMT
server: cloudflare
etag: "5feb1013-6184"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KVOcMQMHdfReqPl%2FinfSyGp7cgVhrQ1bsLH8uC3lmsByrSrEDlPcAO68oux9kUocZcoYZQtdvi9bG6u1FmbJhS%2Fb%2F%2B%2FnJtAsiWnwcwkBGT7T%2FDGzFAwAqybvaxzLTPWN%2Bygm6LWH2s7oaj3%2FjQnhTdLXjrU%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=1800, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 73329112eec89152-FRA

GET
DATA 200
OK truncated
/ 121 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ud-matichonweekly-icon.ttf
www.matichonweekly.com/wp-content/themes/matichonweekly-theme/images/ud-icon/ 19 KB
20 KB 19ms
19ms Font
application/octet-stream 2606:4700:20::ac43:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.matichonweekly.com/wp-content/themes/matichonweekly-theme/images/ud-icon/ud-matichonweekly-icon.ttf?1i9xsa
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/wp-content/themes/matichonweekly-theme/style.css?ver=1656231799
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b8a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91cf4bb532d484a0cb2118052070f44c1104b73332f2095ce14c70cac7dda203

Request headers

Referer: https://www.matichonweekly.com/wp-content/themes/matichonweekly-theme/style.css?ver=1656231799
Origin: https://www.matichonweekly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 621
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19704
pragma: public
last-modified: Tue, 29 Dec 2020 11:16:35 GMT
server: cloudflare
etag: "5feb1013-4cf8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PRNXUByhVVGnflRQ5pFgmqh1ffvFYhwYM4LYftNt9gN8KXGKC1UwIrIBRKZkIKLYDKWn%2FmamBUl3NYV6LaQwuHs%2B6chjNglV%2BJ8VZr%2B2dySFAIYvkjsgaudkwhrZwjtxuS%2BT2XIlEpt7g4tXqs%2BM4Cp6Odg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: public, max-age=1800, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 733291132ef89152-FRA

GET
H3 200 newspaper-icons.woff
www.matichonweekly.com/wp-content/themes/matichonweekly-theme/images/icons/ 6 KB
6 KB 873ms
873ms Font
font/woff 2606:4700:20::ac43:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.matichonweekly.com/wp-content/themes/matichonweekly-theme/images/icons/newspaper-icons.woff?1
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/wp-content/themes/matichonweekly-theme/style.css?ver=1656231799
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b8a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a2ac34136c00e48cd04edf792aec5e6dba2b4cd5942b9383f3f56764125e808

Request headers

Referer: https://www.matichonweekly.com/wp-content/themes/matichonweekly-theme/style.css?ver=1656231799
Origin: https://www.matichonweekly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5956
pragma: public
last-modified: Tue, 29 Dec 2020 11:16:35 GMT
server: cloudflare
etag: "5feb1013-1744"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aOurPs9%2B3BY5w2Vwe2SUqL%2BiKgYHXbf2VmqyB8osNHmuUimVFfnY6pIwXgXPoUr99qqfvOOcNbD49qrmiErOG2wrgDhhFq6Kqmh8XB5YoF6PpwAWVv%2BlowQlRX5VdsSwFJ14eSR%2BtGKIMBQYL%2FQ3Y4ml1F4%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: public, max-age=1800, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 733291132efc9152-FRA

GET
H3 200 thsarabunnew-bold-italic.woff2
www.matichonweekly.com/wp-content/themes/matichonweekly-theme/includes/fonts/ 26 KB
27 KB 20ms
20ms Font
font/woff2 2606:4700:20::ac43:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.matichonweekly.com/wp-content/themes/matichonweekly-theme/includes/fonts/thsarabunnew-bold-italic.woff2
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/wp-content/themes/matichonweekly-theme/style.css?ver=1656231799
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b8a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df87dd4398d992cba646bc40217e27c5843b946250208fa21e09b4be3ebe7859

Request headers

Referer: https://www.matichonweekly.com/wp-content/themes/matichonweekly-theme/style.css?ver=1656231799
Origin: https://www.matichonweekly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27088
pragma: public
last-modified: Tue, 29 Dec 2020 11:16:35 GMT
server: cloudflare
etag: "5feb1013-69d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=52wkFVietW4MyArZR%2Be4Ft4i2KzKjGqCVzjAEnnTC%2BSwnFCFjWF4dt5ND6V3dKt2uCx8ZqMdTcmaRph67v1ZoWVfNgoDNQ8RqYrXnZO3sZkvJL2e1%2BKQmcIKIgOwscBfpfdyiJjmFuiYb7UiZ8qDXWk0NYo%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=1800, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 733291133f109152-FRA

GET
H3 200 ud-social-icons.woff
www.matichonweekly.com/wp-content/themes/matichonweekly-theme/images/icons/ 3 KB
3 KB 859ms
858ms Font
font/woff 2606:4700:20::ac43:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.matichonweekly.com/wp-content/themes/matichonweekly-theme/images/icons/ud-social-icons.woff?12
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/wp-content/themes/matichonweekly-theme/style.css?ver=1656231799
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b8a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06716b096a061583b1edf34d5d429cdb328cd0ddfac171046d493b61639f6a11

Request headers

Referer: https://www.matichonweekly.com/wp-content/themes/matichonweekly-theme/style.css?ver=1656231799
Origin: https://www.matichonweekly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2884
pragma: public
last-modified: Tue, 29 Dec 2020 11:16:35 GMT
server: cloudflare
etag: "5feb1013-b44"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cM445I0qhLxugnzS7cBtuYLRs2X78k7aOmoCzrCD%2BCPn140ex29es9RtJWYW0FUAovme%2FhZHjp%2Fn7ckSw2F7Wa6qy2OSQw1KtFteZzQw%2BTmLkc2JlIHZ%2FDmus5R91vvh9bxqAjlnV2sLPDBKdxYBQGKG3%2FI%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: public, max-age=1800, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 733291136f229152-FRA

GET
H3 200 thsarabunnew-italic.woff2
www.matichonweekly.com/wp-content/themes/matichonweekly-theme/includes/fonts/ 27 KB
27 KB 16ms
16ms Font
font/woff2 2606:4700:20::ac43:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.matichonweekly.com/wp-content/themes/matichonweekly-theme/includes/fonts/thsarabunnew-italic.woff2
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/wp-content/themes/matichonweekly-theme/style.css?ver=1656231799
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b8a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 415920fe1cb28c3b147ab7fba8a7a24866b8f5e4b65f2df8138486f9f8c221e1

Request headers

Referer: https://www.matichonweekly.com/wp-content/themes/matichonweekly-theme/style.css?ver=1656231799
Origin: https://www.matichonweekly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 621
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27204
pragma: public
last-modified: Tue, 29 Dec 2020 11:16:35 GMT
server: cloudflare
etag: "5feb1013-6a44"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cbPDpLCmzI3pRWTC%2BS%2F0JrMGsy5lEKP6lJ2ahur99yRTl3IEmW1Xeq67l%2FQihbViE0ViVpXsNeTmPO%2FIsY8KIg1fDPm8TPrK2CnlA9wN0f3sUZblzXoxwmSiZws7SVGPWmZYhZUNt7HV8zxIQMrF9kQAgcU%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=1800, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 733291137f2c9152-FRA

GET
H/1.1 200
OK bundle.js Show response
player.ivideosmart.com/ivsplayer/v4/dist/js/ 273 KB
76 KB 9ms
8ms Script
application/javascript 2a02:26f0:3500:16::215:1484
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/loader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 85193287223bd2dbecfa6fc801d040ce3648b1932ced4cdcda733a714ea92ad9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 31 Jul 2022 01:30:04 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Amz-Cf-Pop: LHR62-C3
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1125181
Content-Length: 77019
AMP-Access-Control-Allow-Source-Origin: *
Last-Modified: Thu, 28 Jul 2022 08:07:07 GMT
Server: AmazonS3
ETag: W/"23bbaa57a323557c9934fb615f3794d1"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200
Access-Control-Allow-Credentials: true
X-Amz-Cf-Id: hz301xeW5uUWJ0lRFAgLD01oHb2k2fHeK-tWOYC9fJidTSoAyUuN8g==

GET
H/1.1 200
OK matichonweekly_th.js Show response
api.popin.cc/searchbox/ 211 KB
48 KB 1024ms
509ms Script
text/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/searchbox/matichonweekly_th.js
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: e15da45d5cba0ab4632c82da75b5a2c19336715e3543f8a80d615937bfad60e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 31 Jul 2022 01:30:05 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Jun 2022 09:38:48 GMT
Server: nginx
ETag: W/"580a0794c5373681293ac88f85dd9d13"
X-Cache-Status: HIT from 10.252.55.44
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
x-amz-version-id: JX94PA1l_wkAHBeRMK.0Uf0YpLYIHdLH
Expires: Sun, 31 Jul 2022 02:30:05 GMT

GET
H/1.1 200
OK plugin.min.js Show response
static.dable.io/dist/ 108 KB
34 KB 55ms
8ms Script
application/javascript 104.111.225.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/plugin.min.js
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-225-233.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: a815319861beaab11efcbd20da38cd0c8e9bcc30f6640bc62b49ba4f7d3d146d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: 7Q2p_QtXcOAbViUOr1.y1oiNujSTQiCw
Content-Encoding: gzip
Last-Modified: Tue, 19 Jul 2022 00:09:22 GMT
Server: nginx/1.20.0
x-amz-request-id: 5FHFVV5X7G7T4NE0
ETag: "e37b164e518eeb1c8cc3bcce8f24f479"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=51006
Date: Sun, 31 Jul 2022 01:30:04 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34675
x-amz-id-2: qqAtUnd3JvkYnHhKw57lCN9QcLfVPBHr5PfnRi38TzPtszwg5O40tLRWvtl9WcYM0ch5DCh8d8o=

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 295 KB
84 KB 18ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=5df463dd6ac4861b7c924430bd1c3d45

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

20a2be099fb65cf89afe84219ba9a65a4673114965d81313809f156860838273

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.matichonweekly.com/
Origin: https://www.matichonweekly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: IsqNvu0PnJCvnkSrtHCdCw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 86306
x-fb-rlafr: 0
x-fb-debug: a/PjT+3QKlkZqTTNIUC6qhWZWb+USyzfEjORDwWTJA9QUf9yZisyPsp8kVsW6GXzkf9eNFsgM/ruK8gWp5g5gA==
x-fb-content-md5: 0092965e4c9f27ecbb358906d7416545
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 31 Jul 2022 01:30:04 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "8cfe638f8a3035c0b100372ec490c38d"
timing-allow-origin: *
priority: u=3,i
expires: Mon, 31 Jul 2023 00:37:24 GMT

GET
H2 200 iz_setcid.html Show response
cdn.izooto.com/scripts/sak/ Frame 5F4E 4 KB
1 KB 15ms
14ms Document
text/html 2606:4700::6812:d841
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cebfa75512f12a4d2f05cacae40f83ddc3e1efaf90aba3d5c9eabe0625a94858

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.matichonweekly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 1436924
cache-control: public, max-age=2678400
cf-cache-status: HIT
cf-ray: 7332911418d7698f-FRA
content-encoding: br
content-type: text/html
date: Sun, 31 Jul 2022 01:30:04 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Wed, 31 Aug 2022 01:30:04 GMT
last-modified: Tue, 05 Apr 2022 12:00:20 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 t0031762.js Show response
lvs2.truehits.in.th/dataa/ 10 KB
10 KB 1353ms
243ms Script
application/x-javascript 203.150.243.253
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://lvs2.truehits.in.th/dataa/t0031762.js
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.150.243.253 Bangkok, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 253.243.150.203.sta.inet.co.th
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1303913fe03f778d4a176109e258c31993f56a79ec1ac840d6d0d34ddc43f3fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:06 GMT
last-modified: Sun, 31 Jul 2022 01:29:00 GMT
server: nginx/1.14.0 (Ubuntu)
p3p: CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"
cache-control: max-age=180
content-type: application/x-javascript
content-length: 10036
expires: Sun, 31 Jul 2022 1:33:06 GMT

POST
H2 200 save Show response
stat.matichon.co.th/matichonweekly/ 73 B
222 B 598ms
201ms XHR
application/json 27.254.32.27
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.matichon.co.th/matichonweekly/save
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.254.32.27 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software: nginx / Express
Resource Hash: af2b2ef1a591daa094704cb74bf4c4c5b29ed76fc02ff547b47b14e624a0b35d

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.matichonweekly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 31 Jul 2022 01:30:05 GMT
server: nginx
x-powered-by: Express
etag: W/"49-zC7nRrTCVt4s9AxiGDolKw"
content-length: 73
content-type: application/json; charset=utf-8

GET
H2 200 aiqua.js Show response
cdn.qgraph.io/v3/r/ 368 KB
107 KB 737ms
688ms Script
application/javascript 143.204.215.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.qgraph.io/v3/r/aiqua.js
Requested by: Host: cdn.qgr.ph
URL: https://cdn.qgr.ph/qgraph.73ad50a3dfb780a32ec4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-50.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: efd2b206db6071e9ce6f80eebef5e7161de7804ba2de18d29d80923651ac02db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:06 GMT
content-encoding: gzip
last-modified: Tue, 28 Jun 2022 02:08:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: W/"1de82292f2ff5a569aaec30830cb12ac"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
cache-control: no-cache
x-amz-cf-id: _A8QQcbVoyj-MQnQuXXTFISiFq_Qf62339ukNhBbWHMdhs-KmwdNMA==

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207250101/ 341 KB
121 KB 92ms
42ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207250101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1354716955228626&plah=www.matichonweekly.com&bust=31068638

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

371b8a95c0ae58615c94d11533eed39bb3a273213338c6096cbaaafa5ba3452b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123396
x-xss-protection: 0
server: cafe
etag: 6176932419322183742
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 31 Jul 2022 01:30:04 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220727/r20190131/ Frame F8DC 10 KB
5 KB 58ms
23ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220727/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.matichonweekly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 23432
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 30 Jul 2022 18:59:32 GMT
etag: 8616628553774171045
expires: Sat, 13 Aug 2022 18:59:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl_2022072702.js Show response
securepubads.g.doubleclick.net/gpt/ 379 KB
130 KB 87ms
15ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072702.js?cb=31068707

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

d2552b5a5b1d8d9b480866377443816318a135709b83b2e4009219d6dd082fcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 21:57:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 185555
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132574
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 20:59:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 28 Jul 2023 21:57:29 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 275 B
788 B 93ms
22ms XHR
application/json 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.matichonweekly.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

ca8912d156188fe98bd0c2b0028df379e9c414975a4742aa98a644ee76e048e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 Jul 2022 01:30:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 152
x-xss-protection: 0
expires: Sun, 31 Jul 2022 01:30:04 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 200 KB
71 KB 61ms
32ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MHT6T7VS95&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TN82RP9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8c9ed1a1966e70ffe80b49fb84d8c6ff14b0a04a0bae5bb2f7a8b16699f0da98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:04 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72998
x-xss-protection: 0
expires: Sun, 31 Jul 2022 01:30:04 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 60ms
24ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TN82RP9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1684
date: Sun, 31 Jul 2022 01:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 31 Jul 2022 03:02:00 GMT

GET
H/1.1 200
OK bugsnag.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/v6/ 40 KB
13 KB 37ms
8ms Script
application/javascript 99.86.1.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.145 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-145.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4ee4197ae3e7bac4347e8443d7e264781c7d154e24d27da0eec14b9d4bfc1d61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 25 May 2022 05:06:31 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 05 Feb 2020 15:23:02 GMT
Server: AmazonS3
Age: 5775814
ETag: W/"e63788b8657ac52b3cdbb970e551c2a4"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=UTF-8
Via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
Cache-Control: public, max-age=315360000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA6-C1
X-Amz-Cf-Id: EqZ21wpMyXpqqAmDXOljL3GcMxw8i9IbUcNjUuEF1xNeo5Y3Ur0etw==

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 373 KB
125 KB 89ms
26ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a407bad2c5c1c6331c406392e74465bca0603fb1040b476e6592fe6fd4a56faf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127179
x-xss-protection: 0
expires: Sun, 31 Jul 2022 01:30:05 GMT

GET
H2 200 3001653 Show response
hdrbd.ivstracker.net/hbplacementsservices/ 343 KB
103 KB 87ms
24ms Script
text/javascript 2600:9000:214f:b800:1a:f2c5:bfc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hdrbd.ivstracker.net/hbplacementsservices/3001653
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:b800:1a:f2c5:bfc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 729887ed0703aa2603f43696e7512e459899961b4f0d2b7a5ed86cdbc134f662

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:19:47 GMT
content-encoding: gzip
age: 618
x-amzn-requestid: 818421ec-c461-4ff1-85db-a89ca172b0c3
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
cache-control: private, max-age=600
x-amzn-trace-id: Root=1-62e5d8b2-3c6b55b6568fec8169f97076;Sampled=0
x-amz-cf-pop: FRA53-C1
x-amz-apigw-id: WG7L-FfmSQ0FsyQ=
x-amz-cf-id: nS4yZ-JiaaG1hhdrggTiz_v0WjoIiCgH3cch9M0KSZzgt43jkYFeiw==

GET
H2 200 sync.html Show response
cdn.aralego.net/ucfad/cookie/ Frame C602 2 KB
1 KB 39ms
13ms Document
text/html 2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/sync.html
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24f3dba78c31c5d70638101d559216361f0a1b8e2ce168a784a57bafdc971f86

Request headers

Referer: https://www.matichonweekly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
age: 4052
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 733291153c70927f-FRA
content-encoding: br
content-type: text/html
date: Sun, 31 Jul 2022 01:30:05 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Wed, 16 Dec 2020 08:30:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s8ag%2F5PqNMmuq16z%2Bzrjt9mCwwPAZMvjDVWhgdTT7HbfgswpXfAEnEusjGjSjXdLfMT6UDhZ%2FAGiJ0plR%2BTj9P8IfnhLXQDz7cBBOTxblhzboQZ8DwusivVXDjoOyVHt4%2BbJtDLwMf394vwbFw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK moat-tracker.js Show response
player.ivideosmart.com/ivsplayer/v4/dist/assets/ 1 KB
1 KB 7ms
7ms Script
application/javascript 2a02:26f0:3500:16::215:1484
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.ivideosmart.com/ivsplayer/v4/dist/assets/moat-tracker.js
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 74a36b5e7aa86dea54216c82390d18b821bc597647db38a459c4c1657d4b2bd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 31 Jul 2022 01:30:04 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Amz-Cf-Pop: FRA6-C1
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1125181
Content-Length: 782
Last-Modified: Thu, 28 Jul 2022 08:07:07 GMT
Server: AmazonS3
ETag: W/"e487166610c7a5ecb4bb060d5a795b49"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Access-Control-Allow-Credentials: true
X-Amz-Cf-Id: 1yYTe9taUHdeZEoUOC-H9E6G9sGY7nu6WFGEGIo_MkhmDqIB7kbaew==

GET
H2 200 vtt.min.js Show response
cdn.jsdelivr.net/npm/videojs-vtt.js@0.15.3/dist/ 21 KB
8 KB 31ms
14ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/videojs-vtt.js@0.15.3/dist/vtt.min.js

Requested by

Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37fb546f8426b457a1ad6fa0f6eef42a199837d34d79cd3c4df1162c2c19abd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9904914
x-jsd-version: 0.15.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19121-FRA, cache-hhn4020-HHN
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"52b8-ZERYoLNRSfBtBHiszm8New/vvZs"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p8wb8JX8mKdbW%2FyjTrq%2BGr9a%2FV%2BBNIArnh1bqVHph%2F5CgMzIoVV9tfATTjzNDW%2BgTBIW81SyLO64rW0XTAe%2Fj2h1c7Zy2d62u1zsFQMxA%2FhYLjVpO1ydi36WpSigzV3Gc3cmTiEBsL%2F4kTMwQAQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 733291153ddc9c01-FRA

GET
H2 200 hls.js@0.12.4 Show response
cdn.jsdelivr.net/npm/ 247 KB
70 KB 26ms
20ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/hls.js@0.12.4

Requested by

Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0290f0d61a6b94aca37bd874640ee172d86ec3743f3c0a611063036261074f92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 11376502
x-jsd-version: 0.12.4
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19152-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"3dcd4-US0fJerQjQ10uxkkIHnJSLvClac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2FL5dtsiYXymtBlj9ZKUgQDCxtvCCz5Ta5KT%2FI7RB9qbqeA61olMSo7vOFZLzY0ofW5NGHdTDEQfsR%2Fz%2BMe3nv0KA3NSSdlwuLNtqSXHRlrUW6mCC0KzJ6PQ3iQFL8NHmt5Dr%2BymcqPlQUWpIc8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 733291153ddd9c01-FRA

GET
H2 200 adbc5a6e-2085 Show response
ivxplayer.ivideosmart.com/prod/widget/ 12 KB
4 KB 1172ms
1123ms XHR
application/json 2600:9000:206f:a000:15:a80b:45c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ivxplayer.ivideosmart.com/prod/widget/adbc5a6e-2085?key=5195f41989603b78a4b50011ed874e8c&playertype=IVSN&title=%E0%B8%9A%E0%B8%81.%20%E0%B8%9B%E0%B8%AD%E0%B8%A8.%E0%B8%9E%E0%B8%9A%20%E0%B8%99%E0%B8%B1%E0%B8%81%E0%B8%AD%E0%B8%AD%E0%B8%81%E0%B9%81%E0%B8%9A%E0%B8%9A%E0%B9%83%E0%B8%99%E0%B8%81%E0%B8%A3%E0%B8%B8%E0%B8%87%E0%B9%80%E0%B8%97%E0%B8%9E%E0%B8%AF%20WFH%20%E0%B9%83%E0%B8%8A%E0%B9%89%E0%B8%8B%E0%B8%AD%E0%B8%9F%E0%B8%95%E0%B9%8C%E0%B9%81%E0%B8%A7%E0%B8%A3%E0%B9%8C%E0%B8%9C%E0%B8%B4%E0%B8%94%E0%B8%81%E0%B8%8E%E0%B8%AB%E0%B8%A1%E0%B8%B2%E0%B8%A2!&canonicalUrl=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:a000:15:a80b:45c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 3b5fa673e9895df434c74682bf5558e84bb22b07b040dfeb10e23d9d1d26d049

Request headers

Accept: application/json
Referer: https://www.matichonweekly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:06 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-C1
x-powered-by: Express
x-cache: Miss from cloudfront
pragma: no-cache
access-control-allow-origin: https://www.matichonweekly.com
etag: W/"2fd6-rTq9fXL9iR1/PmzmBJlBDTtqgvg"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
cache-control: private, no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
x-robots-tag: none
x-amz-cf-id: L4COojg8fHXW-aaNDU62-TE4FUlmMQah09G3kTYx24uWZm5cbvOngw==
expires: 0

GET
H/1.1 200
OK pixel.gif
player.ivideosmart.com/ivsplayer/v4/dist/assets/ 43 B
603 B 9ms
8ms Image
image/gif 2a02:26f0:3500:16::215:1484
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://player.ivideosmart.com/ivsplayer/v4/dist/assets/pixel.gif
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 31 Jul 2022 01:30:05 GMT
X-Amz-Cf-Pop: FRA6-C1
Connection: keep-alive
Content-Length: 43
Akamai-Mon-Iucid-Del: 1125181
Last-Modified: Thu, 28 Jul 2022 08:07:07 GMT
Server: AmazonS3
ETag: "325472601571f31e1bf00674c368d335"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
X-Amz-Cf-Id: KM-ZWJjatSEDZ6x5lmlhuMq_oqBEiZMtWm5xD2Hlu85U__UGAgQ5Vw==

GET
H/1.1

204

partner
sync.search.spotxchange.com/
Redirect Chain

https://sync.search.spotxchange.com/partner?source=220182&sync_limit=7&gdpr=0&gdpr_consent=1
https://sync.search.spotxchange.com/partner?source=220182&sync_limit=7&gdpr=0&gdpr_consent=1&__user_check__=1&sync_id=4e2168a6-1070-11ed-9051-153cf9b00406

0
587 B

15ms
14ms

Image
text/plain

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?source=220182&sync_limit=7&gdpr=0&gdpr_consent=1&__user_check__=1&sync_id=4e2168a6-1070-11ed-9051-153cf9b00406
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-spotx-halt-type: Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date: Sun, 31 Jul 2022 01:30:05 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 7
Connection: keep-alive
Content-Length: 0

Redirect headers

Date: Sun, 31 Jul 2022 01:30:05 GMT
Server: nginx
Location: /partner?source=220182&sync_limit=7&gdpr=0&gdpr_consent=1&__user_check__=1&sync_id=4e2168a6-1070-11ed-9051-153cf9b00406
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 122
Connection: keep-alive
Content-Length: 0

GET
DATA 200
OK truncated
/ 482 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7fcb57eb9682bc01ed2a77c8bffe1a5f1c5ab42a20993c4b2e9b729755e3b628

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb1a61e7dae81abe461f7c8d4d09ec5bd2009ac94447971e585f7b120b021ae8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d3b2814d7b7f2c2aaac48e0636bba02ae086ca9aca2b04d0d9fa7576b75f5fe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 949 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ed02212bdc9d93554d8645301fb1b7123480302e0492e770bb43c8e13e7b75b5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f51166899f96e582bc10b3361c7452d1b54eb4be542b1ae61dc3c57c567c20e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 532 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80e112f302dc9e0e4167ec6030a7be016734cbddf0fbcb5bad8476b5290ec39f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK prefs2 Show response
api.dable.io/plugin/services/matichonweekly.com/ 714 B
1 KB 1187ms
313ms Script
text/javascript 13.209.232.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dable.io/plugin/services/matichonweekly.com/prefs2?cached_uid=&callback=dbljson1

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.209.232.2 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-209-232-2.ap-northeast-2.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

4850ec6cee6505f8dcbba89fe5ae7c2625b53dd4f9362541d0804ee5f0594b3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: istio-envoy
etag: W/"2ca-TI/zqRyXw4myLZIVSpoXDo67TH8"
content-type: text/javascript; charset=utf-8
x-envoy-upstream-service-time: 24
Connection: keep-alive
Content-Length: 397

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 29ms
10ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=930911267030013&ev=fb_page_view&dl=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&rl=&if=false&ts=1659231005033&sw=1600&sh=1200&at=

Requested by

Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Sun, 31 Jul 2022 01:30:05 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
28 KB 53ms
23ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/72dba841-a232-41b6-9192-77c6056db5e2/plugin.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

e432b5ad48c1acacf7359218e84c15a30768307b293f70b50a2b2891c312733c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28387
x-xss-protection: 0
server: sffe
etag: "1289 / 118 of 1000 / last-modified: 1659132299"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 31 Jul 2022 01:30:05 GMT

GET
H2 200 prebid6.4.0.js Show response
get.optad360.io/sf/ 502 KB
153 KB 8ms
7ms Script
application/javascript 2600:9000:206f:9600:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/prebid6.4.0.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/72dba841-a232-41b6-9192-77c6056db5e2/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:9600:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 429a25d8eef1001e6b06d1317d40331da3fe5c1ed171bdc591749d8a946385e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 10:02:07 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 07:56:34 GMT
server: AmazonS3
age: 1006079
etag: W/"f79e8232dcdfa0bc6f53d82547ba9986"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
cache-control: public, max-age=360000000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: Gjrnr4M_OY-t8AVwcbluHeMtscL3JBzub8QzKO9rI1zCsDLGXhk3-w==

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 222 B
421 B 22ms
21ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.matichonweekly.com&callback=_gfp_s_&client=ca-pub-1354716955228626

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207250101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1354716955228626&plah=www.matichonweekly.com&bust=31068638

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

09293705618c6bed98e82622b9fae2ee50f0d1c9c5e10249e073529b98587af6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 206
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 68ms
22ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.matichonweekly.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 Jul 2022 01:30:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 60ms
24ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.matichonweekly.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 Jul 2022 01:30:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 57D0 10 KB
4 KB 146ms
117ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1354716955228626&output=html&adk=1812271804&adf=3025194257&lmt=1659231005&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659231004871&bpp=2&bdt=1608&idt=180&shv=r20220727&mjsv=m202207250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7266885146716&frm=20&pv=2&ga_vid=894751020.1659231005&ga_sid=1659231005&ga_hid=1021787086&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C44761793%2C31068638%2C42531605&oid=2&pvsid=2341100944955711&tmod=618209250&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=200

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37f71b3323ce1a46333b0bc8dbc8ca5d032e99f28c12d4adc6afc670bcce57df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.matichonweekly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 4506
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 31 Jul 2022 01:30:05 GMT
expires: Sun, 31 Jul 2022 01:30:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 69ms
20ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1021787086&t=pageview&_s=1&dl=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&ul=en-us&de=UTF-8&dt=%E0%B8%9A%E0%B8%81.%20%E0%B8%9B%E0%B8%AD%E0%B8%A8.%E0%B8%9E%E0%B8%9A%20%E0%B8%99%E0%B8%B1%E0%B8%81%E0%B8%AD%E0%B8%AD%E0%B8%81%E0%B9%81%E0%B8%9A%E0%B8%9A%E0%B9%83%E0%B8%99%E0%B8%81%E0%B8%A3%E0%B8%B8%E0%B8%87%E0%B9%80%E0%B8%97%E0%B8%9E%E0%B8%AF%20WFH%20%E0%B9%83%E0%B8%8A%E0%B9%89%E0%B8%8B%E0%B8%AD%E0%B8%9F%E0%B8%95%E0%B9%8C%E0%B9%81%E0%B8%A7%E0%B8%A3%E0%B9%8C%E0%B8%9C%E0%B8%B4%E0%B8%94%E0%B8%81%E0%B8%8E%E0%B8%AB%E0%B8%A1%E0%B8%B2%E0%B8%A2!%20-%20%E0%B8%A1%E0%B8%95%E0%B8%B4%E0%B8%8A%E0%B8%99%E0%B8%AA%E0%B8%B8%E0%B8%94%E0%B8%AA%E0%B8%B1%E0%B8%9B%E0%B8%94%E0%B8%B2%E0%B8%AB%E0%B9%8C&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=608552253&gjid=913922594&cid=894751020.1659231005&tid=UA-51245873-4&_gid=232450102.1659231005&_r=1&gtm=2wg7r0TN82RP9&cg1=hot-news&cg2=none&cd2=hot-news&cd3=none&cd4=%E0%B8%9A%E0%B8%81.%20%E0%B8%9B%E0%B8%AD%E0%B8%A8.%E0%B8%9E%E0%B8%9A%20%E0%B8%99%E0%B8%B1%E0%B8%81%E0%B8%AD%E0%B8%AD%E0%B8%81%E0%B9%81%E0%B8%9A%E0%B8%9A%E0%B9%83%E0%B8%99%E0%B8%81%E0%B8%A3%E0%B8%B8%E0%B8%87%E0%B9%80%E0%B8%97%E0%B8%9E%E0%B8%AF%20WFH%20%E0%B9%83%E0%B8%8A%E0%B9%89%E0%B8%8B%E0%B8%AD%E0%B8%9F%E0%B8%95%E0%B9%8C%E0%B9%81%E0%B8%A7%E0%B8%A3%E0%B9%8C%E0%B8%9C%E0%B8%B4%E0%B8%94%E0%B8%81%E0%B8%8E%E0%B8%AB%E0%B8%A1%E0%B8%B2%E0%B8%A2!%20-%20%E0%B8%A1%E0%B8%95%E0%B8%B4%E0%B8%8A%E0%B8%99%E0%B8%AA%E0%B8%B8%E0%B8%94%E0%B8%AA%E0%B8%B1%E0%B8%9B%E0%B8%94%E0%B8%B2%E0%B8%AB%E0%B9%8C&cd5=10&cd6=2022-06-07&cd7=15%3A29%3A53&cd8=563338&cd9=0&cd1=894751020.1659231005&z=1726888065

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.matichonweekly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 01:30:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.matichonweekly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK idsync
sync.aralego.com/ Frame C602 35 B
413 B 388ms
95ms Image
image/gif 192.96.200.41
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?
Requested by: Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/sync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.200.41 West Mifflin, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 31 Jul 2022 01:30:05 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

POST
H3 202 / Show response
sessions.bugsnag.com/ 21 B
34 B 176ms
149ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: d2wy8f7a9ursnm.cloudfront.net
URL: https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://www.matichonweekly.com/
Bugsnag-Sent-At: 2022-07-31T01:30:05.102Z
accept-language: de-DE,de;q=0.9
Bugsnag-Api-Key: d8159a054cd65b74a1526fcdef9c719c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Sun, 31 Jul 2022 01:30:05 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
content-type: application/json

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 181ms
147ms Preflight 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://www.matichonweekly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 31 Jul 2022 01:30:05 GMT
via: 1.1 google

POST
H2 204 collect
region1.google-analytics.com/g/ 0
352 B 47ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-MHT6T7VS95&gtm=2oe7r0&_p=1021787086&_z=ccd.v9B&cid=894751020.1659231005&ul=en-us&sr=1600x1200&_s=1&sid=1659231005&sct=1&seg=0&dl=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&dt=%E0%B8%9A%E0%B8%81.%20%E0%B8%9B%E0%B8%AD%E0%B8%A8.%E0%B8%9E%E0%B8%9A%20%E0%B8%99%E0%B8%B1%E0%B8%81%E0%B8%AD%E0%B8%AD%E0%B8%81%E0%B9%81%E0%B8%9A%E0%B8%9A%E0%B9%83%E0%B8%99%E0%B8%81%E0%B8%A3%E0%B8%B8%E0%B8%87%E0%B9%80%E0%B8%97%E0%B8%9E%E0%B8%AF%20WFH%20%E0%B9%83%E0%B8%8A%E0%B9%89%E0%B8%8B%E0%B8%AD%E0%B8%9F%E0%B8%95%E0%B9%8C%E0%B9%81%E0%B8%A7%E0%B8%A3%E0%B9%8C%E0%B8%9C%E0%B8%B4%E0%B8%94%E0%B8%81%E0%B8%8E%E0%B8%AB%E0%B8%A1%E0%B8%B2%E0%B8%A2!%20-%20%E0%B8%A1%E0%B8%95%E0%B8%B4%E0%B8%8A%E0%B8%99%E0%B8%AA%E0%B8%B8%E0%B8%94%E0%B8%AA%E0%B8%B1%E0%B8%9B%E0%B8%94%E0%B8%B2%E0%B8%AB%E0%B9%8C&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MHT6T7VS95&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 01:30:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.matichonweekly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 169 KB
22 KB 230ms
229ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2341100944955711&correlator=2703789137052428&eid=31068457%2C31068707%2C31068366%2C44769827%2C42531605&output=ldjh&gdfp_req=1&vrg=2022072702&ptt=17&impl=fifs&iu_parts=160091690%2Cmtw_leaderboard%2Cmtw_inArticle%2Cmtw_inarticle1%2Cmtw_post_336x280_b2%2Cmtw_post_336x280_b6%2Cmtw_sticky&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=728x90%2C336x280%7C336x300%7C300x250%7C1x1%2C300x250%7C336x280%7C336x300%2C336x280%7C300x250%7C300x600%7C160x600%7C120x600%2C336x280%7C300x250%7C1x1%2C728x90%7C970x90&ifi=2&adks=643394631%2C37205150%2C748171086%2C546588198%2C4020137249%2C583376598&sfv=1-0-38&ecs=20220731&fsapi=false&cust_params=post_id%3D563338%26post_name%3D%2525e0%2525b8%25259a%2525e0%2525b8%252581-%2525e0%2525b8%25259b%2525e0%2525b8%2525ad%2525e0%2525b8%2525a8-%2525e0%2525b8%25259e%2525e0%2525b8%25259a-%2525e0%2525b8%252599%2525e0%2525b8%2525b1%2525e0%2525b8%252581%2525e0%2525b8%2525ad%2525e0%2525b8%2525ad%2525e0%2525b8%252581%2525e0%2525b9%252581%2525e0%2525b8%25259a%2525e0%2525b8%25259a%2525e0%2525b9%252583%2525e0%2525b8%252599%2525e0%2525b8%252581%2525e0%2525b8%2525a3%2525e0%2525b8%2525b8%26post_title%3D%25E0%25B8%259A%25E0%25B8%2581.%2520%25E0%25B8%259B%25E0%25B8%25AD%25E0%25B8%25A8.%25E0%25B8%259E%25E0%25B8%259A%2520%25E0%25B8%2599%25E0%25B8%25B1%25E0%25B8%2581%25E0%25B8%25AD%25E0%25B8%25AD%25E0%25B8%2581%25E0%25B9%2581%25E0%25B8%259A%25E0%25B8%259A%25E0%25B9%2583%25E0%25B8%2599%25E0%25B8%2581%25E0%25B8%25A3%25E0%25B8%25B8%25E0%25B8%2587%25E0%25B9%2580%25E0%25B8%2597%25E0%25B8%259E%25E0%25B8%25AF%2520WFH%2520%25E0%25B9%2583%25E0%25B8%258A%25E0%25B9%2589%25E0%25B8%258B%25E0%25B8%25AD%25E0%25B8%259F%25E0%25B8%2595%25E0%25B9%258C%25E0%25B9%2581%25E0%25B8%25A7%25E0%25B8%25A3%25E0%25B9%258C%25E0%25B8%259C%25E0%25B8%25B4%25E0%25B8%2594%25E0%25B8%2581%25E0%25B8%258E%25E0%25B8%25AB%25E0%25B8%25A1%25E0%25B8%25B2%25E0%25B8%25A2!%26post_type%3Dpost%26category%3Dhot-news&sc=1&cookie_enabled=1&abxe=1&dt=1659231005170&lmt=1659231005&dlt=1659231003264&idt=1872&adxs=250%2C446%2C464%2C1004%2C1004%2C436&adys=257%2C2419%2C3076%2C587%2C1263%2C1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C0%7C3%7C4&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&frm=20&vis=1&psz=728x0%7C694x26%7C694x0%7C356x0%7C356x0%7C1600x-1&msz=728x0%7C694x0%7C694x0%7C356x0%7C356x0%7C1600x-1&fws=4%2C4%2C4%2C4%2C4%2C516&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600&ga_vid=894751020.1659231005&ga_sid=1659231005&ga_hid=1021787086&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072702.js?cb=31068707

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

53199b27b4586638855e2056af4053c91c1b8a817a63dfdd660625655b4d81f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22146
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.matichonweekly.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2A21 6 KB
4 KB 83ms
21ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072702.js?cb=31068707

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.matichonweekly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 31 Jul 2022 01:30:05 GMT
expires: Mon, 31 Jul 2023 01:30:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
447 B 56ms
18ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-51245873-4&cid=894751020.1659231005&jid=608552253&gjid=913922594&_gid=232450102.1659231005&_u=YAhAAEAAAAAAAC~&z=1632305894

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.matichonweekly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 31 Jul 2022 01:30:05 GMT
content-type: text/plain
access-control-allow-origin: https://www.matichonweekly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 25ms
14ms XHR
application/json 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220731

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.4.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

367770ecadfdefb26a0c19a356b689ff45180e85c628c45f76878f090ac3cd15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.matichonweekly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 37747
x-jsd-version: 1.0.1417
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19182-FRA, cache-iad-kiad7000106-IAD
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"668-s9wZQprrcWLlJR6ZP2J3eVDp7dQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jXyN3NCG%2BoESyWWApogd%2FhkPtgv3lTX6smXve8UPIvcc%2Fi7xFRUgjl3MMH3gjm2jTWqmWJ52yvCQpBLppfSSmOQUsBQlezyX6o7ovuqJqAh2e9Fj%2FyQeC7%2BSVHvWGN2Aa85iK7YUAlVA6M9UUaU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 73329116feef9bc5-FRA
access-control-expose-headers: *

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 69ms
24ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-51245873-4&cid=894751020.1659231005&jid=608552253&_u=YAhAAEAAAAAAAC~&z=1293895732

Requested by

Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 01:30:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 61ms
26ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-51245873-4&cid=894751020.1659231005&jid=608552253&_u=YAhAAEAAAAAAAC~&z=1293895732

Requested by

Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 01:30:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C605 6 KB
3 KB 47ms
18ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072702.js?cb=31068707

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.matichonweekly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 31 Jul 2022 01:30:05 GMT
expires: Mon, 31 Jul 2023 01:30:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E645 6 KB
3 KB 44ms
19ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072702.js?cb=31068707

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.matichonweekly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 31 Jul 2022 01:30:05 GMT
expires: Mon, 31 Jul 2023 01:30:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 116D 6 KB
3 KB 35ms
14ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072702.js?cb=31068707

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.matichonweekly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 31 Jul 2022 01:30:05 GMT
expires: Mon, 31 Jul 2023 01:30:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E343 6 KB
3 KB 34ms
16ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072702.js?cb=31068707

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.matichonweekly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 31 Jul 2022 01:30:05 GMT
expires: Mon, 31 Jul 2023 01:30:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 28A0 6 KB
3 KB 29ms
16ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072702.js?cb=31068707

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.matichonweekly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 31 Jul 2022 01:30:05 GMT
expires: Mon, 31 Jul 2023 01:30:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4AC6 6 KB
3 KB 24ms
14ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072702.js?cb=31068707

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.matichonweekly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 31 Jul 2022 01:30:05 GMT
expires: Mon, 31 Jul 2023 01:30:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK widget_iframe.dc05643fdb8d0e2b89e5cc3c1d26d1b5.html Show response
platform.twitter.com/widgets/ Frame 3296 320 KB
104 KB 8ms
7ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.dc05643fdb8d0e2b89e5cc3c1d26d1b5.html?origin=https%3A%2F%2Fwww.matichonweekly.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6794) /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: https://www.matichonweekly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 189969
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105435
Content-Type: text/html; charset=utf-8
Date: Sun, 31 Jul 2022 01:30:05 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 19 Jul 2022 20:05:03 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6794)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 50ms
22ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.matichonweekly.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072702.js?cb=31068707

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 Jul 2022 01:30:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 53ms
23ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.matichonweekly.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072702.js?cb=31068707

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 Jul 2022 01:30:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 416 B
253 B 198ms
198ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2341100944955711&correlator=2703789137052428&eid=31068457%2C31068707%2C31068366%2C44769827%2C42531605&output=ldjh&gdfp_req=1&vrg=2022072702&ptt=17&impl=fifs&iu_parts=160091690%2Cmtw_native_post&enc_prev_ius=%2F0%2F1&prev_iu_szs=330x90&ifi=8&adks=3279967391&sfv=1-0-38&ecs=20220731&fsapi=false&cust_params=post_id%3D563338%26post_name%3D%2525e0%2525b8%25259a%2525e0%2525b8%252581-%2525e0%2525b8%25259b%2525e0%2525b8%2525ad%2525e0%2525b8%2525a8-%2525e0%2525b8%25259e%2525e0%2525b8%25259a-%2525e0%2525b8%252599%2525e0%2525b8%2525b1%2525e0%2525b8%252581%2525e0%2525b8%2525ad%2525e0%2525b8%2525ad%2525e0%2525b8%252581%2525e0%2525b9%252581%2525e0%2525b8%25259a%2525e0%2525b8%25259a%2525e0%2525b9%252583%2525e0%2525b8%252599%2525e0%2525b8%252581%2525e0%2525b8%2525a3%2525e0%2525b8%2525b8%26post_title%3D%25E0%25B8%259A%25E0%25B8%2581.%2520%25E0%25B8%259B%25E0%25B8%25AD%25E0%25B8%25A8.%25E0%25B8%259E%25E0%25B8%259A%2520%25E0%25B8%2599%25E0%25B8%25B1%25E0%25B8%2581%25E0%25B8%25AD%25E0%25B8%25AD%25E0%25B8%2581%25E0%25B9%2581%25E0%25B8%259A%25E0%25B8%259A%25E0%25B9%2583%25E0%25B8%2599%25E0%25B8%2581%25E0%25B8%25A3%25E0%25B8%25B8%25E0%25B8%2587%25E0%25B9%2580%25E0%25B8%2597%25E0%25B8%259E%25E0%25B8%25AF%2520WFH%2520%25E0%25B9%2583%25E0%25B8%258A%25E0%25B9%2589%25E0%25B8%258B%25E0%25B8%25AD%25E0%25B8%259F%25E0%25B8%2595%25E0%25B9%258C%25E0%25B9%2581%25E0%25B8%25A7%25E0%25B8%25A3%25E0%25B9%258C%25E0%25B8%259C%25E0%25B8%25B4%25E0%25B8%2594%25E0%25B8%2581%25E0%25B8%258E%25E0%25B8%25AB%25E0%25B8%25A1%25E0%25B8%25B2%25E0%25B8%25A2!%26post_type%3Dpost%26category%3Dhot-news&sc=1&cookie=ID%3D33a536d5732f4064-2274b6c8e0cd0065%3AT%3D1659231005%3AS%3DALNI_Mb8HvvMuhxWq3IQtU-oZIIZGNiD7A&abxe=1&dt=1659231005560&lmt=1659231005&dlt=1659231003264&idt=1872&adxs=1007&adys=1180&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&frm=20&vis=1&psz=356x644&msz=322x0&fws=4&ohw=1600&ga_vid=894751020.1659231005&ga_sid=1659231005&ga_hid=1021787086&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072702.js?cb=31068707

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

7193880fe91c29a4e6afd3fa256ecb0fa7bdb324573c3a96e9691e8a6671e72a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 222
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.matichonweekly.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.facebook.com/login/ Frame F987
Redirect Chain

https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=930911267030013&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df31b...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D930911267030013%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook....

0
0

147ms
146ms

Document
text/html

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D930911267030013%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df31b725af330dc%2526domain%253Dwww.matichonweekly.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.matichonweekly.com%25252Ff116c096251ee9c%2526relation%253Dparent.parent%26container_width%3D322%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fmatichonweekly%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%26width

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=5df463dd6ac4861b7c924430bd1c3d45

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Sun, 31 Jul 2022 01:30:05 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=0
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: hy2S8BUbJgCUxFcqrs0ODe+J4SQFu78i4+fnjwm51J3up+67AJhQsxb9/cQgN9VYTwgfkYrg6SwV+6WZkTNP1Q==
x-fb-rlafr: 0
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Sun, 31 Jul 2022 01:30:05 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v7.0
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D930911267030013%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df31b725af330dc%2526domain%253Dwww.matichonweekly.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.matichonweekly.com%25252Ff116c096251ee9c%2526relation%253Dparent.parent%26container_width%3D322%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fmatichonweekly%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%26width
pragma: no-cache
priority: u=3,i
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: dA0Zc6jwLQhI9A4F1CMhbnxbzhW1VSCX6sKo3NHAabbuEkASY7NexecoUg6nEMZVkp7Gag1oQy+24nRpNdUY+A==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4AC6 0
0 57ms
56ms Fetch
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C8hW_HdvlYqizDoHRgQfVkLy4Bcme0rFc1Z2R93DAjbcBEAEgAGCV0qOCsAeCARdjYS1wdWItMTM1NDcxNjk1NTIyODYyNsgBCakCBDJji1YlsT7gAgCoAwGqBIoCT9CSWxFu-M5IZUcWtvF8QrX-agbkdnlTdN2HEfmvugsMm8QM9fzgFq83-oJpVdpDNAFPLtDqz2WcQBJGmchHLZNsQ1UjH9z0rZhmV99jhtUmWLwZAm1LTJQlREsBuaNJtfr_yXmRe1meLtnm0H1FsNTxNBwmVy7b5e9d58ksRwIU760KH4QPhZGf9NwZLA-Po6lpdfFfGRBdB7UW3YFggH-oWPubgqCOI14sX1Pk7ee19ywJ81a0qw4ti0WgGfnTRlIBtiRIG1mBfDgpYoY7aGLHFRcASBPT4mk9XqLyHJDRg4zmDlWnJT60d3Xc93XBXpCtav_zAAEOWzUtyt2yyTLaYR-khrd5eangBAGABu-dgaTXla2bG6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTEzNTQ3MTY5NTUyMjg2MjYYypQi&sigh=IHxHpzF2fjI&uach_m=[UACH]&cid=CAQSPgCsnQUxswLW5mw8UbURwjTgMiA5yDQehrQ5x3c3ETggoQvTCV8pJgN_4kkkK2QDUR7Vz8f0k_qRlkjFnaaZGAE
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 4AC6 0
0 70ms
15ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kvi0Ed6BMNgFWp2DYgICAAAA2_tJle6YHwB6_UheEBzb5WJhImt1xDrKQeKyqAASAAA&wp=YuXbHQADmagK4GiBAA8IVVmjKq38eUfwl5oosA

Requested by

Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
server: Kestrel
server-processing-duration-in-ticks: 260139
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame D357 162 KB
52 KB 152ms
99ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YuXbHQADmagK4GiBAA8IVVmjKq38eUfwl5oosA&u=%7Cicvy%2BNkreb2AP0WwMNQXgDhK3YF5yqPRqRxI9YPFp%2Fg%3D%7C&c1=0n2XosTo5cmJbNb7DNNVBd09feAUrRU5KgFh9XNQv4I0A_64YSM0HeTEAVbYfjkwagOn2ee-KscXR3GuaZC9wE0vl9rtksJ8Dc7yiDzy99ixeyYz3KATJ3fJRHDyal0fFijPZDKnfJhwKjLzQJkmo_pbCEzs68oL4yx8t4NLJbI4zF4cocvpuK9AXoqhiG82LD3SN8-wjrvuYaood7rUzwOJ0CKw9epq4E-bSpd18q9GfB5LRaFDAxmlHc7SPtN6ZDLWXbXWJPoxADu1ScPWmeMr9OeSaYNF-FNcz4A8WKha1mWxXcFsEySqCvr9_QNG4PRV7xBCFkcGwFk7VE513VHbmsdNAMe3QV7WY1ji31I2-470PNQVw2yw_iGXOzEPNKzKaXIGLchvbNxCuyIAOrxCt9BXNL3B42_AUdMDVedY4nBUeXDCtbFuMKdZfxVB-DTegSuCAzn2v55vM9Bcsc44yE0U9eLX7oXCQ5uOKvQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDiG_HdvlYqizDoHRgQfVkLy4Bcme0rFc1Z2R93DAjbcBEAEgAGCV0qOCsAeCARdjYS1wdWItMTM1NDcxNjk1NTIyODYyNsgBCakCBDJji1YlsT7gAgCoAwGqBI0CT9CSWxFu-M5IZUcWtvF8QrX-agbkdnlTdN2HEfmvugsMm8QM9fzgFq83-oJpVdpDNAFPLtDqz2WcQBJGmchHLZNsQ1UjH9z0rZhmV99jhtUmWLwZAm1LTJQlREsBuaNJtfr_yXmRe1meLtnm0H1FsNTxNBwmVy7b5e9d58ksRwIU760KH4QPhZGf9NwZLA-Po6lpdfFfGRBdB7UW3YFggH-oWPubgqCOI14sX1Pk7ee19ywJ81a0qw4ti0WgGfnTRlIBtiRIG1mBfDgpYoY7aGLHFRcASBPT4mk9XqLyHJDRg4zmTFeGt7k762Zja2Fijq0LkvbnCrcEdS2vfhWPb8BlfzO8Ax39ahbIFWzgBAGABu-dgaTXla2bG6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0FscV1Zaf3AeDaD1ZYYvLTxs0g0w%26client%3Dca-pub-1354716955228626%26adurl%3D

Requested by

Host: 3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com
URL: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2a2c0de0d0803440c2508db2390752a397c6dfb8f888ed513972e18c2a1f1829

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 31 Jul 2022 01:30:05 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=KpID-b3kqe6w7UGm5_iY0tudGx_GUiqqzNdxC8yuWJ85G9YTZPNUSTyhu_oBCtbs7yxqudbxYFiEHfNSKgH6dGWTzcp5XL4Lz-ldpluUhdwDkX4to-ymVOGUD_SjheVtu-KnBNr6DTRvs3aKf0UX1r8biUO11OAIp_LiPLPvypTlPM7ZHpu4455W9HvFIh3K6p2xPCzEhrvMa7qvdkFMplLjJ2C78F_8ysacqGEJd3hSJOTLOYg2vKO5Aq_CDOps1N8FsA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 63374857
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/ Frame 4AC6 3 KB
1 KB 79ms
42ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com
URL: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:16:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 832
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Aug 2022 01:16:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4AC6 139 KB
43 KB 64ms
37ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com
URL: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5ed818755223a03cbbfdb5ab7c4b759a9b0f01673363197ea01a54b0072cbc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43522
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658922152796835"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 31 Jul 2022 01:30:05 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/ Frame 4AC6 18 KB
8 KB 49ms
13ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com
URL: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:10:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7643
x-xss-protection: 0
server: cafe
etag: 5476907727954993956
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Aug 2022 01:10:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4AC6 0
0 54ms
23ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTSKkILHceNklwsKW1TsgbM1fqOwmsLIcrky_ntKk3iPTf-EBF8Aykd9tZ0T-pGkzdtukjGI2WQqbQZqX36APlpNgphNA
Requested by: Host: 3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com
URL: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 4AC6 22 KB
7 KB 51ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com
URL: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 21:07:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102159
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 29 Jul 2023 21:07:26 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 116D 0
0 53ms
53ms Fetch
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CHmBbHdvlYqWzDoHRgQfVkLy4Bcme0rFc1Z2R93DAjbcBEAEgAGCV0qOCsAeCARdjYS1wdWItMTM1NDcxNjk1NTIyODYyNsgBCakCBDJji1YlsT7gAgCoAwGqBJICT9DttmYxnscC3RL6h_FCgcZiZxZpb0toOZZG4uTxZWJKFJ84xnZ8BDgEy-wmnb4mkAtVZAD7fG-dxuZTrDqfwGWObO2zofcQr3yoHI9tD8ecekAm2N7QwwfePWqoezlAxvfJkf2mHKrc5lpC3AaN3_grGeqmx5Js01l2AKTaXB-h7BVXVLM--FVP8VDfQoTbYu6WLY7vVhICLU9-4kTqunO-en29J3wylgFtilSZdsgn2dqmENLdR0RoYRdjXoqi8GA_p3DeDqssCwmSWUC235B9zot4KjZFfTXtvn0w4omBa2g4Fa4JeuJstKyRLAmvslbrKfsb0G0f-b6KRdHqSiYUIGWWmwOH2HCZPcs4j7ZhSOAEAYAG752BpNeVrZsboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgECACgH6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMTM1NDcxNjk1NTIyODYyNhjKlCI&sigh=Cgm15YpXbTA&uach_m=[UACH]&cid=CAQSPgCsnQUxswLW5mw8UbURwjTgMiA5yDQehrQ5x3c3ETggoQvTCV8pJgN_4kkkK2QDUR7Vz8f0k_qRlkjFnaaZGAE
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 116D 0
0 60ms
15ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kvi0Ed2BMKwC-gGdg2ICAgAAAA4cdnrhOU0Uev1IXhAc2-VilkYE4wZJlBjHSmEAEgAA&wp=YuXbHQADmaUK4GiBAA8IVeh_LYgHsxBkBbxYQA

Requested by

Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:03 GMT
server: Kestrel
server-processing-duration-in-ticks: 165713
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 2F8E 120 KB
43 KB 110ms
66ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YuXbHQADmaUK4GiBAA8IVeh_LYgHsxBkBbxYQA&u=%7CgNMOE4LdLXqnApI2hN%2FFImBd1AzwdeKk8l%2F1qIbtcEM%3D%7C&c1=0n2XosTo5cmJbNb7DNNVBd09feAUrRU5KgFh9XNQv4JdLNIKaOnb5OzEWkIpq6r1BJdkqejnNl45Kh9Y2SghDXabwdx6ifBMrst4K_FNPK2ekluEuX0ttZocwHxBLNZgB0Xe1lL-7BYuK5p5kw0kW94s5rdg3zwlc_ii7tVg8COp2oA-EVtDgNrafb6m7AGZGs2-ExjUh12g0rIlz8GGS57UuzKEY7TUJXM6FEM9JUBuDusYUKILaZRxXwp-2Om4tN4kDntYUZuksfJ-tLAZb1QTU0Dibu2QOT2QBcVrGkvDtZQqyvs7BOWA6H2pDPUCbwbTObKn8VejONcrDcniHkYRJA0pozYt0vxBN3WkNiDuzfvihnRpEAngdlDolQrmo1iaBz-DtxeEpOBSFr20sMF9R_cVjkC3lyU9YZEkWCAt4VfYBIs86nciLQQXRdTcaDa7NblTWi4omIg8COL6ehVCRjfkuq-aEgtgmD5nAwQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEAvMHdvlYqWzDoHRgQfVkLy4Bcme0rFc1Z2R93DAjbcBEAEgAGCV0qOCsAeCARdjYS1wdWItMTM1NDcxNjk1NTIyODYyNsgBCakCBDJji1YlsT7gAgCoAwGqBJUCT9DttmYxnscC3RL6h_FCgcZiZxZpb0toOZZG4uTxZWJKFJ84xnZ8BDgEy-wmnb4mkAtVZAD7fG-dxuZTrDqfwGWObO2zofcQr3yoHI9tD8ecekAm2N7QwwfePWqoezlAxvfJkf2mHKrc5lpC3AaN3_grGeqmx5Js01l2AKTaXB-h7BVXVLM--FVP8VDfQoTbYu6WLY7vVhICLU9-4kTqunO-en29J3wylgFtilSZdsgn2dqmENLdR0RoYRdjXoqi8GA_p3DeDqssCwmSWUC235B9zot4KjZFfTXtvn0w4omBa2g4Fa4JeuJstKzTLig9Ndl3OkSHxM7PxBhyTMXg_Cw6OOciUz4hKs-HEdO9JTJy9z4BmuAEAYAG752BpNeVrZsboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0fL5BqIoP-8tATixSJhOd4PQnKzw%26client%3Dca-pub-1354716955228626%26adurl%3D

Requested by

Host: 3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com
URL: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1c8056fe7b5300fd52705d5fd42f12b5be946776ab517288d1bcee24559d66c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 31 Jul 2022 01:30:04 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=h9bgyr3kqe6w7UGmtaAMM3sXj1gyOH7m7fwliNCcBdFeHObe_vC7KMEuX7R_vgtng2nctu8CtjFTi5cEsLr29I_YSmdtkiSMrcSDI8cO5LTwr-DwjSmJkoi8tNQt5aY1Tecu4halsiosRGUpmYeTYUXxS5lBNHqJ7mK4gZTA76z9C46RK0-geyVOi2H8dXf_i66WJmO_pSomtDF9N5ZzHLyS-mliqhflYk4Bta1_QSWu4XaKThL2Lq16Eq0"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 53428391
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/ Frame 116D 3 KB
1 KB 68ms
40ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com
URL: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:16:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 832
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Aug 2022 01:16:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 116D 139 KB
43 KB 77ms
58ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com
URL: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5ed818755223a03cbbfdb5ab7c4b759a9b0f01673363197ea01a54b0072cbc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43522
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658922152796835"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 31 Jul 2022 01:30:05 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/ Frame 116D 18 KB
8 KB 44ms
17ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com
URL: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:10:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7643
x-xss-protection: 0
server: cafe
etag: 5476907727954993956
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Aug 2022 01:10:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 116D 0
0 52ms
30ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRr0Av68OpjwFxH8rneNilEUdAmheGRdGy-3dzMgz4rk_IXC34JmeO4_PfN89F-YdWm8Kf2jnPdynlAQ83NenH5egFGGQ
Requested by: Host: 3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com
URL: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 116D 22 KB
7 KB 54ms
27ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com
URL: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 21:07:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102159
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 29 Jul 2023 21:07:26 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame CCD0 0
0 58ms
58ms Fetch
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cv0xdHdvlYqezDoHRgQfVkLy4Bei-mJRcoKWzyf0IwI23ARABIABgldKjgrAHggEXY2EtcHViLTEzNTQ3MTY5NTUyMjg2MjbIAQmpAv_reKI4boI-4AIAqAMBqgSXAk_QMHQ6rM_HyNvEsOETL1G_jEaAxEl9ChJnJ1UTrQbDweEPv6SwNNUYu8HIPyQ8GQ1ihU01zdwqfglqzoIuowEIa0s2ECJ-vdUXR3RPZidE1Hk876v7npleX8hb65MWTaq4ZhWMZW8jsi-L0H3egUXrT2BqmqJQLlG1UELnl_NLSeUiythY1-zYduJOw4s6WCe4lyj3lL_sNULF1yc7oU-2CA1Tv4_6WEnNcUJqv4SYptJzERgxw_imH7ULHQEc_RWPhtm0Jrbpdqoz2PO9kqLjPtMKcXjPz7KZO6QqKwlsnpi45xWNDWG0JxH4hg9LDRcQowe4TKgNsafRa0WKkdz4PYTU4QIbcQcj65Cc0Yj_kL_SoL_aKeAEAYAGntrM3dSpt52QAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTEzNTQ3MTY5NTUyMjg2MjYYypQi&sigh=ZIZOwnqyyBU&uach_m=[UACH]&cid=CAQSPgCsnQUxswLW5mw8UbURwjTgMiA5yDQehrQ5x3c3ETggoQvTCV8pJgN_4kkkK2QDUR7Vz8f0k_qRlkjFnaaZGAE
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame CCD0 2 KB
2 KB 114ms
28ms Script
text/javascript 37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=53578336;rtbwp=YuXbHQADmacK4GiBAA8IVQmdhekVRHnZ6BWgTA;rtbdata=jMNqeDmYZHgaSzoTe8HMNuACDwzsxgSsLSF88KXnFRBY94pk0hMVet6SuHUpcfH_B0Zv1VhWI66OvFbjh7gQ6ufKzgBhh6_DAIjiNGvCUiREZkQGlo2dbo6EVxbDdz9US26aUDwjug3YrsYTr2JOiGoeq4-ZUscP2Myw-FS0YBo-RWxoQJMbwVPjUPNFVW_dBLNIu_zkaMC2u77HrKq3g6nmw8RMAFcHS753wsUDWBO7xqb19ALBAfR0smSI_CFaEcf9rQ6MP4nz9rXqFQxLjR6lrPVpjaIB_G8f7NSXBwg9XkpDYjqXI7ymL2oqizCPcPokOIQ91jzxVt9XrK3hHMN4iOtIBxgX0;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=C6fOzHdvlYqezDoHRgQfVkLy4Bei-mJRcoKWzyf0IwI23ARABIABgldKjgrAHggEXY2EtcHViLTEzNTQ3MTY5NTUyMjg2MjbIAQmpAv_reKI4boI-4AIAqAMBqgSaAk_QMHQ6rM_HyNvEsOETL1G_jEaAxEl9ChJnJ1UTrQbDweEPv6SwNNUYu8HIPyQ8GQ1ihU01zdwqfglqzoIuowEIa0s2ECJ-vdUXR3RPZidE1Hk876v7npleX8hb65MWTaq4ZhWMZW8jsi-L0H3egUXrT2BqmqJQLlG1UELnl_NLSeUiythY1-zYduJOw4s6WCe4lyj3lL_sNULF1yc7oU-2CA1Tv4_6WEnNcUJqv4SYptJzERgxw_imH7ULHQEc_RWPhtm0Jrbpdqoz2PO9kqLjPtMKcXjPz7KZO6QqKwlsnpi45xWNDWG0JxH4hg9LDRdSoSYq0DCs3Q1wT4Ni6h04WZDeKAg1adHwG-tdGyXhvKdMHQa2g2p6yOAEAYAGntrM3dSpt52QAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE&num=1&sig=AOD64_0fKr5EhCtHqvI9c5P7Kmx-NWU1Yg&client=ca-pub-1354716955228626&adurl=

Requested by

Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

4b48cb37d94e20dedb73678f26f36367455b3997df408b1f6a59c91938b20b71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 01:30:05 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 1803
expires: -1

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/ Frame CCD0 3 KB
1 KB 53ms
41ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:16:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 832
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Aug 2022 01:16:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CCD0 139 KB
43 KB 57ms
54ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5ed818755223a03cbbfdb5ab7c4b759a9b0f01673363197ea01a54b0072cbc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43522
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658922152796835"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 31 Jul 2022 01:30:05 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/ Frame CCD0 18 KB
8 KB 40ms
29ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:10:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7643
x-xss-protection: 0
server: cafe
etag: 5476907727954993956
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Aug 2022 01:10:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame CCD0 0
0 38ms
31ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTlVeNY6QU1l-x4KxeH9_uX4awtp5a6exwWhgquZ9aQ97r3YFsJpjpRHBsC2YhSVQ25_Ft9-GQZR54j9plp42I_oXF4uQ
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame CCD0 22 KB
7 KB 43ms
32ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 21:07:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102159
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 29 Jul 2023 21:07:26 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1D8B 0
0 54ms
54ms Fetch
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C_8jwHdvlYqazDoHRgQfVkLy4Bei-mJRcoKWzyf0IwI23ARABIABgldKjgrAHggEXY2EtcHViLTEzNTQ3MTY5NTUyMjg2MjbIAQmpAv_reKI4boI-4AIAqAMBqgSRAk_QjbOTEpcuZyir11qOaaoOsrB67wWvCblv6wPh47C5wWDbc4XaoUBHZhQ42wXmOynx0H9p06GbyZkbZ2KWFnrzh8TvGxC-RZIhTX4j2Jz1cozz34GjhW4-t5s5Xz1PrplNQmecsWAUI33U_O6PPSwKaY6TGcF_dDLm5Pa5ltEYmrbndUHiG0_3tPCy9KMLIpyIU9FBo76PqSOYVCzk3hQjgsB7EvpsX4WjwbAltyVo7kvbHg4LhG8hiOVqw73d8dycRfeSWTEmphmGTHvmjnKlCOaSb0N9RQE1OVPyAW-xq7X4F0h4Dv-LZt2r5hpqhIpVZzvYXwRtbh5eJuPWx6iv9qv3B5gtQEEz_SZZXxVfq-AEAYAGi_eMnI323oB2oAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgECACgH6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMTM1NDcxNjk1NTIyODYyNhjKlCI&sigh=8Y5gH9MC-GI&uach_m=[UACH]&cid=CAQSPgCsnQUxswLW5mw8UbURwjTgMiA5yDQehrQ5x3c3ETggoQvTCV8pJgN_4kkkK2QDUR7Vz8f0k_qRlkjFnaaZGAE
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 1D8B 2 KB
2 KB 105ms
28ms Script
text/javascript 37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=54736914;rtbwp=YuXbHQADmaYK4GiBAA8IVRNcumCueU99SoHovQ;rtbdata=jMNqeDmYZHgaSzoTe8HMNl6arq47-yp4WFtVPkKUFOa48WMjzfw3ud6SuHUpcfH_B0Zv1VhWI66OvFbjh7gQ6ufKzgBhh6_DAIjiNGvCUiREZkQGlo2dbo6EVxbDdz9US26aUDwjug3YrsYTr2JOiOMZ3YqXnzHD2Myw-FS0YBo-RWxoQJMbwVPjUPNFVW_dBLNIu_zkaMC2u77HrKq3g9cTvEtvGttzS753wsUDWBO7xqb19ALBAfR0smSI_CFaEcf9rQ6MP4nz9rXqFQxLjR6lrPVpjaIB_G8f7NSXBwg9XkpDYjqXI7ymL2oqizCPcPokOIQ91jy6bQUpVuWVj8N4iOtIBxgX0;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CSnKAHdvlYqazDoHRgQfVkLy4Bei-mJRcoKWzyf0IwI23ARABIABgldKjgrAHggEXY2EtcHViLTEzNTQ3MTY5NTUyMjg2MjbIAQmpAv_reKI4boI-4AIAqAMBqgSUAk_QjbOTEpcuZyir11qOaaoOsrB67wWvCblv6wPh47C5wWDbc4XaoUBHZhQ42wXmOynx0H9p06GbyZkbZ2KWFnrzh8TvGxC-RZIhTX4j2Jz1cozz34GjhW4-t5s5Xz1PrplNQmecsWAUI33U_O6PPSwKaY6TGcF_dDLm5Pa5ltEYmrbndUHiG0_3tPCy9KMLIpyIU9FBo76PqSOYVCzk3hQjgsB7EvpsX4WjwbAltyVo7kvbHg4LhG8hiOVqw73d8dycRfeSWTEmphmGTHvmjnKlCOaSb0N9RQE1OVPyAW-xq7X4F0h4Dv-LZt3p5Dv4GBL0C5F5e8KFFd-eQvfcDqKB7n0k9-Psiuwt0T7H4qwzAZC7LeAEAYAGi_eMnI323oB2oAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_27F5dhs8ItvP76iFxwKnKY2kXLzA&client=ca-pub-1354716955228626&adurl=

Requested by

Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

52d51ae583fae6bca8d8831f74056c6904b522f2172125e88b38a55731cdfc06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 01:30:05 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 1790
expires: -1

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/ Frame 1D8B 3 KB
1 KB 44ms
42ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:16:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 832
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Aug 2022 01:16:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1D8B 139 KB
43 KB 59ms
57ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5ed818755223a03cbbfdb5ab7c4b759a9b0f01673363197ea01a54b0072cbc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43522
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658922152796835"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 31 Jul 2022 01:30:05 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/ Frame 1D8B 18 KB
8 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:10:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7643
x-xss-protection: 0
server: cafe
etag: 5476907727954993956
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Aug 2022 01:10:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1D8B 0
0 30ms
29ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQXCM1DGiQsLZWbXxduH1mo69h0ndV7TQL9Q9Ur8t-kF6_aPhubpQOmN4NaiaQI6xpk583WOZ6VqXRSohxMhI6-CK9hPA
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 1D8B 22 KB
7 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 21:07:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102159
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 29 Jul 2023 21:07:26 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C605 0
0 54ms
54ms Fetch
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CNyosHdvlYqOzDoHRgQfVkLy4Bcme0rFc1Z2R93DAjbcBEAEgAGCV0qOCsAeCARdjYS1wdWItMTM1NDcxNjk1NTIyODYyNsgBCakCBDJji1YlsT7gAgCoAwGqBIkCT9A17GPIgIMXzPoMzHNRIvMEQ55nYgLC2UbbktxSN4IH9WrwYo6JAKZqKv8iznUbv_poG1Q5vUzka0SYxyGxn6n86G4Ho0GW54vlClrYM5KufA1l6jH6zKQ6enKt51wwESzxKhwfSEGLFgb0x8PwGFuUPP1OBKvKJhFSLWQRwlt9kiqiNg_N5gSD_jdfoJD3MJ9Mhh_LUh5c2tJMrs6Nhb9rAVY4tHzj5ChDkcuQQtr6bCQBy-qvYZOWUzKi21WN_YjRpS5Uonp8XnprYVVFWSfVw_wCZ4jg_EUf6cFwiAiqjfl1drvcgG7lJn32XaHShHserw5Dbal7gW6nghKFb1R9rYguauZ5U-AEAYAG752BpNeVrZsboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgECACgH6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMTM1NDcxNjk1NTIyODYyNhjKlCI&sigh=OgjW3fOFrek&uach_m=[UACH]&cid=CAQSPgCsnQUxswLW5mw8UbURwjTgMiA5yDQehrQ5x3c3ETggoQvTCV8pJgN_4kkkK2QDUR7Vz8f0k_qRlkjFnaaZGAE
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame C605 0
0 69ms
13ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kvi0Ed6BMNgFWp2DYgICAAAAKE_hpE9UsoJ6_UheEBzb5WLFAgmbfPzHG4YCogASAAA&wp=YuXbHQADmaMK4GiBAA8IVW2-bBXN1mDt3tiH9A

Requested by

Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
server: Kestrel
server-processing-duration-in-ticks: 269306
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 23C9 162 KB
52 KB 119ms
105ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YuXbHQADmaMK4GiBAA8IVW2-bBXN1mDt3tiH9A&u=%7CgNMOE4LdLXru7p9QL9qXiUsehgWGCftpsEyufOZkM%2Bg%3D%7C&c1=0n2XosTo5cmJbNb7DNNVBd09feAUrRU5KgFh9XNQv4I0A_64YSM0HeTEAVbYfjkwagOn2ee-KscXR3GuaZC9wE0vl9rtksJ8Dc7yiDzy99ixeyYz3KATJ5jUNyNZ-rw2S9QDl3gXX7bAkYetAha2wFwSkjEYjvctyx_NVpiqA4VcBUuYGS3nVz1F1HD_cX8rXyJtWh6XO2R5QSjLKKJu5P6QEosezpD0txk24CaaiBfmdGZMVrvLDkKqTnnqw6to8FBMh6SRmppZeLihk6cbAJ7x45999v3Mo6d437zCTvb8Da-a78jnWc1_H25oQ9BB2iTjc6PO24X8x3xb7UBie6HK9-deEVvEui0Nu6ExcBpOuA9TYzz6IRXBU-eJLxXmRi3ImYBAIejuhvi2166nKCzlFicXbDiCSpNUzcZHmuWW66b6_VS5UJ4_8xn0yWS-y5Ol1pMBFYSwQACHWRls4gmI97D-n6_N1tmDA2LenSJA_li00STC5g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEqi1HdvlYqOzDoHRgQfVkLy4Bcme0rFc1Z2R93DAjbcBEAEgAGCV0qOCsAeCARdjYS1wdWItMTM1NDcxNjk1NTIyODYyNsgBCakCBDJji1YlsT7gAgCoAwGqBIwCT9A17GPIgIMXzPoMzHNRIvMEQ55nYgLC2UbbktxSN4IH9WrwYo6JAKZqKv8iznUbv_poG1Q5vUzka0SYxyGxn6n86G4Ho0GW54vlClrYM5KufA1l6jH6zKQ6enKt51wwESzxKhwfSEGLFgb0x8PwGFuUPP1OBKvKJhFSLWQRwlt9kiqiNg_N5gSD_jdfoJD3MJ9Mhh_LUh5c2tJMrs6Nhb9rAVY4tHzj5ChDkcuQQtr6bCQBy-qvYZOWUzKi21WN_YjRpS5Uonp8XnprYVVFWSfVw_wCZ4jg_EUf6cFwiAiqjfk3dJpOB-F5NcJqSQICud3mphpJ26NVmewTSi8jnetjgZCrwGJq7N4zxeAEAYAG752BpNeVrZsboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2CDi7e1y0aOjZ_qKrrKvlhPzJcvg%26client%3Dca-pub-1354716955228626%26adurl%3D

Requested by

Host: 3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com
URL: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

33489265f7d6c34780f85e6297345f70a0643efee718f0b657f1145cb67cb86b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 31 Jul 2022 01:30:04 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=yAeFnr3kqe6w7UGmS9mhe-DEvBzHRc8jGwS6j4DGhiYqBzHdiA6WzDF5PXt4HzklJo4zefjoRYQrtgy4h9JnmeB9nQTs0n0YUjYtyPDwOlRRqzBHENA5T0rtNyoruTDF_3jzX3PmcwgYuaptDR2X6tM_9pLIwNgYz9K6S0-Ci_GMhEthlLtwFHJD1gqWdH6i7hNoHq1ZFTVCZfFoJkkNxHTFn5t-9Ry2ZEMSHPg0F08jk_vL5STQVXG_uAAJyRyjIeXfgA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 72449022
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/ Frame C605 3 KB
1 KB 41ms
38ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com
URL: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:16:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 832
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Aug 2022 01:16:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C605 139 KB
43 KB 54ms
51ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com
URL: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5ed818755223a03cbbfdb5ab7c4b759a9b0f01673363197ea01a54b0072cbc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43522
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658922152796835"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 31 Jul 2022 01:30:05 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/ Frame C605 18 KB
8 KB 32ms
30ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com
URL: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:10:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7643
x-xss-protection: 0
server: cafe
etag: 5476907727954993956
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Aug 2022 01:10:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C605 0
0 31ms
29ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSyEIk_Ws0L9UFJUyo8_aJo64oeqv2wAWjPq2OINNd-s4fm1LZW6kHx0OaNIqNqsTI00caXDuM8fF3kg6_a6azqQTaBPQ
Requested by: Host: 3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com
URL: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame C605 22 KB
7 KB 34ms
31ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com
URL: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 21:07:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102159
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 29 Jul 2023 21:07:26 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E645 0
0 55ms
54ms Fetch
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CBL7oHdvlYqSzDoHRgQfVkLy4Bcme0rFc1Z2R93DAjbcBEAEgAGCV0qOCsAeCARdjYS1wdWItMTM1NDcxNjk1NTIyODYyNsgBCakCBDJji1YlsT7gAgCoAwGqBI4CT9DGm0TqyqHXyiWaTUNxiWQRWtB91EeALnxz-UoRUuh1Bi37ok7D_kvb-DW7Wfkef0PsrQHLc3dKlEWv0BydVIrlTiepKEo-bveka9MpyUKbowBlYbfznRDJYXWn-pXnws2IOLgFRwEg788cNF0JOqIhMjSmDUINA-8UyfWbgGmgKUGx4dkj4RCM0q6TpwA_6ao2-Ws7PT1VG-YjKz1GH_U5IwbY8FYJU_i7cL3iEzvxN-TzzwEEtSOOQw3h-z7Y2HMI0lVfycmgDFTT9C_eT8axQWlNXDVOkyGlMJe8EZjs1AdssQhFgXNHU7NKmqwOruNI3BpZl_IupWnAJQHDLd_T6frXzDsEy2nxsvTr4AQBgAbvnYGk15WtmxugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQIAKAfoLAggBgAwB0BUBgBcBshccChoSFHB1Yi0xMzU0NzE2OTU1MjI4NjI2GMqUIg&sigh=CjUATFJ5Hm4&uach_m=[UACH]&cid=CAQSPgCsnQUxswLW5mw8UbURwjTgMiA5yDQehrQ5x3c3ETggoQvTCV8pJgN_4kkkK2QDUR7Vz8f0k_qRlkjFnaaZGAE
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame E645 0
0 66ms
14ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kvi0EeGBMNACmAKdg2ICAgAAAIkF8JosCnX3ev1IXhAc2-ViPlSUY_bn7yRYYzsAEgAA&wp=YuXbHQADmaQK4GiBAA8IVeoKsHZqnDcwQ0SN_Q

Requested by

Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:04 GMT
server: Kestrel
server-processing-duration-in-ticks: 275516
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 753F 157 KB
52 KB 95ms
85ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YuXbHQADmaQK4GiBAA8IVeoKsHZqnDcwQ0SN_Q&u=%7CgNMOE4LdLXpkDU845oKtbJ4NYXzDDCUc3pvxxYw1DGQ%3D%7C&c1=0n2XosTo5cmJbNb7DNNVBd09feAUrRU5KgFh9XNQv4JdLNIKaOnb5OzEWkIpq6r1BJdkqejnNl45Kh9Y2SghDXabwdx6ifBMChPCl-FdT_23wDCir6bFv5O2XJZXcDZ-WokB8xDe7tUlfHDKnzp8lqojUPHvGk8LeN-IFzSLCIzbB73dqhCqQBfS1XjMAGLdloG8WbHuJDJCpN5LvM8Y91VggIzRlFYBVC7s4E3o1B_mgUed5CBLebBTADqW0ALAmp3NkSyXo2M43vcB4c6ihLV1bhyta9uCJbJsreI9TI3evZlDraEDq2yHtfEp1SQ2PkjUFy37NH2Unfp15K6wjnsTxsmru5gIoOYtNMfz4r5qGG_tk2g1ZUl8QA3-rcJp2bpJzl5xDT7U-t3GegH2wI-LRBDltTW7qxFc0Mh8zQgBF3u2G-4w_PTV0ckGzBS1IkcxLTlVPn5KOyemhEIPxRK4JjxWHlt7xfuzC5LiVKY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCenk2HdvlYqSzDoHRgQfVkLy4Bcme0rFc1Z2R93DAjbcBEAEgAGCV0qOCsAeCARdjYS1wdWItMTM1NDcxNjk1NTIyODYyNsgBCakCBDJji1YlsT7gAgCoAwGqBJECT9DGm0TqyqHXyiWaTUNxiWQRWtB91EeALnxz-UoRUuh1Bi37ok7D_kvb-DW7Wfkef0PsrQHLc3dKlEWv0BydVIrlTiepKEo-bveka9MpyUKbowBlYbfznRDJYXWn-pXnws2IOLgFRwEg788cNF0JOqIhMjSmDUINA-8UyfWbgGmgKUGx4dkj4RCM0q6TpwA_6ao2-Ws7PT1VG-YjKz1GH_U5IwbY8FYJU_i7cL3iEzvxN-TzzwEEtSOOQw3h-z7Y2HMI0lVfycmgDFTT9C_eT8axQWlNXDVOkyGlMJe8EZjs1AdssQhFgTFFciHNFTAdEX9cf8pkMQonsWN2Ly_br2sb1FwlcyUo0-xbNudU1d6I4AQBgAbvnYGk15WtmxugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0rWWVumyUP_jWvmL7rTIcjeX97ww%26client%3Dca-pub-1354716955228626%26adurl%3D

Requested by

Host: 3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com
URL: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

378b3869ece39b08f9a6687aad1bf8a827ac2f45bdab48160e7777c024feb1da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 31 Jul 2022 01:30:04 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=v9TQ7r3kqe6w7UGmyjFHv_Fnfl_5W564WKGRcDkUuR8cvcLaVIxBYrUZM8d7DfHfSRdDrR62glTE8JZbp1iMOLIUlu2POkWqziOXJKs1KiNpspj8w_61k2xNICd-8fGfvFvvxr8gaUV_vcH3M4tA8F1n9fqEEB2cGbLhQm70KPpnyCpTInWNVmtfFVzfGHxaCrW3mv2Bk-Oj1X5OkzFkmXKUoAS3upwB1Vz5itnoHtqieOdgSgc1xvRao_F0IBZlwQdjVQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 61187509
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/ Frame E645 3 KB
1 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com
URL: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:16:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 832
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Aug 2022 01:16:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E645 139 KB
43 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com
URL: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5ed818755223a03cbbfdb5ab7c4b759a9b0f01673363197ea01a54b0072cbc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43522
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658922152796835"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 31 Jul 2022 01:30:05 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/ Frame E645 18 KB
8 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com
URL: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:10:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7643
x-xss-protection: 0
server: cafe
etag: 5476907727954993956
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Aug 2022 01:10:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E645 0
0 49ms
48ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRsd0UkcEBXUmtVJN15l-dX_pwluzorYnimDEibe92sar1iXUY2sGYiqk0yl-SKDUTI2Bj4CgPohmzAH3JzMg6u799-uA
Requested by: Host: 3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com
URL: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame E645 22 KB
7 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com
URL: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 21:07:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102159
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 29 Jul 2023 21:07:26 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 3296 513 B
523 B 135ms
111ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=d1ce6959ca73c20a3841e0cd75a4a0999cceb454

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.dc05643fdb8d0e2b89e5cc3c1d26d1b5.html?origin=https%3A%2F%2Fwww.matichonweekly.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

6bfdae4a96ded74a8b76984a830bba5e90a6a14a529f56ca4a2bf75021fe45fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-response-time: 104
date: Sun, 31 Jul 2022 01:30:05 GMT
content-encoding: gzip
last-modified: Sun, 31 Jul 2022 01:30:05 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 5e167cded19be784adb8b7e6113a7154f67d8b75254caae679b67e0b73e2d2b2
content-length: 242

GET
DATA 200
OK truncated
/ Frame E645 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6466d1307e3fc1654a26472042f57686cf199dcf6315799cb2da85da99eb9ff9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4AC6 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 266aa2666a61b6fe3fccee2ed348b67ee588c0c9b2a6e219f67c1f5ebd8b18b2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 2F8E 2 KB
1 KB 61ms
21ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuXbHQADmaUK4GiBAA8IVeh_LYgHsxBkBbxYQA&u=%7CgNMOE4LdLXqnApI2hN%2FFImBd1AzwdeKk8l%2F1qIbtcEM%3D%7C&c1=0n2XosTo5cmJbNb7DNNVBd09feAUrRU5KgFh9XNQv4JdLNIKaOnb5OzEWkIpq6r1BJdkqejnNl45Kh9Y2SghDXabwdx6ifBMrst4K_FNPK2ekluEuX0ttZocwHxBLNZgB0Xe1lL-7BYuK5p5kw0kW94s5rdg3zwlc_ii7tVg8COp2oA-EVtDgNrafb6m7AGZGs2-ExjUh12g0rIlz8GGS57UuzKEY7TUJXM6FEM9JUBuDusYUKILaZRxXwp-2Om4tN4kDntYUZuksfJ-tLAZb1QTU0Dibu2QOT2QBcVrGkvDtZQqyvs7BOWA6H2pDPUCbwbTObKn8VejONcrDcniHkYRJA0pozYt0vxBN3WkNiDuzfvihnRpEAngdlDolQrmo1iaBz-DtxeEpOBSFr20sMF9R_cVjkC3lyU9YZEkWCAt4VfYBIs86nciLQQXRdTcaDa7NblTWi4omIg8COL6ehVCRjfkuq-aEgtgmD5nAwQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEAvMHdvlYqWzDoHRgQfVkLy4Bcme0rFc1Z2R93DAjbcBEAEgAGCV0qOCsAeCARdjYS1wdWItMTM1NDcxNjk1NTIyODYyNsgBCakCBDJji1YlsT7gAgCoAwGqBJUCT9DttmYxnscC3RL6h_FCgcZiZxZpb0toOZZG4uTxZWJKFJ84xnZ8BDgEy-wmnb4mkAtVZAD7fG-dxuZTrDqfwGWObO2zofcQr3yoHI9tD8ecekAm2N7QwwfePWqoezlAxvfJkf2mHKrc5lpC3AaN3_grGeqmx5Js01l2AKTaXB-h7BVXVLM--FVP8VDfQoTbYu6WLY7vVhICLU9-4kTqunO-en29J3wylgFtilSZdsgn2dqmENLdR0RoYRdjXoqi8GA_p3DeDqssCwmSWUC235B9zot4KjZFfTXtvn0w4omBa2g4Fa4JeuJstKzTLig9Ndl3OkSHxM7PxBhyTMXg_Cw6OOciUz4hKs-HEdO9JTJy9z4BmuAEAYAG752BpNeVrZsboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0fL5BqIoP-8tATixSJhOd4PQnKzw%26client%3Dca-pub-1354716955228626%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 26 Jul 2023 01:30:05 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 2F8E 2 KB
1 KB 62ms
22ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 26 Jul 2023 01:30:05 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 2F8E 308 B
636 B 25ms
24ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 26 Jul 2023 01:30:05 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 2F8E 293 B
621 B 25ms
24ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 26 Jul 2023 01:30:05 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 2F8E 43 B
348 B 69ms
15ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=3r8QT2WL95q6EZFlJLoyJiL0J0yRKBcr_SFNJQNYCU2XQ3hVOJuzWwjC5eoDEDYusqrC9cIUqouoMABevEGxq4MFMf1Kq7NiAJ8YyA-GCKBRdSiUTHZAkWieQf-z7bOy3atObZbnrdmIo3sTO25wWZ7R-iE4RsRgJce2P_nE_-9BCEl9978aYklXwf9hjejG-MqLtk7ry2TA4ji8HSeEobYguDRp7YZF_SEQfIs8s3QUSw7uxAaL1ak3_61G1oTW4vMB5JPu45zC8G71oc89i-2ihKXm70D6J8C8q0fz10Z3OA3EIgS46JkDcWLdKORI3VoJojqoeToRiE7L-6qGA-k05RBSRm-S6GBKIw2XQsiq2ecap_JY0S709LJAwRmy_pRm8NJHzxrmWd518ZSpbihD2QtTd81tRMwmF-_Hu02Bw5l0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 01:30:05 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2911861
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame CCD0 33 KB
16 KB 97ms
17ms Script
text/javascript 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=53578336;rtbwp=YuXbHQADmacK4GiBAA8IVQmdhekVRHnZ6BWgTA;rtbdata=jMNqeDmYZHgaSzoTe8HMNuACDwzsxgSsLSF88KXnFRBY94pk0hMVet6SuHUpcfH_B0Zv1VhWI66OvFbjh7gQ6ufKzgBhh6_DAIjiNGvCUiREZkQGlo2dbo6EVxbDdz9US26aUDwjug3YrsYTr2JOiGoeq4-ZUscP2Myw-FS0YBo-RWxoQJMbwVPjUPNFVW_dBLNIu_zkaMC2u77HrKq3g6nmw8RMAFcHS753wsUDWBO7xqb19ALBAfR0smSI_CFaEcf9rQ6MP4nz9rXqFQxLjR6lrPVpjaIB_G8f7NSXBwg9XkpDYjqXI7ymL2oqizCPcPokOIQ91jzxVt9XrK3hHMN4iOtIBxgX0;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=C6fOzHdvlYqezDoHRgQfVkLy4Bei-mJRcoKWzyf0IwI23ARABIABgldKjgrAHggEXY2EtcHViLTEzNTQ3MTY5NTUyMjg2MjbIAQmpAv_reKI4boI-4AIAqAMBqgSaAk_QMHQ6rM_HyNvEsOETL1G_jEaAxEl9ChJnJ1UTrQbDweEPv6SwNNUYu8HIPyQ8GQ1ihU01zdwqfglqzoIuowEIa0s2ECJ-vdUXR3RPZidE1Hk876v7npleX8hb65MWTaq4ZhWMZW8jsi-L0H3egUXrT2BqmqJQLlG1UELnl_NLSeUiythY1-zYduJOw4s6WCe4lyj3lL_sNULF1yc7oU-2CA1Tv4_6WEnNcUJqv4SYptJzERgxw_imH7ULHQEc_RWPhtm0Jrbpdqoz2PO9kqLjPtMKcXjPz7KZO6QqKwlsnpi45xWNDWG0JxH4hg9LDRdSoSYq0DCs3Q1wT4Ni6h04WZDeKAg1adHwG-tdGyXhvKdMHQa2g2p6yOAEAYAGntrM3dSpt52QAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE&num=1&sig=AOD64_0fKr5EhCtHqvI9c5P7Kmx-NWU1Yg&client=ca-pub-1354716955228626&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 0ce978a7907fdf3a7b393ff68e8c0c17703c7f2eae4772b4bdce769668118dda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
content-encoding: gzip
last-modified: Wed, 27 Jul 2022 07:02:09 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Mon, 01 Aug 2022 05:06:47 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 1D8B 33 KB
16 KB 120ms
41ms Script
text/javascript 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=54736914;rtbwp=YuXbHQADmaYK4GiBAA8IVRNcumCueU99SoHovQ;rtbdata=jMNqeDmYZHgaSzoTe8HMNl6arq47-yp4WFtVPkKUFOa48WMjzfw3ud6SuHUpcfH_B0Zv1VhWI66OvFbjh7gQ6ufKzgBhh6_DAIjiNGvCUiREZkQGlo2dbo6EVxbDdz9US26aUDwjug3YrsYTr2JOiOMZ3YqXnzHD2Myw-FS0YBo-RWxoQJMbwVPjUPNFVW_dBLNIu_zkaMC2u77HrKq3g9cTvEtvGttzS753wsUDWBO7xqb19ALBAfR0smSI_CFaEcf9rQ6MP4nz9rXqFQxLjR6lrPVpjaIB_G8f7NSXBwg9XkpDYjqXI7ymL2oqizCPcPokOIQ91jy6bQUpVuWVj8N4iOtIBxgX0;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CSnKAHdvlYqazDoHRgQfVkLy4Bei-mJRcoKWzyf0IwI23ARABIABgldKjgrAHggEXY2EtcHViLTEzNTQ3MTY5NTUyMjg2MjbIAQmpAv_reKI4boI-4AIAqAMBqgSUAk_QjbOTEpcuZyir11qOaaoOsrB67wWvCblv6wPh47C5wWDbc4XaoUBHZhQ42wXmOynx0H9p06GbyZkbZ2KWFnrzh8TvGxC-RZIhTX4j2Jz1cozz34GjhW4-t5s5Xz1PrplNQmecsWAUI33U_O6PPSwKaY6TGcF_dDLm5Pa5ltEYmrbndUHiG0_3tPCy9KMLIpyIU9FBo76PqSOYVCzk3hQjgsB7EvpsX4WjwbAltyVo7kvbHg4LhG8hiOVqw73d8dycRfeSWTEmphmGTHvmjnKlCOaSb0N9RQE1OVPyAW-xq7X4F0h4Dv-LZt3p5Dv4GBL0C5F5e8KFFd-eQvfcDqKB7n0k9-Psiuwt0T7H4qwzAZC7LeAEAYAGi_eMnI323oB2oAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_27F5dhs8ItvP76iFxwKnKY2kXLzA&client=ca-pub-1354716955228626&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 0ce978a7907fdf3a7b393ff68e8c0c17703c7f2eae4772b4bdce769668118dda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
content-encoding: gzip
last-modified: Wed, 27 Jul 2022 07:02:09 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Mon, 01 Aug 2022 05:06:47 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 753F 2 KB
1 KB 49ms
12ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuXbHQADmaQK4GiBAA8IVeoKsHZqnDcwQ0SN_Q&u=%7CgNMOE4LdLXpkDU845oKtbJ4NYXzDDCUc3pvxxYw1DGQ%3D%7C&c1=0n2XosTo5cmJbNb7DNNVBd09feAUrRU5KgFh9XNQv4JdLNIKaOnb5OzEWkIpq6r1BJdkqejnNl45Kh9Y2SghDXabwdx6ifBMChPCl-FdT_23wDCir6bFv5O2XJZXcDZ-WokB8xDe7tUlfHDKnzp8lqojUPHvGk8LeN-IFzSLCIzbB73dqhCqQBfS1XjMAGLdloG8WbHuJDJCpN5LvM8Y91VggIzRlFYBVC7s4E3o1B_mgUed5CBLebBTADqW0ALAmp3NkSyXo2M43vcB4c6ihLV1bhyta9uCJbJsreI9TI3evZlDraEDq2yHtfEp1SQ2PkjUFy37NH2Unfp15K6wjnsTxsmru5gIoOYtNMfz4r5qGG_tk2g1ZUl8QA3-rcJp2bpJzl5xDT7U-t3GegH2wI-LRBDltTW7qxFc0Mh8zQgBF3u2G-4w_PTV0ckGzBS1IkcxLTlVPn5KOyemhEIPxRK4JjxWHlt7xfuzC5LiVKY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCenk2HdvlYqSzDoHRgQfVkLy4Bcme0rFc1Z2R93DAjbcBEAEgAGCV0qOCsAeCARdjYS1wdWItMTM1NDcxNjk1NTIyODYyNsgBCakCBDJji1YlsT7gAgCoAwGqBJECT9DGm0TqyqHXyiWaTUNxiWQRWtB91EeALnxz-UoRUuh1Bi37ok7D_kvb-DW7Wfkef0PsrQHLc3dKlEWv0BydVIrlTiepKEo-bveka9MpyUKbowBlYbfznRDJYXWn-pXnws2IOLgFRwEg788cNF0JOqIhMjSmDUINA-8UyfWbgGmgKUGx4dkj4RCM0q6TpwA_6ao2-Ws7PT1VG-YjKz1GH_U5IwbY8FYJU_i7cL3iEzvxN-TzzwEEtSOOQw3h-z7Y2HMI0lVfycmgDFTT9C_eT8axQWlNXDVOkyGlMJe8EZjs1AdssQhFgTFFciHNFTAdEX9cf8pkMQonsWN2Ly_br2sb1FwlcyUo0-xbNudU1d6I4AQBgAbvnYGk15WtmxugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0rWWVumyUP_jWvmL7rTIcjeX97ww%26client%3Dca-pub-1354716955228626%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 26 Jul 2023 01:30:05 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 753F 2 KB
1 KB 58ms
21ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 26 Jul 2023 01:30:05 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 753F 308 B
636 B 24ms
23ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 26 Jul 2023 01:30:05 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 753F 293 B
621 B 24ms
24ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 26 Jul 2023 01:30:05 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 753F 43 B
347 B 68ms
16ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=kAzcjGC-9Ej8h5QamA15WWUjRyvsMivbKOlu-BeuB8YSV_F3V6dhGebnqNbJ-iGhP2aweC6-LvDFMpLCBwrUyTxp1RM-nOHfwl0Y8ZZSDRm_vx16K4zapvuhGEauOpuzA4wPwY3SjtvvjMi4uigIyvbLYSTXbePVzRqthmB09XvEHWgvhVaF-xct8b1UTiB7NQZSNObHO0M0PAWwc7IgX5YYKjTiteVFtljpZ5oIqYo8WBxe1E7i7-BVO31uNjMiGFpdqWXFszvendizttpYQ4lb-aA5KfpDJpoIFfjq4Qi9KKx5tWivRaI6NfwQwDh7dpEEoSI8qm3RTyy8LodSvCPL9BH5roEts9SYieJUNHNo3PnRMFUOQAOAYokPwXsZ8xNvewgYLljr9Vch_B7T3Vg-hksSh0zlzvRv4bPI03KDVuze

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 01:30:05 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3473093
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame D357 2 KB
1 KB 32ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuXbHQADmagK4GiBAA8IVVmjKq38eUfwl5oosA&u=%7Cicvy%2BNkreb2AP0WwMNQXgDhK3YF5yqPRqRxI9YPFp%2Fg%3D%7C&c1=0n2XosTo5cmJbNb7DNNVBd09feAUrRU5KgFh9XNQv4I0A_64YSM0HeTEAVbYfjkwagOn2ee-KscXR3GuaZC9wE0vl9rtksJ8Dc7yiDzy99ixeyYz3KATJ3fJRHDyal0fFijPZDKnfJhwKjLzQJkmo_pbCEzs68oL4yx8t4NLJbI4zF4cocvpuK9AXoqhiG82LD3SN8-wjrvuYaood7rUzwOJ0CKw9epq4E-bSpd18q9GfB5LRaFDAxmlHc7SPtN6ZDLWXbXWJPoxADu1ScPWmeMr9OeSaYNF-FNcz4A8WKha1mWxXcFsEySqCvr9_QNG4PRV7xBCFkcGwFk7VE513VHbmsdNAMe3QV7WY1ji31I2-470PNQVw2yw_iGXOzEPNKzKaXIGLchvbNxCuyIAOrxCt9BXNL3B42_AUdMDVedY4nBUeXDCtbFuMKdZfxVB-DTegSuCAzn2v55vM9Bcsc44yE0U9eLX7oXCQ5uOKvQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDiG_HdvlYqizDoHRgQfVkLy4Bcme0rFc1Z2R93DAjbcBEAEgAGCV0qOCsAeCARdjYS1wdWItMTM1NDcxNjk1NTIyODYyNsgBCakCBDJji1YlsT7gAgCoAwGqBI0CT9CSWxFu-M5IZUcWtvF8QrX-agbkdnlTdN2HEfmvugsMm8QM9fzgFq83-oJpVdpDNAFPLtDqz2WcQBJGmchHLZNsQ1UjH9z0rZhmV99jhtUmWLwZAm1LTJQlREsBuaNJtfr_yXmRe1meLtnm0H1FsNTxNBwmVy7b5e9d58ksRwIU760KH4QPhZGf9NwZLA-Po6lpdfFfGRBdB7UW3YFggH-oWPubgqCOI14sX1Pk7ee19ywJ81a0qw4ti0WgGfnTRlIBtiRIG1mBfDgpYoY7aGLHFRcASBPT4mk9XqLyHJDRg4zmTFeGt7k762Zja2Fijq0LkvbnCrcEdS2vfhWPb8BlfzO8Ax39ahbIFWzgBAGABu-dgaTXla2bG6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0FscV1Zaf3AeDaD1ZYYvLTxs0g0w%26client%3Dca-pub-1354716955228626%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 26 Jul 2023 01:30:05 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame D357 2 KB
1 KB 33ms
15ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 26 Jul 2023 01:30:05 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame D357 308 B
636 B 23ms
22ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 26 Jul 2023 01:30:05 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame D357 293 B
621 B 23ms
23ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 26 Jul 2023 01:30:05 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame D357 43 B
347 B 66ms
17ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=_9vxNq9BY2FNN7u0gU3TngBZKH2tf6xeu-8Qa8w3ECoSDGA3vED4J0KixjtmBQ3xQcRtpdeuoPpvSeLTo1LFGud5qbAzL4fVnbEd9O0lz7NpulduV6e1XxZvgDZntAplfLeZLnfss44QuO-IGQ6ongVSWeUbgZ5oAWvaNDRHMAFvt7bYoggqoVlivjfDDIzGQRmh0FE4TR7in_xlq-Ll8kW9KbUeZTCkiVy04hJbJ7_HxoFZAYd2FWPlyk40HBwGXI2qTRKPAwo7aH-Ap9uRKJSE42TUfmVR5Tyi2LuhMa7GE48MJizcZGsU-gCDBwwxKYwjvfiowI3rauIuIeWvBKnuR4jN7zCj08_JcsjKVGSE8fi2tb1vqsVwQlyQ-3QMQTFl0POrTKuD7APvvBfZstcHiTNgLCkUvs8LH0Q_FrM6fGh5Ty3v6ItffqtpMJP-bvP2jA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 01:30:05 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 4036655
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 23C9 2 KB
1 KB 30ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuXbHQADmaMK4GiBAA8IVW2-bBXN1mDt3tiH9A&u=%7CgNMOE4LdLXru7p9QL9qXiUsehgWGCftpsEyufOZkM%2Bg%3D%7C&c1=0n2XosTo5cmJbNb7DNNVBd09feAUrRU5KgFh9XNQv4I0A_64YSM0HeTEAVbYfjkwagOn2ee-KscXR3GuaZC9wE0vl9rtksJ8Dc7yiDzy99ixeyYz3KATJ5jUNyNZ-rw2S9QDl3gXX7bAkYetAha2wFwSkjEYjvctyx_NVpiqA4VcBUuYGS3nVz1F1HD_cX8rXyJtWh6XO2R5QSjLKKJu5P6QEosezpD0txk24CaaiBfmdGZMVrvLDkKqTnnqw6to8FBMh6SRmppZeLihk6cbAJ7x45999v3Mo6d437zCTvb8Da-a78jnWc1_H25oQ9BB2iTjc6PO24X8x3xb7UBie6HK9-deEVvEui0Nu6ExcBpOuA9TYzz6IRXBU-eJLxXmRi3ImYBAIejuhvi2166nKCzlFicXbDiCSpNUzcZHmuWW66b6_VS5UJ4_8xn0yWS-y5Ol1pMBFYSwQACHWRls4gmI97D-n6_N1tmDA2LenSJA_li00STC5g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEqi1HdvlYqOzDoHRgQfVkLy4Bcme0rFc1Z2R93DAjbcBEAEgAGCV0qOCsAeCARdjYS1wdWItMTM1NDcxNjk1NTIyODYyNsgBCakCBDJji1YlsT7gAgCoAwGqBIwCT9A17GPIgIMXzPoMzHNRIvMEQ55nYgLC2UbbktxSN4IH9WrwYo6JAKZqKv8iznUbv_poG1Q5vUzka0SYxyGxn6n86G4Ho0GW54vlClrYM5KufA1l6jH6zKQ6enKt51wwESzxKhwfSEGLFgb0x8PwGFuUPP1OBKvKJhFSLWQRwlt9kiqiNg_N5gSD_jdfoJD3MJ9Mhh_LUh5c2tJMrs6Nhb9rAVY4tHzj5ChDkcuQQtr6bCQBy-qvYZOWUzKi21WN_YjRpS5Uonp8XnprYVVFWSfVw_wCZ4jg_EUf6cFwiAiqjfk3dJpOB-F5NcJqSQICud3mphpJ26NVmewTSi8jnetjgZCrwGJq7N4zxeAEAYAG752BpNeVrZsboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2CDi7e1y0aOjZ_qKrrKvlhPzJcvg%26client%3Dca-pub-1354716955228626%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 26 Jul 2023 01:30:05 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 23C9 2 KB
1 KB 30ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 26 Jul 2023 01:30:05 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 23C9 308 B
636 B 22ms
21ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 26 Jul 2023 01:30:05 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 23C9 293 B
621 B 22ms
22ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 26 Jul 2023 01:30:05 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 23C9 43 B
347 B 63ms
16ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=LCkuUq9BY2FNN7u0gU3TngBZKH3HMBdqtOT1GodoAo-CP7iuLfSVrmkx1kgQBQTi_gHqkcT3fLVvdTWjPVurpoXa6U8egJEXOk6E_V4XeU55ad13HxG0HJmKj-aIz8lJ0nK3vv6AlpzSB7MypSMCYoMzcJRsf3hi99fya2baDG_pCyj-1raDH2ViZYULPyjlQO3Eh910B0zSgUM0b_aa_xjAaWF9pJHEIXiLg2OOJhSjeLjGWDtBbXNwURNHtG1bW2BfgcbDBzp3XX_8yXate0YUh2PsP0FsclA8B5tu-gH6csqZoAh-9PTPytnJSdSTUo0iZSusjrJEAyw8ezNmsIwmPdDxP_nmXQGaFcoP4ohsbXl5IH3QTU4qw3MO4xR5y_txThhTHuLxMmQSlEH6gR04VcfSXUql-c1TfeAmzAatknqq

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 01:30:05 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3075791
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame C605 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8fcc9407543aaf920136a3d1908bbee883a0528e9e889c31f4a6643bdb84e01e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 116D 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ba2a305961f23c0df2de773fe45b59000e7c4c63ae96278fd5412c33e0cdeee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 2F8E 12 KB
5 KB 38ms
11ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 275909
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kISmsXvrARhcFgUOnQmMDPNyKhncZdfDQxad%2BMYc5rqGRaCY4KkTgJQU%2Bu5B03PNDjD3OMUgEBvWQ0r%2BMLpvaAqPSRNKt5hXOTkcygcz4sQpcUWd11MgapbAzprXaq3tr0a3ubafxfTlWoGHu4McLIs%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7332911b0b59694c-FRA
expires: Fri, 21 Jul 2023 01:30:05 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 2F8E 12 KB
6 KB 15ms
13ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 26 Jul 2023 01:30:05 GMT

GET
H2 200 3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff
static.criteo.net/design/dt/ Frame 2F8E 68 KB
68 KB 41ms
14ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b40ed885c6eabc68309c7e3377008ec3aaba2add66e43fcf6fc2851cdc6a2f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 10:27:15 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"61028283-10ec0"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 26 Jul 2023 01:30:05 GMT

GET
H2 200 e228b6a4e90947dcaf6c5ad0025ee925_skyscannerrelative-bold.woff
static.criteo.net/design/dt/ Frame 2F8E 68 KB
68 KB 68ms
42ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/e228b6a4e90947dcaf6c5ad0025ee925_skyscannerrelative-bold.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

9cb93fc023cca355260310e41056be397ecad26f94a578c5b147762b40fc6d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 10:27:15 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"61028283-10f14"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 26 Jul 2023 01:30:05 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 2F8E 24 KB
24 KB 69ms
17ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=7450&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F7450%2F211022%2Fe47551705bde4240a673c74cf1908518_img_vertical_1.png&v=3&w=1200&s=_Gp9dabRvxfsycVxTEj_T4dz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

a13ff34f1f6805135cb084e3cb1044861ca7037ddeaff9e8359bec5cf4010ef4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29181560
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 24096
expires: Mon, 03 Jul 2023 19:29:26 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 2F8E 0
128 B 70ms
17ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=h9bgyr3kqe6w7UGmtaAMM3sXj1gyOH7m7fwliNCcBdFeHObe_vC7KMEuX7R_vgtng2nctu8CtjFTi5cEsLr29I_YSmdtkiSMrcSDI8cO5LTwr-DwjSmJkoi8tNQt5aY1Tecu4halsiosRGUpmYeTYUXxS5lBNHqJ7mK4gZTA76z9C46RK0-geyVOi2H8dXf_i66WJmO_pSomtDF9N5ZzHLyS-mliqhflYk4Bta1_QSWu4XaKThL2Lq16Eq0&sds=2&rev=82250&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 31 Jul 2022 01:30:05 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 2F8E 2 KB
1 KB 16ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 26 Jul 2023 01:30:05 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 2F8E 2 KB
1 KB 14ms
12ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 26 Jul 2023 01:30:05 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 753F 12 KB
5 KB 18ms
12ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 275909
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fPTjzW%2FD%2FlwEV9tTbsNQoNQd1QdKCjK4GiCNAYZlWfYbz2mlTt%2BB5gYyA%2BJN45dtg6dsNi9Ml4nARvoI8cpw6iwufrrWqBIwBFnFNAd8ZZf6K%2FHTQz6fCmigUXy3eQYXbjTLeMW1HajTMcBm5H1HImIf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7332911b0b5a694c-FRA
expires: Fri, 21 Jul 2023 01:30:05 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 753F 12 KB
6 KB 14ms
14ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 26 Jul 2023 01:30:05 GMT

GET
H2 200 3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff
static.criteo.net/design/dt/ Frame 753F 68 KB
68 KB 44ms
43ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b40ed885c6eabc68309c7e3377008ec3aaba2add66e43fcf6fc2851cdc6a2f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 10:27:15 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"61028283-10ec0"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 26 Jul 2023 01:30:05 GMT

GET
H2 200 e228b6a4e90947dcaf6c5ad0025ee925_skyscannerrelative-bold.woff
static.criteo.net/design/dt/ Frame 753F 68 KB
68 KB 45ms
44ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/e228b6a4e90947dcaf6c5ad0025ee925_skyscannerrelative-bold.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

9cb93fc023cca355260310e41056be397ecad26f94a578c5b147762b40fc6d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 10:27:15 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"61028283-10f14"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 26 Jul 2023 01:30:05 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 753F 24 KB
24 KB 31ms
31ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

a13ff34f1f6805135cb084e3cb1044861ca7037ddeaff9e8359bec5cf4010ef4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29181560
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 24096
expires: Mon, 03 Jul 2023 19:29:26 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 753F 0
127 B 17ms
17ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=v9TQ7r3kqe6w7UGmyjFHv_Fnfl_5W564WKGRcDkUuR8cvcLaVIxBYrUZM8d7DfHfSRdDrR62glTE8JZbp1iMOLIUlu2POkWqziOXJKs1KiNpspj8w_61k2xNICd-8fGfvFvvxr8gaUV_vcH3M4tA8F1n9fqEEB2cGbLhQm70KPpnyCpTInWNVmtfFVzfGHxaCrW3mv2Bk-Oj1X5OkzFkmXKUoAS3upwB1Vz5itnoHtqieOdgSgc1xvRao_F0IBZlwQdjVQ&sds=2&rev=82250&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 31 Jul 2022 01:30:05 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 753F 2 KB
1 KB 16ms
16ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 26 Jul 2023 01:30:05 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 753F 2 KB
1 KB 14ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 26 Jul 2023 01:30:05 GMT

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame D357 12 KB
5 KB 23ms
12ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2086689
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6njFjdbcXecNZbHVpsNM3aoV4nfrFIn%2FQlkqsC%2Bi9XmH8VVxMPQWecD9s%2B5a66KbdlyXDYkZFjc7WdDi48%2F6kbsHo2kTATkzFBs1wXivRhtzklMOJcAx4KybfSKaSz3YdnoGFJjNrS1uoJ%2BM3UdzKMEb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7332911b79fb9193-FRA
expires: Fri, 21 Jul 2023 01:30:05 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame D357 12 KB
6 KB 14ms
14ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 26 Jul 2023 01:30:05 GMT

GET
H2 200 e228b6a4e90947dcaf6c5ad0025ee925_skyscannerrelative-bold.woff
static.criteo.net/design/dt/ Frame D357 68 KB
68 KB 15ms
14ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/e228b6a4e90947dcaf6c5ad0025ee925_skyscannerrelative-bold.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

9cb93fc023cca355260310e41056be397ecad26f94a578c5b147762b40fc6d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 10:27:15 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"61028283-10f14"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 26 Jul 2023 01:30:05 GMT

GET
H2 200 3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff
static.criteo.net/design/dt/ Frame D357 68 KB
68 KB 20ms
19ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b40ed885c6eabc68309c7e3377008ec3aaba2add66e43fcf6fc2851cdc6a2f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 10:27:15 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"61028283-10ec0"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 26 Jul 2023 01:30:05 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D357 24 KB
24 KB 17ms
16ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=7450&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F7450%2F211022%2F45f963b9b4db4061b7e96b7b9b33fb3d_img_horizontal_1.png&v=3&w=1200&s=XPRAud79PKlPO2n-2Elk2RGL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e861d3c3bf074c8b832c72921647e53513a1493a855cbfe43820933cbeb35dca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29221752
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 24138
expires: Tue, 04 Jul 2023 06:39:18 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame D357 0
127 B 16ms
16ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=KpID-b3kqe6w7UGm5_iY0tudGx_GUiqqzNdxC8yuWJ85G9YTZPNUSTyhu_oBCtbs7yxqudbxYFiEHfNSKgH6dGWTzcp5XL4Lz-ldpluUhdwDkX4to-ymVOGUD_SjheVtu-KnBNr6DTRvs3aKf0UX1r8biUO11OAIp_LiPLPvypTlPM7ZHpu4455W9HvFIh3K6p2xPCzEhrvMa7qvdkFMplLjJ2C78F_8ysacqGEJd3hSJOTLOYg2vKO5Aq_CDOps1N8FsA&sds=2&rev=82250&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 31 Jul 2022 01:30:05 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame D357 2 KB
1 KB 14ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:06 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 26 Jul 2023 01:30:06 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame D357 2 KB
1 KB 13ms
12ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:06 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 26 Jul 2023 01:30:06 GMT

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 23C9 12 KB
5 KB 15ms
15ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2086690
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=emy4WLGo5USFS2EZ65ne15Ug47EOeG6itN9kH7itloFzO4jKpFCB4xFd73U602J%2BNyw1NnZWF0SULoS4ryY31CFknnZkSzB8tWvZG5qJ6BKWwIXKPZyRJZSP%2B2VnkBkohTjW%2FZcNT0k8QUe5A6%2FzGdL9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7332911b9a1d9193-FRA
expires: Fri, 21 Jul 2023 01:30:06 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 23C9 12 KB
6 KB 13ms
13ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:06 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 26 Jul 2023 01:30:06 GMT

GET
H2 200 e228b6a4e90947dcaf6c5ad0025ee925_skyscannerrelative-bold.woff
static.criteo.net/design/dt/ Frame 23C9 68 KB
68 KB 15ms
14ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/e228b6a4e90947dcaf6c5ad0025ee925_skyscannerrelative-bold.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

9cb93fc023cca355260310e41056be397ecad26f94a578c5b147762b40fc6d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:06 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 10:27:15 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"61028283-10f14"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 26 Jul 2023 01:30:06 GMT

GET
H2 200 3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff
static.criteo.net/design/dt/ Frame 23C9 68 KB
68 KB 15ms
14ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b40ed885c6eabc68309c7e3377008ec3aaba2add66e43fcf6fc2851cdc6a2f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:06 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 10:27:15 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"61028283-10ec0"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 26 Jul 2023 01:30:06 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 23C9 24 KB
24 KB 18ms
18ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e861d3c3bf074c8b832c72921647e53513a1493a855cbfe43820933cbeb35dca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:05 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29221752
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 24138
expires: Tue, 04 Jul 2023 06:39:18 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 23C9 0
127 B 17ms
16ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=yAeFnr3kqe6w7UGmS9mhe-DEvBzHRc8jGwS6j4DGhiYqBzHdiA6WzDF5PXt4HzklJo4zefjoRYQrtgy4h9JnmeB9nQTs0n0YUjYtyPDwOlRRqzBHENA5T0rtNyoruTDF_3jzX3PmcwgYuaptDR2X6tM_9pLIwNgYz9K6S0-Ci_GMhEthlLtwFHJD1gqWdH6i7hNoHq1ZFTVCZfFoJkkNxHTFn5t-9Ry2ZEMSHPg0F08jk_vL5STQVXG_uAAJyRyjIeXfgA&sds=2&rev=82250&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 31 Jul 2022 01:30:05 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 23C9 2 KB
1 KB 14ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:06 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 26 Jul 2023 01:30:06 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 23C9 2 KB
1 KB 13ms
12ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:06 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 26 Jul 2023 01:30:06 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame CCD0 7 KB
4 KB 29ms
28ms Script
text/javascript 37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=53578336;rtbwp=YuXbHQADmacK4GiBAA8IVQmdhekVRHnZ6BWgTA;rtbdata=jMNqeDmYZHgaSzoTe8HMNuACDwzsxgSsLSF88KXnFRBY94pk0hMVet6SuHUpcfH_B0Zv1VhWI66OvFbjh7gQ6ufKzgBhh6_DAIjiNGvCUiREZkQGlo2dbo6EVxbDdz9US26aUDwjug3YrsYTr2JOiGoeq4-ZUscP2Myw-FS0YBo-RWxoQJMbwVPjUPNFVW_dBLNIu_zkaMC2u77HrKq3g6nmw8RMAFcHS753wsUDWBO7xqb19ALBAfR0smSI_CFaEcf9rQ6MP4nz9rXqFQxLjR6lrPVpjaIB_G8f7NSXBwg9XkpDYjqXI7ymL2oqizCPcPokOIQ91jzxVt9XrK3hHMN4iOtIBxgX0;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=C6fOzHdvlYqezDoHRgQfVkLy4Bei-mJRcoKWzyf0IwI23ARABIABgldKjgrAHggEXY2EtcHViLTEzNTQ3MTY5NTUyMjg2MjbIAQmpAv_reKI4boI-4AIAqAMBqgSaAk_QMHQ6rM_HyNvEsOETL1G_jEaAxEl9ChJnJ1UTrQbDweEPv6SwNNUYu8HIPyQ8GQ1ihU01zdwqfglqzoIuowEIa0s2ECJ-vdUXR3RPZidE1Hk876v7npleX8hb65MWTaq4ZhWMZW8jsi-L0H3egUXrT2BqmqJQLlG1UELnl_NLSeUiythY1-zYduJOw4s6WCe4lyj3lL_sNULF1yc7oU-2CA1Tv4_6WEnNcUJqv4SYptJzERgxw_imH7ULHQEc_RWPhtm0Jrbpdqoz2PO9kqLjPtMKcXjPz7KZO6QqKwlsnpi45xWNDWG0JxH4hg9LDRdSoSYq0DCs3Q1wT4Ni6h04WZDeKAg1adHwG-tdGyXhvKdMHQa2g2p6yOAEAYAGntrM3dSpt52QAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE&num=1&sig=AOD64_0fKr5EhCtHqvI9c5P7Kmx-NWU1Yg&client=ca-pub-1354716955228626&adurl=;js=1;adfxid=1x;6241;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.matichonweekly.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e0296240dbe3d57e6814971209a4f01f8bf824be562a48e4deeb5a9924680ec9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 01:30:06 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 3334
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 1D8B 7 KB
4 KB 29ms
29ms Script
text/javascript 37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=54736914;rtbwp=YuXbHQADmaYK4GiBAA8IVRNcumCueU99SoHovQ;rtbdata=jMNqeDmYZHgaSzoTe8HMNl6arq47-yp4WFtVPkKUFOa48WMjzfw3ud6SuHUpcfH_B0Zv1VhWI66OvFbjh7gQ6ufKzgBhh6_DAIjiNGvCUiREZkQGlo2dbo6EVxbDdz9US26aUDwjug3YrsYTr2JOiOMZ3YqXnzHD2Myw-FS0YBo-RWxoQJMbwVPjUPNFVW_dBLNIu_zkaMC2u77HrKq3g9cTvEtvGttzS753wsUDWBO7xqb19ALBAfR0smSI_CFaEcf9rQ6MP4nz9rXqFQxLjR6lrPVpjaIB_G8f7NSXBwg9XkpDYjqXI7ymL2oqizCPcPokOIQ91jy6bQUpVuWVj8N4iOtIBxgX0;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CSnKAHdvlYqazDoHRgQfVkLy4Bei-mJRcoKWzyf0IwI23ARABIABgldKjgrAHggEXY2EtcHViLTEzNTQ3MTY5NTUyMjg2MjbIAQmpAv_reKI4boI-4AIAqAMBqgSUAk_QjbOTEpcuZyir11qOaaoOsrB67wWvCblv6wPh47C5wWDbc4XaoUBHZhQ42wXmOynx0H9p06GbyZkbZ2KWFnrzh8TvGxC-RZIhTX4j2Jz1cozz34GjhW4-t5s5Xz1PrplNQmecsWAUI33U_O6PPSwKaY6TGcF_dDLm5Pa5ltEYmrbndUHiG0_3tPCy9KMLIpyIU9FBo76PqSOYVCzk3hQjgsB7EvpsX4WjwbAltyVo7kvbHg4LhG8hiOVqw73d8dycRfeSWTEmphmGTHvmjnKlCOaSb0N9RQE1OVPyAW-xq7X4F0h4Dv-LZt3p5Dv4GBL0C5F5e8KFFd-eQvfcDqKB7n0k9-Psiuwt0T7H4qwzAZC7LeAEAYAGi_eMnI323oB2oAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_27F5dhs8ItvP76iFxwKnKY2kXLzA&client=ca-pub-1354716955228626&adurl=;js=1;adfxid=2x;9934;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.matichonweekly.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

459a6a5d06fb96912a3b4c63b8f3317b315fb128f7ab042d150b5e2f61fbbbab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 01:30:06 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 3313
expires: -1

GET
H2 200 advert.gif
code.th.giraff.io/data/ 34 B
277 B 11ms
11ms Image
image/webp 2606:4700:10::6816:4e7b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://code.th.giraff.io/data/advert.gif
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4e7b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:06 GMT
cf-cache-status: HIT
age: 26
cf-polished: origFmt=gif, origSize=43
content-disposition: inline; filename="advert.webp"
content-length: 34
last-modified: Thu, 21 Oct 2021 13:36:39 GMT
server: cloudflare
etag: "61716ce7-2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sun, 31 Jul 2022 01:30:40 GMT
cache-control: max-age=60
accept-ranges: bytes
cf-ray: 7332911c4e3c8ffb-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK default-hotspots.js Show response
player.ivideosmart.com/ivshotspots/js/ 42 KB
11 KB 8ms
8ms Script
application/javascript 2a02:26f0:3500:16::215:1484
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.ivideosmart.com/ivshotspots/js/default-hotspots.js
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d1c59e1b38fa1204803f1d29be158886c25efb6fe42d02cfcd1643746249bf39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 31 Jul 2022 01:30:06 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Amz-Cf-Pop: LHR62-C3
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1125181
Content-Length: 10875
AMP-Access-Control-Allow-Source-Origin: *
Last-Modified: Tue, 07 Jun 2022 07:55:22 GMT
Server: AmazonS3
ETag: W/"aacf3a4a14c5e2d00e4ac5b0d9b09693"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200
Access-Control-Allow-Credentials: true
X-Amz-Cf-Id: L8s8RqQWuYEbuvGzYz0pXCojFCegsEx7orFBNqvSofq4dO9xNuNjUw==

GET
H3 200 tiny-slider.css
cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.2/ 2 KB
1 KB 19ms
19ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.2/tiny-slider.css

Requested by

Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3810054
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 573
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ffd-882"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MoJb%2FBO8PXZNv8HHY5l%2BDQnRa3tTNWsk9Y8Lq1aKoOWUYSxN8GRXixk2ali9oan3t1wgv4HcHo5GVeMDr8UqdpPn61P5poXhOtZDA2mDDpaL1%2Fc1f%2F7OW93kJQLA3VX4q4Y8jeQyVDU%2F52afcJ4XLCo5"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7332911c8ad49193-FRA
expires: Fri, 21 Jul 2023 01:30:06 GMT

GET
H3 200 tiny-slider.js Show response
cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.2/min/ 31 KB
12 KB 13ms
12ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.2/min/tiny-slider.js

Requested by

Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

080a485f94dee0e757572d6258ffb9faa1bf8876bef1aa5f60e15a81d54c4709

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 878464
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11404
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ffd-7bfa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lA4%2BaT22v9riZ%2BiTgibTR3Q7Gm2JXv2TajMfAnQ4lR2hTOpcIYuqhDU40GwZZs%2FMdmn3PDsrEHoQyMK7mMOoIXRl3p8M%2FL0bye%2BQJM%2BA7A%2FaUvWkqmPKEjDtBFhf%2Bf7Vq%2F3DrdOweyNiGjjDjk0RaRRb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7332911c8ad89193-FRA
expires: Fri, 21 Jul 2023 01:30:06 GMT

GET
H2 200 3001652-2067283-720-master.m3u8 Show response
3001653-matichon-weekly.cf.ivideosmart.com/3001652/2067283/ 322 B
851 B 754ms
700ms XHR
application/vnd.apple.mpegurl 2600:9000:206f:4800:13:dd95:c600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://3001653-matichon-weekly.cf.ivideosmart.com/3001652/2067283/3001652-2067283-720-master.m3u8?Expires=1659238206&Key-Pair-Id=K2NBAOB0YS34PG&Signature=gGeaLNtNXkEknC0JkA9Yq~FPMzhHOnryTfAqn3PBXw2ZI98TNp~HskSxSc68vn9OM1h2dV5y9T~IoEYsSUFsJ~mmMA8Ay7EcQrGrxA8qq~n4tPahjWZXrN-Nnwp-X0QEPFHDQ4iRW1-Q6uyqQ8eH5muX1SjGxBiDwX1ErgKGbodjqUA~rBti91j22TisluQivsdlLVodkHgRWcgRtRgnw8UjUQct~w5ONF8jxkjR-XcSPXV41yS9SPTsnNxWti1cDgnpw-1PZoaIa3CvVB8hrq4Msqb5WZAqf9lCQNJZFrKNUnlEXltt6sfVq0MoGrTdHHUQxyNqz91Hax5lUXvGMw__
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.12.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4800:13:dd95:c600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0ee1c948369a346f632bdea506c33184fe96c3ddc0c6b03fffa58050b50c3c46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:07 GMT
via: 1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-length: 322
last-modified: Tue, 07 Jun 2022 04:06:15 GMT
server: AmazonS3
etag: "72fa1b70b85ab21d8ae1988071af5a79"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: https://www.matichonweekly.com
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-cf-id: lKVgARj_JDq244zmn1tdJz2fXBt6DOfGLvuf_9681WIQPh0Uhdk6pw==

GET
H3 200 bridge3.522.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 396F 633 KB
205 KB 41ms
13ms Document
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.522.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30809be8855fd7127208ae071c5da033f2a51446fdeb02ba322fdc3dd6e5629f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.matichonweekly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 490302
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 209388
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Jul 2022 09:18:24 GMT
expires: Tue, 25 Jul 2023 09:18:24 GMT
last-modified: Mon, 18 Jul 2022 20:04:33 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 97ms
22ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 31 Jul 2022 01:30:06 GMT

GET
H/1.1 200
OK pageLoad Show response
p-events.ivideosmart.com/prod/v1/ 0
293 B 242ms
173ms XHR
application/json 193.108.153.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p-events.ivideosmart.com/prod/v1/pageLoad?clientConnType=Corporate&clientGroup=000&clientID=00000000-0000-0000-0000-000000000000&containerID=ivsplayer01&cpID=3001652&cpName=Matichon%20Weekly&device=others&domainAppName=www.matichonweekly.com&engVersion=0&eventAction=pageLoad&eventPlayhead=0&eventStarted=mute&eventTime=1244&isOutstream=0&pageArticleID=95489e1339036851dc71d6725e9ff22b&pageID=1659231004953-17f69d62903d8&playerFlag=AD_nAndmTimePlay&playerMajorVersion=4&playerVersion=v4.113.0&productID=adbc5a6e-2085&productName=IVSN&referrer=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&spID=3001653&spName=Matichon%20Weekly&videoDuration=30&videoID=2067283&videoPlayedDuration=0&videoRequestId=1659231004968-f2b6db0509041&videoTitle=%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%94%E0%B9%88%E0%B8%99&videoType=ivideostream&__token__=st=1659231006~exp=1659238206~acl=/*~id=avs5jb6l9w5~hmac=dc986cf5c9024d2bec1be2e5c17b10ad58a5c43b77c7e4bb9ca64e8831ce3bcb
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-10.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://www.matichonweekly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.matichonweekly.com
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Forward-Proto: http
Akamai-Mon-Iucid-Del: 1190329
CDN-Origin-Protocol: HTTP
Content-Length: 0
Content-Type: application/json

GET
H/1.1 200
OK playerViewable Show response
p-events.ivideosmart.com/prod/v1/ 0
293 B 238ms
169ms XHR
application/json 193.108.153.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p-events.ivideosmart.com/prod/v1/playerViewable?clientConnType=Corporate&clientGroup=000&clientID=00000000-0000-0000-0000-000000000000&containerID=ivsplayer01&cpID=3001652&cpName=Matichon%20Weekly&device=others&domainAppName=www.matichonweekly.com&engVersion=0&eventAction=playerViewable&eventPlayhead=0&eventStarted=mute&eventTime=1245&isOutstream=0&pageArticleID=95489e1339036851dc71d6725e9ff22b&pageID=1659231004953-17f69d62903d8&playerFlag=AD_nAndmTimePlay&playerMajorVersion=4&playerVersion=v4.113.0&productID=adbc5a6e-2085&productName=IVSN&referrer=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&spID=3001653&spName=Matichon%20Weekly&videoDuration=30&videoID=2067283&videoPlayedDuration=0&videoRequestId=1659231004968-f2b6db0509041&videoTitle=%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%94%E0%B9%88%E0%B8%99&videoType=ivideostream&__token__=st=1659231006~exp=1659238206~acl=/*~id=avs5jb6l9w5~hmac=dc986cf5c9024d2bec1be2e5c17b10ad58a5c43b77c7e4bb9ca64e8831ce3bcb
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-10.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://www.matichonweekly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.matichonweekly.com
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Forward-Proto: http
Akamai-Mon-Iucid-Del: 1190329
CDN-Origin-Protocol: HTTP
Content-Length: 0
Content-Type: application/json

GET
DATA 200
OK truncated
/ 540 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dd5a327cacc6d55aaf0fbd27f6c312e0dfeac90d75c625ef085d0b7cf076886c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 813 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 828e2359ff39cad670818dd76a29609e0f30f217b6b59a58094328cf67d1c59f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 matichonweeklycom.js Show response
data.th.giraff.io/track/ 75 B
346 B 491ms
158ms Script
application/javascript 43.134.100.94
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.th.giraff.io/track/matichonweeklycom.js?r=&u=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&rand=0.3084264361343656&v=202207181406&vis=1&callback=cbGeo253100049&sp=h
Requested by: Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-matichonweeklycom.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 43.134.100.94 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: nginx /
Resource Hash: bc1887e3481a05350645d217e67b2095daddfc37dfa4a7fe1042f9934b7a007c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:06 GMT
content-encoding: gzip
server: nginx
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"

GET
DATA 200
OK truncated
/ Frame CCD0 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 85d26e1312fd497b2cd26cc5c5f0b7945016a95e4d36c687c5cf9eb8dbe8a9b9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 /
track.adform.net/jsmetrics/ Frame 1D8B 43 B
207 B 27ms
27ms Image
image/gif 37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/jsmetrics/?adfserve=151&asset=121&sid=276&rid=10436&cid=42476

Requested by

Host: 3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com
URL: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:06 GMT
last-modified: Wed, 10 Apr 2019 10:06:26 GMT
server: nginx
etag: "5cadc022-2b"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
accept-ranges: bytes
content-length: 43

GET
DATA 200
OK truncated
/ Frame 1D8B 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f02199cfc7ce94ce104ad1fc23929de7109ef2b43a0043612e3c04016d1ad0ca

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.221/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame CCD0 85 KB
36 KB 26ms
25ms Script
text/javascript 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.221/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 218adede21e3502e8e18a8cc22ae1b170f5c4a522ec92ec08c0b67102d87394a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:06 GMT
content-encoding: gzip
last-modified: Wed, 27 Jul 2022 07:02:09 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Mon, 01 Aug 2022 05:07:24 GMT

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.221/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame 1D8B 85 KB
36 KB 35ms
35ms Script
text/javascript 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.221/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 218adede21e3502e8e18a8cc22ae1b170f5c4a522ec92ec08c0b67102d87394a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:06 GMT
content-encoding: gzip
last-modified: Wed, 27 Jul 2022 07:02:09 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Mon, 01 Aug 2022 05:07:24 GMT

GET
H2 200 goggen.php
lvs2.truehits.in.th/ 91 B
300 B 244ms
244ms Image
image/jpeg 203.150.243.253
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lvs2.truehits.in.th/goggen.php?hc=t0031762&rand=640239&bv=0&rf=bookmark&web=eoAIC05DgrRi85PyQKcNVw%3D%3D&bn=Netscape&ss=1600*1200&sc=24&sv=1.3&ck=y&ja=n&vt=EFD1289B.1&fp=d&fv=-&truehitspage=&truehitsurl=https%3a//www.matichonweekly.com/hot-news/article_563338
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.150.243.253 Bangkok, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 253.243.150.203.sta.inet.co.th
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 01:30:06 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: nginx/1.14.0 (Ubuntu)
content-type: image/jpeg
p3p: CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"

GET
H2 200 view Show response
r-log.dable.io/s/matichonweekly.com/u/71941740.1659231006062/ 54 B
199 B 883ms
291ms Script
text/javascript 3.34.229.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r-log.dable.io/s/matichonweekly.com/u/71941740.1659231006062/view?url=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&ref=&lang=en-US&items%5B0%5D%5Bid%5D=563338&items%5B0%5D%5Bc1%5D=%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%94%E0%B9%88%E0%B8%99&items%5B0%5D%5Blink%5D=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&cid=71941740.1659231006062&z=695033&callback=dbljson2

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.34.229.18 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-34-229-18.ap-northeast-2.compute.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

ee4cfb80dd25cc2c164efef4ebc1b0ba0e31627dcb02eca8a726bb49347ceeb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 31 Jul 2022 01:30:07 GMT
x-content-type-options: nosniff
server: nginx/1.20.0
content-length: 54
content-type: text/javascript; charset=utf-8

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ 47 KB
12 KB 123ms
35ms Script
application/javascript 52.19.54.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=931153&advId=Dable&campId=IAS_Test_Campaign_Apr2021&adsafe_par&bidurl=null
Requested by: Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.54.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-54-25.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e4e093b5a1fae09afd7607e5b87fabd2b8b1e2901c191c6b9169a5811cbc00df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 01:30:06 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H/1.1 200
OK 71941740.1659231006062 Show response
api.dable.io/widgets/id/57wjnOo8/users/ Frame 5382 35 KB
6 KB 568ms
568ms Document
text/html 13.209.232.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.dable.io/widgets/id/57wjnOo8/users/71941740.1659231006062?from=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&url=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&ref=&cid=71941740.1659231006062&uid=71941740.1659231006062&site=matichonweekly.com&id=dablewidget_57wjnOo8_WXp4M4XY&category1=%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%94%E0%B9%88%E0%B8%99&ad_params=%7B%7D&item_id=563338&item_pub_date=2022-06-07T08%3A29%3A53%2B00%3A00&pixel_ratio=1&client_width=694&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
Requested by: Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.209.232.2 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-209-232-2.ap-northeast-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: f4dd3a8ec45cad68bcf5c67d59e5837725ca814880388a8976eca3c9c954ca35

Request headers

Referer: https://www.matichonweekly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Length: 6418
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 31 Jul 2022 01:30:06 GMT
server: istio-envoy
x-envoy-upstream-service-time: 279

GET
H2

200

match2
act.ds.kakao.com/
Redirect Chain

https://analytics.ad.daum.net/match?d=111&uid=71941740.1659231006062
https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220220731%22,%22u%22:%2271941740.1659231006062%22%7D%7D

0
492 B

258ms
252ms

Image
text/plain

211.249.220.158
DREAMX-AS DREAMLI...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220220731%22,%22u%22:%2271941740.1659231006062%22%7D%7D

Requested by

Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338

Protocol

Server

211.249.220.158 , Korea, Republic Of, ASN9457 (DREAMX-AS DREAMLINE CO., KR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 01:30:07 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/plain;charset=UTF-8
content-length: 0
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 31 Jul 2022 01:30:07 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
location: https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220220731%22,%22u%22:%2271941740.1659231006062%22%7D%7D
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0
expires: 0

GET
H2

200

google
adx.dable.io/pixel/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm
https://adx.dable.io/pixel/google?google_gid=CAESEJMv8ntxw0F2_RWYu4Vrg8s&google_cver=1

35 B
207 B

1275ms
672ms

Image
image/gif

52.78.181.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adx.dable.io/pixel/google?google_gid=CAESEJMv8ntxw0F2_RWYu4Vrg8s&google_cver=1
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H2
Server: 52.78.181.17 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-181-17.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:07 GMT
server: nginx
content-length: 35
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 31 Jul 2022 01:30:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adx.dable.io/pixel/google?google_gid=CAESEJMv8ntxw0F2_RWYu4Vrg8s&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 287
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK idsync
idsync.admixer.co.kr/ 43 B
884 B 1711ms
283ms Image
image/gif 183.110.238.136
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.admixer.co.kr/idsync?pid=120&uid=71941740.1659231006062
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 183.110.238.136 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 31-Jul-2022 10:30:07 +0900
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP LAW NID PSA ADM OUR IND NAV COM"
Cache-Control: private, max-age=0, no-cache, no-store
Connection: close
Content-Type: image/gif;
Content-Length: 43
Expires: Mon, 01 Jan 2000 00:00:00 +0900

GET
H/1.1 204
No Content pixel
cm-exchange.toast.com/ 0
607 B 737ms
240ms Image
text/plain 103.243.202.190
NHN-AS-KR NHN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm-exchange.toast.com/pixel?cm_mid=1440080439&cm_muid=71941740.1659231006062&toast_push
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.243.202.190 , Korea, Republic Of, ASN45974 (NHN-AS-KR NHN, KR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 31 Jul 2022 01:30:06 GMT
Server: nginx
Connection: close
P3P: CP="NON DSP LAW CURa ADMa DEVa OUR BUS IND COM NAV INT"

GET
H/1.1 200
OK td_js_sdk_171.js Show response
api.popin.cc/ 34 KB
13 KB 256ms
255ms Script
text/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/td_js_sdk_171.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/matichonweekly_th.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 31 Jul 2022 01:30:06 GMT
Content-Encoding: gzip
Last-Modified: Thu, 11 Jan 2018 09:42:51 GMT
Server: nginx
ETag: W/"17b2e8b253e693d224f7d8407e28e1ea"
X-Cache-Status: HIT from 10.252.55.44
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
x-amz-version-id: null
Expires: Sun, 31 Jul 2022 02:30:06 GMT

GET
H/1.1 200 recommend Show response
th.popin.cc/popin_discovery/ 103 KB
20 KB 1376ms
572ms Script
application/javascript 119.63.197.150
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://th.popin.cc/popin_discovery/recommend?mode=new&url=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&&device=pc&media=www.matichonweekly.com&extra=windows&agency=popinag&topn=50&ad=10&r_category=all&country=th&redirect=true&uid=d9042001beac0d724161659231006403&info=eyJ1c2VyX3RkX29zIjoiV2luZG93cyIsInVzZXJfdGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsInVzZXJfdGRfYnJvd3NlciI6IkNocm9tZSIsInVzZXJfdGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTAzLjAuNTA2MCIsInVzZXJfdGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidXNlcl90ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInVzZXJfdGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDMuMC41MDYwLjEzNCBTYWZhcmkvNTM3LjM2IiwidXNlcl90ZF9yZWZlcnJlciI6IiIsInVzZXJfdGRfcGF0aCI6Ii9ob3QtbmV3cy9hcnRpY2xlXzU2MzMzOCIsInVzZXJfdGRfY2hhcnNldCI6InV0Zi04IiwidXNlcl90ZF9sYW5ndWFnZSI6ImVuLXVzIiwidXNlcl90ZF9jb2xvciI6IjI0LWJpdCIsInVzZXJfdGRfdGl0bGUiOiIlRTAlQjglOUElRTAlQjglODEuJTIwJUUwJUI4JTlCJUUwJUI4JUFEJUUwJUI4JUE4LiVFMCVCOCU5RSVFMCVCOCU5QSUyMCVFMCVCOCU5OSVFMCVCOCVCMSVFMCVCOCU4MSVFMCVCOCVBRCVFMCVCOCVBRCVFMCVCOCU4MSVFMCVCOSU4MSVFMCVCOCU5QSVFMCVCOCU5QSVFMCVCOSU4MyVFMCVCOCU5OSVFMCVCOCU4MSVFMCVCOCVBMyVFMCVCOCVCOCVFMCVCOCU4NyVFMCVCOSU4MCVFMCVCOCU5NyVFMCVCOCU5RSVFMCVCOCVBRiUyMFdGSCUyMCVFMCVCOSU4MyVFMCVCOCU4QSVFMCVCOSU4OSVFMCVCOCU4QiVFMCVCOCVBRCVFMCVCOCU5RiVFMCVCOCU5NSVFMCVCOSU4QyVFMCVCOSU4MSVFMCVCOCVBNyVFMCVCOCVBMyVFMCVCOSU4QyVFMCVCOCU5QyVFMCVCOCVCNCVFMCVCOCU5NCVFMCVCOCU4MSVFMCVCOCU4RSVFMCVCOCVBQiVFMCVCOCVBMSVFMCVCOCVCMiVFMCVCOCVBMiElMjAtJTIwJUUwJUI4JUExJUUwJUI4JTk1JUUwJUI4JUI0JUUwJUI4JThBJUUwJUI4JTk5JUUwJUI4JUFBJUUwJUI4JUI4JUUwJUI4JTk0JUUwJUI4JUFBJUUwJUI4JUIxJUUwJUI4JTlCJUUwJUI4JTk0JUUwJUI4JUIyJUUwJUI4JUFCJUUwJUI5JThDIiwidXNlcl90ZF91cmwiOiJodHRwczovL3d3dy5tYXRpY2hvbndlZWtseS5jb20vaG90LW5ld3MvYXJ0aWNsZV81NjMzMzgiLCJ1c2VyX3RkX3BsYXRmb3JtIjoiV2luMzIiLCJ1c2VyX3RkX2hvc3QiOiJ3d3cubWF0aWNob253ZWVrbHkuY29tIiwidXNlcl9kZXZpY2UiOiJwYyIsInVzZXJfdGltZSI6MTY1OTIzMTAwNjQwNCwiZnJ1aXRfYm94X3Bvc2l0aW9uIjoiIiwiZnJ1aXRfc3R5bGUiOiIifQ==&callback=_p6_96e7fb794592
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/matichonweekly_th.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.197.150 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 5a6b50e7af52623e36936efe55d693103c8760437feb56cb1d70ebc3bd7e8546

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 31 Jul 2022 01:30:07 GMT
Content-Encoding: gzip
Server: nginx/1.13.5
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive

GET
H/1.1 200
OK popin_discovery5-min.js Show response
api.popin.cc/ 155 KB
43 KB 516ms
516ms Script
application/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/popin_discovery5-min.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/matichonweekly_th.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: a4f2cd1c2e40dfecb8433a6493d77517c97634b5e5b9b043865e90f6ee645c07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 31 Jul 2022 01:30:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Jul 2022 07:26:58 GMT
Server: nginx
ETag: W/"b1f25c82791f286acb3b64a84a26f7bc"
X-Cache-Status: HIT from 10.252.55.26
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
x-amz-version-id: 7xrX9qCRUyqykwz6xpgCdhqodWIqG6jP
Expires: Sun, 31 Jul 2022 02:30:06 GMT

GET
H2 200 discoverylogs
log.popin.cc/log/popin_media/ 66 B
223 B 768ms
253ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxMywidWEiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTAzLjAuNTA2MC4xMzQgU2FmYXJpLzUzNy4zNiIsInJfdXJsIjoiaHR0cHM6Ly93d3cubWF0aWNob253ZWVrbHkuY29tL2hvdC1uZXdzL2FydGljbGVfNTYzMzM4In0=&t=1659231006400
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:07 GMT
last-modified: Fri, 10 Jan 2020 11:34:08 GMT
server: nginx/1.13.5
etag: "5e186130-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H2 200 discoverylogs
log.popin.cc/log/popin_media/ 66 B
223 B 587ms
255ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNCwidWEiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTAzLjAuNTA2MC4xMzQgU2FmYXJpLzUzNy4zNiIsImFwaV9ob3N0IjoidGgucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoid3d3Lm1hdGljaG9ud2Vla2x5LmNvbSIsInVybCI6Imh0dHBzOi8vd3d3Lm1hdGljaG9ud2Vla2x5LmNvbS9ob3QtbmV3cy9hcnRpY2xlXzU2MzMzOCIsImxvYyI6Imh0dHBzOi8vd3d3Lm1hdGljaG9ud2Vla2x5LmNvbS9ob3QtbmV3cy9hcnRpY2xlXzU2MzMzOCJ9&t=1659231006405
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:07 GMT
last-modified: Fri, 10 Jan 2020 11:34:08 GMT
server: nginx/1.13.5
etag: "5e186130-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H2 200 discoverylogs
log.popin.cc/log/popin_media/ 66 B
223 B 524ms
254ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNSwicGFyYW0xIjowLCJhcGlfaG9zdCI6InRoLnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6Ind3dy5tYXRpY2hvbndlZWtseS5jb20iLCJ1cmwiOiJodHRwczovL3d3dy5tYXRpY2hvbndlZWtseS5jb20vaG90LW5ld3MvYXJ0aWNsZV81NjMzMzgiLCJ1aWQiOiJkOTA0MjAwMWJlYWMwZDcyNDE2MTY1OTIzMTAwNjQwMyIsInRkX3RpdGxlIjoiIiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjYsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTAzLjAuNTA2MCJ9&t=1659231006407
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:07 GMT
last-modified: Fri, 10 Jan 2020 11:34:08 GMT
server: nginx/1.13.5
etag: "5e186130-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H/1.1 200
OK ivs-open-sans.css
player.ivideosmart.com/ivshotspots/fonts/ 20 KB
2 KB 8ms
7ms Stylesheet
text/css 2a02:26f0:3500:16::215:1484
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.ivideosmart.com/ivshotspots/fonts/ivs-open-sans.css
Requested by: Host: client
URL: about:client
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 64e277a8a009d28ecfa2f584646e8eea8efac99bd5dc4c9fc2eb9b07179dcf46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 31 Jul 2022 01:30:06 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Amz-Cf-Pop: FRA56-C1
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1125181
Content-Length: 1075
Last-Modified: Tue, 27 Oct 2020 03:05:44 GMT
Server: AmazonS3
ETag: W/"29fa8d2441d3dca93c4bb5e22a04dafc"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=691200
Access-Control-Allow-Credentials: true
X-Amz-Cf-Id: DumvrDyhv5KFqRtG7Xqw2KpVG1CvmockfqWMbEg8J-QyEzosvSAMEw==

POST
H2 200 /
track.adform.net/csimpr/ Frame CCD0 35 B
503 B 28ms
27ms Ping
image/gif 37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=53578336&csi=1Rz8_0v_WeCTSxBWIZbBmcBU-aJbydRm56ozhk9pkmDrygPkIxxfk5f1PlFw0G8S9KYh_Fu_GTRA_KVkxzhcQGQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 01:30:06 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 51855123.png
s1.adform.net/Banners/51855123/ Frame CCD0 78 KB
78 KB 19ms
19ms Image
image/png 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/51855123/51855123.png?bv=1
Requested by: Host: 3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com
URL: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 6da8ecfa2f77607a7d1a9ade762d6422a34f241dfdedd854dc9839933ce6ee66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:06 GMT
last-modified: Thu, 26 May 2022 19:03:28 GMT
server: nginx
x-amz-request-id: tx00000000000005aac5ada-0062e5c8a3-323354ba-default
etag: "9869ac5e79b53032129d09f41ed74c04"
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 79853

POST
H2 200 /
track.adform.net/csimpr/ Frame 1D8B 35 B
503 B 28ms
27ms Ping
image/gif 37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=54736914&csi=pc4annrYklAiqhtq-3aFW7HiAMWV9_jZuzOJYom2HRLrygPkIxxfk_zfqhOtjF1gsVJwDvvGYiErTbiLU4bFzGQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 01:30:06 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 52957007.png
s1.adform.net/Banners/52957007/ Frame 1D8B 42 KB
42 KB 19ms
19ms Image
image/png 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/52957007/52957007.png?bv=1
Requested by: Host: 3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com
URL: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: aad8e52435bbf0b56092d8f6e923bef6685e87f80ed10d8cd64b78c64a7373c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:06 GMT
last-modified: Tue, 24 May 2022 14:04:47 GMT
server: nginx
x-amz-request-id: tx00000000000005ad197bf-0062e5c707-323350c8-default
etag: "35131fa93796c778240f72568fff7617"
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 42941

GET
H2 200 / Show response
graph.facebook.com/ 231 B
639 B 80ms
28ms Script
text/javascript 2a03:2880:f01c:800e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&callback=_grf_2645607421132872

Requested by

Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-matichonweeklycom.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a1677303bcd387e2270564b14b34621e7b240f91429be28fff78695b2ef3b747

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
www-authenticate: OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev: 1005942984
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 174
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: ektQp5+3Trj/MWpiwJynnNM1rJxB7GYxefCVCPPBAXrN4BQlKsJOgD2ItlWm92sHiWlEqio9DOd0BOgmSUxlfA==
x-fb-trace-id: CIxvjYrMVfa
date: Sun, 31 Jul 2022 01:30:07 GMT
vary: Origin, Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: A5pQS_dPKD_GzIJ_caf3yDA
cache-control: no-store
facebook-api-version: v7.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 share.php Show response
vk.com/ 21 B
567 B 135ms
50ms Script
text/html 87.240.190.78
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vk.com/share.php?act=count&url=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&index=0

Requested by

Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-matichonweeklycom.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.190.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv78-190-240-87.vk.com

Software

kittenx / KPHP/7.4.111734

Resource Hash

09b8585932e9851125c885d435a53f925d6b4d508b9f49b5cb929690509f1d85

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:07 GMT
content-encoding: gzip
x-frontend: front225206
server: kittenx
x-powered-by: KPHP/7.4.111734
strict-transport-security: max-age=15768000
content-type: text/html; charset=windows-1251
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 41

GET
H2 200 dk Show response
connect.ok.ru/ 25 B
2 KB 194ms
48ms Script
application/javascript 217.20.155.208
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ok.ru/dk?st.cmd=extLike&uid=odklcnt0&ref=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338

Requested by

Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-matichonweeklycom.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

217.20.155.208 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

ip208.155.odnoklassniki.ru

Software

apache /

Resource Hash

48d1186e375dd91148851d1b190b40e99f821b7258e175c3ac15f7c05673096a

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru .ok.ru odnoklassniki.ru .odnoklassniki.ru mycdn.me http://.mycdn.me https://.mycdn.me wss://ad.mail.ru .mail.ru .imgsmail.ru .mradx.net .serving-sys.com .googleapis.com .gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st .doubleverify.com .adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru .google.ru .google.com .googlesyndication.com .yandex.ru blob:; script-src 'unsafe-inline' 'unsafe-eval' .mail.ru https://.mail.ru .imgsmail.ru .mradx.net ok.ru .ok.ru odnoklassniki.ru .odnoklassniki.ru mycdn.me http://.mycdn.me https://.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st .google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru .googleapis.com .gstatic.com www.google.com www.youtube.com https://www.youtube.com .ytimg.com https://.ytimg.com .doubleverify.com .dvtps.com .doubleclick.net .googletagservices.com .googlesyndication.com .googleadservices.com .goodgame.ru https://.goodgame.ru https://.moatads.com .adlooxtracking.com .adlooxtracking.ru .adsafeprotected.com .serving-sys.com .serving-sys.ru .weborama.fr .weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru .googletagmanager.com connect.facebook.net .google.ru .google.com .googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
Strict-Transport-Security	max-age=63072000;includeSubdomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:07 GMT
content-encoding: br
vary: Accept-Encoding
rendered-blocks: WidgetExtLike
content-security-policy-report-only: default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
x-xss-protection: 1; mode=block
pragma: no-cache
server: apache
strict-transport-security: max-age=63072000;includeSubdomains;preload
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-security-policy: default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com *.yandex.ru blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adlooxtracking.ru *.adsafeprotected.com *.serving-sys.com *.serving-sys.ru *.weborama.fr *.weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
x-content-type-options: nosniff
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 main.19.8.335.js Show response
static.adsafeprotected.com/ 193 KB
60 KB 71ms
9ms Script
application/javascript 2600:9000:214f:8c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.335.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=931153&advId=Dable&campId=IAS_Test_Campaign_Apr2021&adsafe_par&bidurl=null
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:8c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca8f5b527f7b05cc197be6a570581130a8c18cbb7fc102c5818cce3fa7a199b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 15:55:57 GMT
content-encoding: gzip
age: 207250
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 28 Jul 2022 07:03:33 GMT
server: AmazonS3
etag: W/"74598d65d04c1983f5c3b79a038ac65b"
vary: Accept-Encoding
x-amz-version-id: QcdRgQdWB6J1rHL.kt_hpInWIdvckEYm
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: rTx0h125ZElT7QBVJcitRvnrxVYkAzr3HYaP3ETbY5ZTyUC8xnNg6g==

GET
H2

201

/ Show response
api.quantumgraph.com/web/cm/
Redirect Chain

https://api.quantumgraph.com/web/cm/
https://gocm.c.appier.net/qg?a_i=/web/cm/?from=dback
https://api.quantumgraph.com/web/cm/?from=dback&qaid=vuVCJuiWX6dFyx82OYb_0Q&noredir=1

36 B
379 B

255ms
255ms

XHR
application/json

18.138.171.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.quantumgraph.com/web/cm/?from=dback&qaid=vuVCJuiWX6dFyx82OYb_0Q&noredir=1
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H2
Server: 18.138.171.139 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-138-171-139.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.3.9.v20160517) /
Resource Hash: cc4a4e57220edd8226ec13e560303de81fc6222356bd35df5cb4ebbfbbe1c289

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:08 GMT
server: Jetty(9.3.9.v20160517)
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: null
access-control-allow-credentials: true
access-control-allow-headers: Package-Name, Content-Type
content-length: 36
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Sun, 31 Jul 2022 01:30:08 GMT
server: nginx
access-control-allow-origin: null
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://api.quantumgraph.com/web/cm/?from=dback&qaid=vuVCJuiWX6dFyx82OYb_0Q&noredir=1
cache-control: no-store
access-control-allow-credentials: true
content-type: text/html; charset=utf-8
content-length: 116

GET
H2 200 aa.js Show response
jscdn.appier.net/ 52 KB
20 KB 61ms
18ms Script
text/javascript 34.111.114.222
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://jscdn.appier.net/aa.js?id=matichonweekly.com
Requested by: Host: cdn.qgraph.io
URL: https://cdn.qgraph.io/v3/r/aiqua.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.114.222 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 222.114.111.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5618af731dc478d20e8a62fd09850f4592a353adb7cee7d899ca475811e06d87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 16:45:36 GMT
via: 1.1 google
server: nginx
age: 31471
etag: W/"403b1e83addec1a3b250e3194e5d8a18"
content-type: text/javascript; charset=utf-8
cache-control: public,max-age=0
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19920

GET
H2 200 list Show response
a.th.giraff.io/rtb/match/ 55 B
557 B 524ms
164ms XHR
text/plain 23.106.249.95
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.th.giraff.io/rtb/match/list
Requested by: Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-matichonweeklycom.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 23.106.249.95 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: nginx /
Resource Hash: 68373eec97343cf05d245626b50d5afad969c2384fd23eb1a7be48cfb449a39b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:07 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.matichonweekly.com
access-control-max-age: 1728000
access-control-allow-credentials: true
content-type: text/plain; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4AC6 42 B
64 B 103ms
49ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuH02rf-rBWAZM5geQg7P0sEBc1HccbKb-lJ2XES9JGpIZb729LZV8xFrDxDmw9FFJf9sfRkvqI2M1gVtA_3Oj2ew4&sig=Cg0ArKJSzLT6XMEa2WtNEAE&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220727&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=583376598&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1659231005449&rpt=290&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 01:30:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C605 42 B
64 B 49ms
48ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssMKa1SspTkHDJeCGyFemGgU0rb8PA2PolN3manldDa9pxJ8mCw2vRD5f0LbJ43fAEw5IAno_TbTDDb_gwdnfUhtfc&sig=Cg0ArKJSzIEinna7sRMcEAE&id=lidar2&mcvt=1000&p=241,250,331,978&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220727&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=643394631&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1659231005430&rpt=387&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 01:30:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK swipe.min.css
static.dable.io/static/b/infinite-swipe/dist/ Frame 5382 830 B
807 B 8ms
7ms Stylesheet
text/css 104.111.225.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/static/b/infinite-swipe/dist/swipe.min.css
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/57wjnOo8/users/71941740.1659231006062?from=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&url=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&ref=&cid=71941740.1659231006062&uid=71941740.1659231006062&site=matichonweekly.com&id=dablewidget_57wjnOo8_WXp4M4XY&category1=%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%94%E0%B9%88%E0%B8%99&ad_params=%7B%7D&item_id=563338&item_pub_date=2022-06-07T08%3A29%3A53%2B00%3A00&pixel_ratio=1&client_width=694&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-225-233.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d3743330192c96b9b8f5b72f69f932359bb892b65535311b1ffb1fef98536c23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/57wjnOo8/users/71941740.1659231006062?from=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&url=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&ref=&cid=71941740.1659231006062&uid=71941740.1659231006062&site=matichonweekly.com&id=dablewidget_57wjnOo8_WXp4M4XY&category1=%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%94%E0%B9%88%E0%B8%99&ad_params=%7B%7D&item_id=563338&item_pub_date=2022-06-07T08%3A29%3A53%2B00%3A00&pixel_ratio=1&client_width=694&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: 3wsoX9oiTtQq5z8aSQWNt.CSLC7W7Bku
Content-Encoding: gzip
Last-Modified: Tue, 05 Jan 2021 04:12:45 GMT
Server: Apache
x-amz-request-id: 39705653E55C092C
ETag: "7570769c6f4af63877b73ce88e833efe"
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Date: Sun, 31 Jul 2022 01:30:06 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 316
x-amz-id-2: DOzmg67Fma9HnGFjJ5TLfsqP8B8E5vrsM12A36fgMiYAhmQWEDH/9rAcO1X1AG55m5F0KEmQ/BA=

GET
H/1.1 200
OK widget.v2.min.css
static.dable.io/dist/ Frame 5382 13 KB
4 KB 15ms
7ms Stylesheet
text/css 104.111.225.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/widget.v2.min.css?
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/57wjnOo8/users/71941740.1659231006062?from=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&url=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&ref=&cid=71941740.1659231006062&uid=71941740.1659231006062&site=matichonweekly.com&id=dablewidget_57wjnOo8_WXp4M4XY&category1=%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%94%E0%B9%88%E0%B8%99&ad_params=%7B%7D&item_id=563338&item_pub_date=2022-06-07T08%3A29%3A53%2B00%3A00&pixel_ratio=1&client_width=694&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-225-233.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d86c8d510fc7334badac90c7e5413bac08c068cb403e85f49e299c13895fe113

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/57wjnOo8/users/71941740.1659231006062?from=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&url=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&ref=&cid=71941740.1659231006062&uid=71941740.1659231006062&site=matichonweekly.com&id=dablewidget_57wjnOo8_WXp4M4XY&category1=%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%94%E0%B9%88%E0%B8%99&ad_params=%7B%7D&item_id=563338&item_pub_date=2022-06-07T08%3A29%3A53%2B00%3A00&pixel_ratio=1&client_width=694&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: i1vBFAb888FUxvTqQ.wEtcmM5r9D8F30
Content-Encoding: gzip
Last-Modified: Wed, 23 Jun 2021 08:27:13 GMT
Server: Apache
x-amz-request-id: H3GPB0KH3X70A3NC
ETag: "229cc68f6258d0aa0bef6b143d748991"
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: public, max-age=86400
Date: Sun, 31 Jul 2022 01:30:06 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3373
x-amz-id-2: DVlYRSu7cXPH2d7rAIquNBLLLChGnH4a06ClpLZanXkHTaNJjMyCcmlHv1VwyzpvfV36Vbc6r2o=

GET
H/1.1 200
OK f6f6f6.png
static.dable.io/static/i/ Frame 5382 83 B
611 B 20ms
7ms Image
image/png 104.111.225.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dable.io/static/i/f6f6f6.png
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/57wjnOo8/users/71941740.1659231006062?from=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&url=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&ref=&cid=71941740.1659231006062&uid=71941740.1659231006062&site=matichonweekly.com&id=dablewidget_57wjnOo8_WXp4M4XY&category1=%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%94%E0%B9%88%E0%B8%99&ad_params=%7B%7D&item_id=563338&item_pub_date=2022-06-07T08%3A29%3A53%2B00%3A00&pixel_ratio=1&client_width=694&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-225-233.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ff73967a98dbf0e26497c62c5d6e0fd9d0968f92031da77900e05a2ec344d3e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/57wjnOo8/users/71941740.1659231006062?from=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&url=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&ref=&cid=71941740.1659231006062&uid=71941740.1659231006062&site=matichonweekly.com&id=dablewidget_57wjnOo8_WXp4M4XY&category1=%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%94%E0%B9%88%E0%B8%99&ad_params=%7B%7D&item_id=563338&item_pub_date=2022-06-07T08%3A29%3A53%2B00%3A00&pixel_ratio=1&client_width=694&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: Ca5cEPOEqu1JS3QpRDnwNdCnzD9veP5v
Content-Encoding: gzip
Last-Modified: Tue, 02 Mar 2021 06:35:50 GMT
Server: Apache
x-amz-request-id: A74E3AC9B94295FA
ETag: "c684e92ff40cdf977c18be6a031e6e54"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=864000
Date: Sun, 31 Jul 2022 01:30:06 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 96
x-amz-id-2: NCjPtdq8kaPGqc6TpUypjvIKhhX0jc88Y2RUNlDJzr3pWjlms5hXpoLorAtlfetNnuUvbga2nlk=

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 5382 95 KB
34 KB 58ms
23ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: api.dable.io
URL: https://api.dable.io/widgets/id/57wjnOo8/users/71941740.1659231006062?from=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&url=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&ref=&cid=71941740.1659231006062&uid=71941740.1659231006062&site=matichonweekly.com&id=dablewidget_57wjnOo8_WXp4M4XY&category1=%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%94%E0%B9%88%E0%B8%99&ad_params=%7B%7D&item_id=563338&item_pub_date=2022-06-07T08%3A29%3A53%2B00%3A00&pixel_ratio=1&client_width=694&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/57wjnOo8/users/71941740.1659231006062?from=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&url=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&ref=&cid=71941740.1659231006062&uid=71941740.1659231006062&site=matichonweekly.com&id=dablewidget_57wjnOo8_WXp4M4XY&category1=%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%94%E0%B9%88%E0%B8%99&ad_params=%7B%7D&item_id=563338&item_pub_date=2022-06-07T08%3A29%3A53%2B00%3A00&pixel_ratio=1&client_width=694&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:11:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1095
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 31 Jul 2023 01:11:51 GMT

GET
H/1.1 200
OK widget.min.js Show response
static.dable.io/dist/ Frame 5382 56 KB
18 KB 20ms
7ms Script
application/javascript 104.111.225.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/widget.min.js?
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/57wjnOo8/users/71941740.1659231006062?from=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&url=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&ref=&cid=71941740.1659231006062&uid=71941740.1659231006062&site=matichonweekly.com&id=dablewidget_57wjnOo8_WXp4M4XY&category1=%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%94%E0%B9%88%E0%B8%99&ad_params=%7B%7D&item_id=563338&item_pub_date=2022-06-07T08%3A29%3A53%2B00%3A00&pixel_ratio=1&client_width=694&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-225-233.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 944146ef126e70cb54d0e7e925f81b68d9a7dc885a8b4f21adc5b684884f4e5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/57wjnOo8/users/71941740.1659231006062?from=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&url=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&ref=&cid=71941740.1659231006062&uid=71941740.1659231006062&site=matichonweekly.com&id=dablewidget_57wjnOo8_WXp4M4XY&category1=%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%94%E0%B9%88%E0%B8%99&ad_params=%7B%7D&item_id=563338&item_pub_date=2022-06-07T08%3A29%3A53%2B00%3A00&pixel_ratio=1&client_width=694&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: naPJNEOKHCrklou5HNv8dZuB4kbl.Hff
Content-Encoding: gzip
Last-Modified: Tue, 14 Jun 2022 02:19:11 GMT
Server: nginx/1.20.0
x-amz-request-id: ST9XWV3S3SM2M2FR
ETag: "32d556867498bb7efa5eab2be1c460fe"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=86400
Date: Sun, 31 Jul 2022 01:30:06 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17721
x-amz-id-2: gG9es0goPGolLkAJS1AAfr5oX0OdMHrAK7G18DzjtYvXzDGZj1VuAJGbG1S90OY6txHHxvbgg5E=

GET
H2 200 css2
fonts.googleapis.com/ Frame 5382 7 KB
1 KB 94ms
38ms Stylesheet
text/css 2a00:1450:4014:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Sarabun:wght@100;200;300;400;700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b6d20032c4fc0c7b9ef1b30b5788dba3ec59e9175bc66a1c78dd872accb5e062

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/57wjnOo8/users/71941740.1659231006062?from=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&url=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&ref=&cid=71941740.1659231006062&uid=71941740.1659231006062&site=matichonweekly.com&id=dablewidget_57wjnOo8_WXp4M4XY&category1=%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%94%E0%B9%88%E0%B8%99&ad_params=%7B%7D&item_id=563338&item_pub_date=2022-06-07T08%3A29%3A53%2B00%3A00&pixel_ratio=1&client_width=694&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 31 Jul 2022 01:30:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 31 Jul 2022 01:30:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 31 Jul 2022 01:30:06 GMT

GET
H2 200 3001652-2067283-240-180.m3u8 Show response
3001653-matichon-weekly.cf.ivideosmart.com/3001652/2067283/ 488 B
1016 B 725ms
725ms XHR
application/vnd.apple.mpegurl 2600:9000:206f:4800:13:dd95:c600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://3001653-matichon-weekly.cf.ivideosmart.com/3001652/2067283/3001652-2067283-240-180.m3u8
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.12.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4800:13:dd95:c600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 02596787bdfdd5ad9150e4ed2ac1c3e3c1d6fec89fe1378e705d3ee370faa80f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:08 GMT
via: 1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-length: 488
last-modified: Tue, 07 Jun 2022 04:06:15 GMT
server: AmazonS3
etag: "dec2a6db386997a030df19420d0dcbe7"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: https://www.matichonweekly.com
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-cf-id: vU-ewtmun3A_5lw4o63YVUslHR3GoTR7r9mO5Urvs-903PREQoaXlA==

GET
H/1.1 200
OK logo-text-tiny-gray.png
images.dable.io/static/i/ Frame 5382 661 B
1 KB 44ms
7ms Image
image/png 104.111.225.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/static/i/logo-text-tiny-gray.png
Requested by: Host: static.dable.io
URL: https://static.dable.io/dist/widget.v2.min.css?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-225-233.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f324c06e9e87405a95bfd62767836e03f5365df485a050564a4bcea15d1e82fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.dable.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: null
ETag: "2260fca7dca92761058aace21a176daa"
x-amz-request-id: 35CC7113A1175327
Connection: keep-alive
Content-Length: 661
x-amz-id-2: U4W2TbYFM14WY5X5PIAvx3BT459MKI06wmRY8JX2RnzHWJbbcfoziygigIRtHm+hRZd7CjRYx2w=
Last-Modified: Mon, 24 Aug 2020 02:55:47 GMT
Server: Apache
Date: Sun, 31 Jul 2022 01:30:06 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=864000
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 DtVmJx26TKEr37c9YK5silss6w.woff2
fonts.gstatic.com/s/sarabun/v13/ Frame 5382 10 KB
11 KB 87ms
21ms Font
font/woff2 2a00:1450:4014:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sarabun/v13/DtVmJx26TKEr37c9YK5silss6w.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Sarabun:wght@100;200;300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80b::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ac242ca01033f140f43a397a96e72c8ce6d3c241bd58353aba0dc9d0822f59d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://api.dable.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 02:36:18 GMT
x-content-type-options: nosniff
age: 428029
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10660
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:30:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jul 2023 02:36:18 GMT

GET
H2 200 DtVmJx26TKEr37c9YK5sik8s6zDX.woff2
fonts.gstatic.com/s/sarabun/v13/ Frame 5382 9 KB
10 KB 91ms
25ms Font
font/woff2 2a00:1450:4014:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sarabun/v13/DtVmJx26TKEr37c9YK5sik8s6zDX.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Sarabun:wght@100;200;300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80b::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08e53442748a876d664005ea82f14fe894211f54adab26f33e9eb4e332c68b0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://api.dable.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 01:52:31 GMT
x-content-type-options: nosniff
age: 85056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:56:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jul 2023 01:52:31 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 23C9 0
127 B 20ms
16ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 31 Jul 2022 01:30:06 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

POST
H2 200 all
csm.eu.criteo.net/ Frame D357 0
127 B 20ms
17ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 31 Jul 2022 01:30:06 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2

200

sync
code.yengo.com/
Redirect Chain

https://s.uuidksinc.net/match/480/?remote_uid=417644797
https://code.yengo.com/sync?dsp=kadam&id=at9CSRw6rIkZIW13dqda

43 B
341 B

501ms
162ms

Image
image/gif

23.106.249.95
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://code.yengo.com/sync?dsp=kadam&id=at9CSRw6rIkZIW13dqda
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H2
Server: 23.106.249.95 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:07 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"

Redirect headers

location: https://code.yengo.com/sync?dsp=kadam&id=at9CSRw6rIkZIW13dqda
date: Sun, 31 Jul 2022 01:30:07 GMT
server: nginx/1.19.0
content-length: 0

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 9E52 80 KB
21 KB 8ms
8ms Script
application/javascript 2600:9000:214f:8c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:8c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:34:34 GMT
content-encoding: gzip
age: 6540934
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: eVbzlt7xVbQeNmIlu3YNCc9HUH_SUrptPXVzrO_aTob5Mp4Ys8c42Q==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
215 B 43ms
43ms Image
image/gif 52.19.54.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=931153&advId=Dable&campId=IAS_Test_Campaign_Apr2021&adsafe_par&bidurl=null&adsafe_url=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.matichonweekly.com%2F&adsafe_type=f&adsafe_jsinfo=,id:a86ad1d1-7953-3872-cff6-b97b5c6df4e1,c:jU7AxE,sl:outOfView,em:false,fr:true,thd:1,mn:jsserver-primary-885bc694d-q9lff,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:0.0.1600.5850,am:a,cc:0.0.1600.5850,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,an:n,oam:0,scm:publ1.grpm1,mtim:871,mot:0,app:0,maw:0,fm:td7Kd5b+1*.931153%7C11%7C12%7C13%7C14%7C15%7C161%7C171%7C181%7C191%7C1a1%7C1b1%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h,idMap:1*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:905,oid:4ee3d8e6-1070-11ed-bd21-162eb4258195,v:19.8.335,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.54.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-54-25.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 01:30:07 GMT
x-server-name: app02.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 279ms
87ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931153&asId=a86ad1d1-7953-3872-cff6-b97b5c6df4e1&tv=%7Bc:jU7AxF,pingTime:-8,time:906,type:l,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:906,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:904,wc:0.0.1600.1200,ac:0.0.1600.5850,am:a,cc:0.0.1600.5850,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B32~0%5D,as:%5B32~1600.5850%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:0,fm:td7Kd5b+1*.931153%7C11%7C12%7C13%7C14%7C15%7C161%7C171%7C181%7C191%7C1a1%7C1b1%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h,idMap:1*,rmeas:1,rend:0,renddet:na%7D&br=c
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 31 Jul 2022 01:30:07 GMT
X-Server-Name: dt53.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 269ms
88ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931153&asId=a86ad1d1-7953-3872-cff6-b97b5c6df4e1&tv=%7Bc:jU7Ay4,pingTime:-2,time:931,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:4479,bdZ:4632,beA:4640,beZ:4641,mfA:5511,cmA:5512,inA:5512,inZ:5516,prA:5516,prZ:5523,si:5545,poA:5547,poZ:5560,cmZ:5560,mfZ:5560,loA:5566,loZ:5566,ltA:5571,ltZ:5571,mdA:4642,mdZ:5484%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1600,h:5850,t:905%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:931,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:904,wc:0.0.1600.1200,ac:0.0.1600.5850,am:a,cc:0.0.1600.5850,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B57~0%5D,as:%5B57~1600.5850%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:0,fm:td7Kd5b+1*.931153%7C11%7C12%7C13%7C14%7C15%7C161%7C171%7C181%7C191%7C1a1%7C1b1%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h,idMap:1*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,slid:%5B%5D,sinceFw:23,readyFired:true%7D&br=c
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 31 Jul 2022 01:30:07 GMT
X-Server-Name: dt59.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 impression
r-log.dable.io/s/matichonweekly.com/u/71941740.1659231006062/ Frame 5382 35 B
140 B 284ms
283ms Image
image/gif 3.34.229.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r-log.dable.io/s/matichonweekly.com/u/71941740.1659231006062/impression?source=563338&pick=&rm=50.1.1&cm=0.0.0&channel=PC_Bottom.standard&reco_type=hot-items&cid=71941740.1659231006062&widget_id=57wjnOo8&request_id=ywmg8A69rhyjn1vw&reco_list_lz=NobwRAlgJmBcYFYAcAWAbGgDGANGAtgKYAuAFgPYzwKYB0AjA2AL47jRyJL1ICcSuAiQpVEdRvRZtIo5CgDsmAXiJlKnGgyat2s1GgSSVw9dXHbpHaqgQJeg1SI3nJOmRqQBmAEy8jQtVkXKV0PFBReeQcTIK1XSz0UeiVowOc4kPdrHyxUpzMMtysuBUxsYzSCiUzihHleO0880zFChLCEdGbY6qLEtAVu9N726ySaIaqLUOy0JGUA-NaRmcR6%2BW9-RxbNFaySmjRJ5en9uVstmOHT2q9vX2Pdm71PJARvR%2BDmAF0gA&uri=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&is_gif=1
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.34.229.18 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-34-229-18.ap-northeast-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/57wjnOo8/users/71941740.1659231006062?from=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&url=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&ref=&cid=71941740.1659231006062&uid=71941740.1659231006062&site=matichonweekly.com&id=dablewidget_57wjnOo8_WXp4M4XY&category1=%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%94%E0%B9%88%E0%B8%99&ad_params=%7B%7D&item_id=563338&item_pub_date=2022-06-07T08%3A29%3A53%2B00%3A00&pixel_ratio=1&client_width=694&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 31 Jul 2022 01:30:07 GMT
server: nginx/1.20.0
content-length: 35
content-type: image/gif

GET
H2 200 request
sp-api.dable.io/services/matichonweekly.com/users/71941740.1659231006062/campaigns/57WknmO6PH0q/contents/369gROYR5Cxj/ Frame 5382 35 B
108 B 888ms
308ms Image
image/gif 3.37.25.164
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp-api.dable.io/services/matichonweekly.com/users/71941740.1659231006062/campaigns/57WknmO6PH0q/contents/369gROYR5Cxj/request?q=N4IgxglgJiBcIHYCMBOALEhaAMA6JAbAKwoBMAzEttgTaSADQgDu0A5gKYAuA%2BtHCCIJmAKwB2AeQD2ADkYgAThwCOAVw4BnXv3gBPZgFs2MgIIEUCgBa7xSAG7N5StZt5cIBjnEIkKVGgikKEwaUqoKYF7wRATkcXJMnlyWUjDwSPi42PJglgCGYmIcADYCAAoAwjwAQlJcXFIGuFoFUHkKMEwcAB4ADhBKaSAAyqpiAAQAUqrF45TjpNikpOPYSLDk2LA04wDiALIAKgDU1NTy4RAClvW9GrAA9A-ML7gGee65UmLMHBwA1sVdLgwI0HikuABaIrMDQPdqfYocHgxOLkBIgCBiOwcMQNBS6PhDKjkNBEAA%2BQlEklk8gaXDyxR4vTynG8TBZbNgSBCEAAXlFSCFinV2YoCv84NgmBAuBwDDwwB8BIAgOEAEnCAJjhAORwgAE4QAocGrAJhw8gARqlCUixGxknBSAgUAQAL5AA&is_gif=1
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.37.25.164 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-37-25-164.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/57wjnOo8/users/71941740.1659231006062?from=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&url=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&ref=&cid=71941740.1659231006062&uid=71941740.1659231006062&site=matichonweekly.com&id=dablewidget_57wjnOo8_WXp4M4XY&category1=%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%94%E0%B9%88%E0%B8%99&ad_params=%7B%7D&item_id=563338&item_pub_date=2022-06-07T08%3A29%3A53%2B00%3A00&pixel_ratio=1&client_width=694&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:08 GMT
content-type: image/gif
server: nginx

GET
H2 200 request
sp-api.dable.io/services/matichonweekly.com/users/71941740.1659231006062/campaigns/369qGERQocoQ/contents/J8Pn2JlWgTp6/ Frame 5382 35 B
109 B 879ms
300ms Image
image/gif 3.37.25.164
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp-api.dable.io/services/matichonweekly.com/users/71941740.1659231006062/campaigns/369qGERQocoQ/contents/J8Pn2JlWgTp6/request?q=N4IgxglgJiBcIHYCMBOALEhaAMA6JAbAKwoBMAzEttgTaSADQgDu0A5gKYAuA%2BtHCCIJmAKwB2AeQD2ADkYgAThwCOAVw4BnXv3gBPZgFs2MgIIEUCgBa7xSAG7N5StZt5cIBjnEIkKVGgikKEwaUqoKYF7wRATkcXJMnlyWUjDwSPi42PJglgCGYmIcADYCAAoAwjwAQlJcXFIGuFoFUHkKMEwcAB4ADhBKaSAAyqpiAAQAUqrF45TjpNikpOPYSLDk2LA04wDiALIAKgDU1NTy4RAClvW9GrAA9A-ML7gGee65UmLMHBwA1sVdLgwI0HikuABaIrMDQPdqfYocHgxOLkBIgCBiOwcMQNBS6PhDKjkNBEAA%2BQlEklk8gaXDyxR4vTynG8TBZbNgSBCEAAXlFSCFinU4ELFAV-uzMVwOAYeGAPgJAEBwgAk4QBMcIByOEAAnCAFDhVYBMOHkACNUoSkWI2MkxQgUAQAL5AA&is_gif=1
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.37.25.164 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-37-25-164.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/57wjnOo8/users/71941740.1659231006062?from=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&url=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&ref=&cid=71941740.1659231006062&uid=71941740.1659231006062&site=matichonweekly.com&id=dablewidget_57wjnOo8_WXp4M4XY&category1=%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%94%E0%B9%88%E0%B8%99&ad_params=%7B%7D&item_id=563338&item_pub_date=2022-06-07T08%3A29%3A53%2B00%3A00&pixel_ratio=1&client_width=694&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:08 GMT
content-type: image/gif
server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 263ms
87ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931153&asId=a86ad1d1-7953-3872-cff6-b97b5c6df4e1&tv=%7Bc:jU7Az9,time:998,type:e,im:%7Bimprf:%7Bttecl:1128,ecd:44,tsecr:3%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:998,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:904,wc:0.0.1600.1200,ac:0.0.1600.5850,am:a,cc:0.0.1600.5850,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B124~0%5D,as:%5B124~1600.5850%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:0,fm:td7Kd5b+1*.931153%7C11%7C12%7C13%7C14%7C15%7C161%7C171%7C181%7C191%7C1a1%7C1b1%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h,idMap:1*,rmeas:1,rend:0,renddet:na%7D&br=c
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 31 Jul 2022 01:30:07 GMT
X-Server-Name: dt41.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1D8B 42 B
64 B 49ms
49ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstOtq-z7OAvCgmMdrvKVh5urtkFAUSguXIVEKDDaZWArNMGqBfcfZ2VL7jj2l-uLwycziJ5X14Bj7pezYcqMGdQvniM&sig=Cg0ArKJSzPInoDTzXFeWEAE&id=lidar2&mcvt=1002&p=459,1004,709,1304&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20220727&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=546588198&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1659231005616&rpt=860&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 01:30:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame 1D8B 35 B
503 B 30ms
27ms Ping
image/gif 37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=5514431867155879621@@54736914,190916884924567640,100|1102|0|0|0|0|0|0|0||43|1|||||1|0|0|Zx-7hHJ1MvNX7EYoWZQhUbPeTr-2FSpSWXHi9_ClflFAyVEzoo3CNRhpnBRkvb3lA7z_uuw_WOM1|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 01:30:07 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 /
track.adform.net/Serving/Event/ Frame 1D8B 35 B
303 B 30ms
28ms Image
image/gif 37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/Serving/Event/?bn=54736914&event=178&time=2&baid=52957007&name=Viewable%20impressions&imprid=190916884924567640&icid=5514431867155879621&eData=pc4annrYklD8VXBZXJ5GTnFN-4BJGBoe4fn4X_ACi5g4s7-ut3v2iHdOqQBNr3h8p23XajvmhZ0au94oJsHc8Q2&rtbdata=jMNqeDmYZHgaSzoTe8HMNl6arq47-yp4WFtVPkKUFOa48WMjzfw3ud6SuHUpcfH_B0Zv1VhWI66OvFbjh7gQ6ufKzgBhh6_DAIjiNGvCUiREZkQGlo2dbo6EVxbDdz9US26aUDwjug3YrsYTr2JOiOMZ3YqXnzHD2Myw-FS0YBo-RWxoQJMbwVPjUPNFVW_dBLNIu_zkaMC2u77HrKq3g9cTvEtvGttzS753wsUDWBO7xqb19ALBAfR0smSI_CFaEcf9rQ6MP4nz9rXqFQxLjR6lrPVpjaIB_G8f7NSXBwg9XkpDYjqXI7ymL2oqizCPcPokOIQ91jy6bQUpVuWVj8N4iOtIBxgX0&rtbwp=YuXbHQADmaYK4GiBAA8IVRNcumCueU99SoHovQ&rnd=925929296

Requested by

Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 01:30:07 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
expires: -1

GET
H2 200 3001652-2067283-240-180-0000.ts Show response
3001653-matichon-weekly.cf.ivideosmart.com/3001652/2067283/ 80 KB
81 KB 773ms
772ms XHR
video/mp2t 2600:9000:206f:4800:13:dd95:c600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://3001653-matichon-weekly.cf.ivideosmart.com/3001652/2067283/3001652-2067283-240-180-0000.ts
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.12.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4800:13:dd95:c600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 76aecb3c9ebe74d9adb2ec0d106647d92b2d0924730fe95c51790a7c622b6c52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:09 GMT
via: 1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-length: 82344
last-modified: Tue, 07 Jun 2022 04:06:15 GMT
server: AmazonS3
etag: "0799b41f5d1474359cf14a0c4d3af80f"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: video/mp2t
access-control-allow-origin: https://www.matichonweekly.com
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-cf-id: sH8SzB8mxwZnHQm6RRkRNb2NyeUlWIYsPelvtjRbtfeGEjb9ABaPbw==

GET
BLOB 200
OK 1b963faa-6999-45bf-a796-00763adf8410
https://www.matichonweekly.com/ 63 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.matichonweekly.com/1b963faa-6999-45bf-a796-00763adf8410
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Length: 64352
Content-Type: text/javascript

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 87ms
86ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931153&asId=a86ad1d1-7953-3872-cff6-b97b5c6df4e1&tv=%7Bc:jU7ADp,pingTime:-10,time:1262,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwMy4wLjUwNjAuMTM0IFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1659231007747%7C%7C473e026c5a7db7e03fb5f65b8fc279bc%7C%7Cdf92c9cff360bda3eafa3e94d6152ec7%7C%7C3376f97fc78657bb505fc218751f863a%7C%7C73b92851c20ff6e2c0ffbd83a23ef731%7C%7Ca5939d425a21487b9bd2e8b588995622%7C%7Cf31bfb767e356f50a37edfb99f08802f%7C%7C98768f1acf9f96b27b5451c25a5c3277%7C%7C1629390669%7D
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 31 Jul 2022 01:30:07 GMT
X-Server-Name: dt41.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK adlogs Show response
in.treasuredata.com/js/v3/event/popin_ads/ 89 B
559 B 450ms
100ms Script
application/javascript 34.199.182.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://in.treasuredata.com/js/v3/event/popin_ads/adlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1659231008078&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0eXBlIjoicmVxIiwicmlkIjoiIiwiYWxnIjoiIiwiY2hhbm5lbF9pZCI6IjUzX2ZlZWRfd2l0aF9zel9wYyIsInRpbWVfc2hvd19zZWNvbmRzIjoyLCJyZXF1ZXN0X2FkIjoxMCwiZG1mIjoibSIsInJlc3BvbnNlX2FkIjoxMCwic21qYWQiOjAsImFwaV9ob3N0IjoidGgucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoid3d3Lm1hdGljaG9ud2Vla2x5LmNvbSIsInVybCI6Imh0dHBzOi8vd3d3Lm1hdGljaG9ud2Vla2x5LmNvbS9ob3QtbmV3cy9hcnRpY2xlXzU2MzMzOCIsImxvZ2lkIjoiYTgxMmJjZTktZmI3OS00ZDkwLTg4ZmYtMDJiNzZhZDI1N2E5IiwidWlkIjoiZDkwNDIwMDFiZWFjMGQ3MjQxNjE2NTkyMzEwMDY0MDMiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiJlMmVjM2I1NC05NGU3LTQ3OTgtODdmOS1jODMzOWY4YzU0NjAiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi4Lia4LiBLiDguJvguK3guKgu4Lie4LiaIOC4meC4seC4geC4reC4reC4geC5geC4muC4muC5g%2BC4meC4geC4o%2BC4uOC4h%2BC5gOC4l%2BC4nuC4ryBXRkgg4LmD4LiK4LmJ4LiL4Lit4Lif4LiV4LmM4LmB4Lin4Lij4LmM4Lic4Li04LiU4LiB4LiO4Lir4Lih4Liy4LiiISIsInRkX3VybCI6Imh0dHBzOi8vd3d3Lm1hdGljaG9ud2Vla2x5LmNvbS9ob3QtbmV3cy9hcnRpY2xlXzU2MzMzOCIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTAzLjAuNTA2MC4xMzQgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiV2luMzIiLCJ0ZF9ob3N0Ijoid3d3Lm1hdGljaG9ud2Vla2x5LmNvbSIsInRkX3BhdGgiOiIvaG90LW5ld3MvYXJ0aWNsZV81NjMzMzgiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2lwIjoidGRfaXAiLCJ0ZF9icm93c2VyIjoidGRfYnJvd3NlciIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6InRkX2Jyb3dzZXJfdmVyc2lvbiIsInRkX29zIjoidGRfb3MiLCJ0ZF9vc192ZXJzaW9uIjoidGRfb3NfdmVyc2lvbiIsImNsaWVudF9pZCI6ImUyZWMzYjU0LTk0ZTctNDc5OC04N2Y5LWM4MzM5ZjhjNTQ2MCIsImNvbW1vbl9jYXRlZ29yeSI6InNvY2lhbCIsImNhdGVnb3J5Ijoi4LiC4LmI4Liy4Lin4LmA4LiU4LmI4LiZIiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjZ9&callback=TreasureJSONPCallback0

Requested by

Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.199.182.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-199-182-125.compute-1.amazonaws.com

Software

Resource Hash

3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 31 Jul 2022 01:30:08 GMT
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
P3P: CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Content-Length: 89
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript

GET
H/1.1 200
OK 49caef8578be88cbbf9e62dc773512ba_160.jpg
imageaws.popin.cc/article/ 48 KB
48 KB 1255ms
495ms Image
image/jpeg 119.63.198.180
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageaws.popin.cc/article/49caef8578be88cbbf9e62dc773512ba_160.jpg
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.198.180 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: b41160aa7e40734b42b924d6394e802b511ad2a732eaf3dcb1c8d30e4b2043f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 31 Jul 2022 01:30:08 GMT
Last-Modified: Sat, 30 Jul 2022 13:19:40 GMT
Server: nginx
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Embedder-Policy: require-corp
ETag: "d56dbc518aba5c38503c64a2b79baadc"
X-Cache-Status: HIT from 10.252.44.28
x-amz-version-id: .nq4xbXqAbJhRdQJtXb9s.poNxRrUA_y
Cache-Control: max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 48979
Expires: Mon, 31 Jul 2023 01:30:08 GMT

GET
H2 200 2755eb42df9447028616b8515371a112.png
d2cli4kgl5uxre.cloudfront.net/ML/ 34 KB
35 KB 99ms
71ms Image
image/png 2600:9000:211e:3800:11:9be7:da80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2cli4kgl5uxre.cloudfront.net/ML/2755eb42df9447028616b8515371a112.png
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:3800:11:9be7:da80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d113270b0085beaea8236b480a8c85af4b7bc0447e32c8c6e081d729c0405a96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
last-modified: Thu, 28 Jul 2022 11:14:34 GMT
server: AmazonS3
age: 67453
etag: "2755eb42df9447028616b8515371a112"
x-cache: Hit from cloudfront
content-type: image/png
date: Sat, 30 Jul 2022 11:36:19 GMT
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 34991
x-amz-cf-id: G6UR7PaEStjQh9P4LcFyiZZWSI3nRg9elCwz3jc2eQre3Owxr-D_sQ==

GET
H/1.1 200
OK 99aaa6a6722e02183198d2e76be0e4c5_160.jpg
imageaws.popin.cc/article/ 32 KB
33 KB 1256ms
498ms Image
image/jpeg 119.63.198.180
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageaws.popin.cc/article/99aaa6a6722e02183198d2e76be0e4c5_160.jpg
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.198.180 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: d27e325ac01eb2db9f69f39f1000c9a431bc4adb1e82c9c429c54eb3e0779281

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 31 Jul 2022 01:30:08 GMT
Last-Modified: Thu, 28 Jul 2022 05:52:14 GMT
Server: nginx
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Embedder-Policy: require-corp
ETag: "9a4803d9673412b4f99872afb04395ad"
X-Cache-Status: HIT from 10.252.43.26
x-amz-version-id: MCa9D065x1uVPgwKOnWDqVUSs4V5yGAz
Cache-Control: max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 32835
Expires: Mon, 31 Jul 2023 01:30:08 GMT

GET
H2 200 d4e68fadc6a913f7405cb82d8a5f2fc0.gif
d2cli4kgl5uxre.cloudfront.net/ML/ 431 KB
432 KB 96ms
71ms Image
image/gif 2600:9000:211e:3800:11:9be7:da80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2cli4kgl5uxre.cloudfront.net/ML/d4e68fadc6a913f7405cb82d8a5f2fc0.gif
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:3800:11:9be7:da80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: faf6a88aa31dff0fa1d61fbcf1a1bdc1151b81157e830f9722d0dea7dcdf451d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
last-modified: Tue, 12 Jul 2022 08:15:19 GMT
server: AmazonS3
age: 63801
etag: "d4e68fadc6a913f7405cb82d8a5f2fc0"
x-cache: Hit from cloudfront
content-type: image/gif
date: Sat, 30 Jul 2022 07:49:31 GMT
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 441452
x-amz-cf-id: QHAiosPjYAdh1rZMeZm2-25oPmcELQhTEf5W1LdeMp9K7XdBrYwYHw==

GET
H/1.1 200
OK 2a27bfd67d58e032e503a71a1bf7c5da_160.jpg
imageaws.popin.cc/article/ 21 KB
22 KB 1256ms
499ms Image
image/jpeg 119.63.198.180
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageaws.popin.cc/article/2a27bfd67d58e032e503a71a1bf7c5da_160.jpg
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.198.180 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: c36212a9f246a9e5b25d86c5df839302435bc23f527ea7649b75e223f080ed11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 31 Jul 2022 01:30:08 GMT
Last-Modified: Tue, 26 Jul 2022 02:19:15 GMT
Server: nginx
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Embedder-Policy: require-corp
ETag: "d0cc59fde2264ccc6ba44dd44ecca8b8"
X-Cache-Status: HIT from 10.252.44.28
x-amz-version-id: JYMOfQBWB.2em2PmXeHh8JKQtRISCMJH
Cache-Control: max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 21599
Expires: Mon, 31 Jul 2023 01:30:08 GMT

GET
H2 200 eda95c98a2247c75d5442853e9687930.gif
d2cli4kgl5uxre.cloudfront.net/ML/ 4 MB
4 MB 31ms
8ms Image
image/gif 2600:9000:211e:3800:11:9be7:da80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2cli4kgl5uxre.cloudfront.net/ML/eda95c98a2247c75d5442853e9687930.gif
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:3800:11:9be7:da80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4cd66a56163bc8fc2d0b3aaffdad70c997e95fb8dec978e09bf0f05574688ff0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
last-modified: Wed, 20 Jul 2022 07:38:34 GMT
server: AmazonS3
age: 65336
etag: "eda95c98a2247c75d5442853e9687930"
x-cache: Hit from cloudfront
content-type: image/gif
date: Sat, 30 Jul 2022 07:22:30 GMT
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 3924870
x-amz-cf-id: O4aduQnOBn_MwE8ZNtEHoPZaeQolpBPM3BaNd1-lJlPccvOGqNeq0w==

GET
H/1.1 200
OK 6a357d1ed3cea7889d24d820816e6a90_160.jpg
imageaws.popin.cc/article/ 19 KB
20 KB 1276ms
508ms Image
image/jpeg 119.63.198.180
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageaws.popin.cc/article/6a357d1ed3cea7889d24d820816e6a90_160.jpg
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.198.180 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 3fe5d81f649921471284c6867e9eedd92925f629f3cd5a68735a6ceace449ad4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 31 Jul 2022 01:30:08 GMT
Last-Modified: Fri, 29 Jul 2022 08:57:04 GMT
Server: nginx
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Embedder-Policy: require-corp
ETag: "828ee1399d275711e6cb393a40be1cdc"
X-Cache-Status: HIT from 10.252.44.28
x-amz-version-id: embBKBdmdsLv0dhyVgJR1gNOyiESRZEA
Cache-Control: max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 19904
Expires: Mon, 31 Jul 2023 01:30:08 GMT

GET
H/1.1 200
OK 5cc751f214162997ea5ac124ff1b179f.jpeg
imageaws.popin.cc/discovery/ 30 KB
31 KB 1307ms
515ms Image
image/jpeg 119.63.198.180
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageaws.popin.cc/discovery/5cc751f214162997ea5ac124ff1b179f.jpeg
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.198.180 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: d63aa579bc22aae521900160eb59d7bbecb007d60a48c90c217ed00044be7470

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 31 Jul 2022 01:30:09 GMT
Last-Modified: Tue, 07 Dec 2021 09:44:03 GMT
Server: nginx
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Embedder-Policy: require-corp
ETag: "e411d0937670d2453697b3f990f5479f"
X-Cache-Status: HIT from 10.252.44.28
x-amz-version-id: OIgGV_CcoK34ykGXxswzi_0Frvp78Z8F
Cache-Control: max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 31020
Expires: Mon, 31 Jul 2023 01:30:09 GMT

GET
H/1.1 200
OK 5245027a441b35ae4542a688e4abbc2d_160.jpg
imageaws.popin.cc/article/ 36 KB
36 KB 1309ms
517ms Image
image/jpeg 119.63.198.180
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageaws.popin.cc/article/5245027a441b35ae4542a688e4abbc2d_160.jpg
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.198.180 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: cbd10cb21b369754d1ee913922c1e56e43568dc82a513e3d8ff94c0883ca029a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 31 Jul 2022 01:30:09 GMT
Last-Modified: Thu, 21 Jul 2022 09:54:33 GMT
Server: nginx
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Embedder-Policy: require-corp
ETag: "78c1617705c5377eed6150ee9f90d5a4"
X-Cache-Status: HIT from 10.252.43.26
x-amz-version-id: NAx4UlS5wJ.RqZZouq0NvqHCskz5lQq4
Cache-Control: max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 36721
Expires: Mon, 31 Jul 2023 01:30:09 GMT

GET
H2 200 d53842f80f6a81e20ebd14982588f36a.png
d2cli4kgl5uxre.cloudfront.net/ML/ 138 KB
138 KB 72ms
71ms Image
image/png 2600:9000:211e:3800:11:9be7:da80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2cli4kgl5uxre.cloudfront.net/ML/d53842f80f6a81e20ebd14982588f36a.png
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:3800:11:9be7:da80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 88e905c74aa8214333eed33d4c21da22647b931cd42dd72f4aa12b91940c0abd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
last-modified: Tue, 12 Jul 2022 06:42:51 GMT
server: AmazonS3
age: 84082
etag: "d53842f80f6a81e20ebd14982588f36a"
x-cache: Hit from cloudfront
content-type: image/png
date: Sat, 30 Jul 2022 03:41:12 GMT
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 140960
x-amz-cf-id: PU9TzEWtb40NIkMqe8nn-Z1c4qEaf_UTFuL-1OMACc9rw1QCYuMruA==

GET
H/1.1 200
OK ba27a0051a07416fc91c8b21813d259a_160.jpg
imageaws.popin.cc/article/ 35 KB
35 KB 509ms
509ms Image
image/jpeg 119.63.198.180
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageaws.popin.cc/article/ba27a0051a07416fc91c8b21813d259a_160.jpg
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.198.180 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: b2e74dfcaff5e1438c1c72ad3888acf062a4566b136b158a371e46784422a290

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 31 Jul 2022 01:30:09 GMT
Last-Modified: Sat, 30 Jul 2022 23:04:55 GMT
Server: nginx
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Embedder-Policy: require-corp
ETag: "5c75eca61ea3f680f22a222ce04ec403"
X-Cache-Status: HIT from 10.252.44.28
x-amz-version-id: .P0rGz_pou7Q8_90Nv.Oq87H5OnlDk9F
Cache-Control: max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 35742
Expires: Mon, 31 Jul 2023 01:30:09 GMT

GET
H2 200 20a880a4b7dfb901ff62869dc7c36d61.png
d2cli4kgl5uxre.cloudfront.net/ML/ 39 KB
40 KB 73ms
72ms Image
image/png 2600:9000:211e:3800:11:9be7:da80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2cli4kgl5uxre.cloudfront.net/ML/20a880a4b7dfb901ff62869dc7c36d61.png
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:3800:11:9be7:da80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9dda059e8035161599612e3148d50157203c46e1323b0233e067507007a0a04c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
last-modified: Wed, 27 Jul 2022 11:34:04 GMT
server: AmazonS3
age: 79961
etag: "20a880a4b7dfb901ff62869dc7c36d61"
x-cache: Hit from cloudfront
content-type: image/png
date: Sat, 30 Jul 2022 11:35:33 GMT
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 40215
x-amz-cf-id: KlYHTCd1KGx2Uwv9Fa7fsNjcKCxNY6bsPZbocHfEDRvc3MD13Im5Jw==

GET
H/1.1 200
OK 52accaea7be68e88824b4ad5741555a1_160.jpg
imageaws.popin.cc/article/ 20 KB
20 KB 501ms
500ms Image
image/jpeg 119.63.198.180
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageaws.popin.cc/article/52accaea7be68e88824b4ad5741555a1_160.jpg
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.198.180 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 060be7d3aea9e633af3b04e95481eaf4faf22fcfdaa7ceafa3099a61851ed69f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 31 Jul 2022 01:30:09 GMT
Last-Modified: Fri, 11 Mar 2022 18:21:24 GMT
Server: nginx
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Embedder-Policy: require-corp
ETag: "30605871a79e3ab98a5a7b4d71da7f00"
X-Cache-Status: HIT from 10.252.44.28
x-amz-version-id: Lct9ujG0TMg31pYQhXwrCyEQm180qqiU
Cache-Control: max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 20071
Expires: Mon, 31 Jul 2023 01:30:09 GMT

GET
H2 200 39ac5ff2fa05962d7ca101d5076977d6.gif
d2cli4kgl5uxre.cloudfront.net/ML/ 3 MB
3 MB 73ms
71ms Image
image/gif 2600:9000:211e:3800:11:9be7:da80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2cli4kgl5uxre.cloudfront.net/ML/39ac5ff2fa05962d7ca101d5076977d6.gif
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:3800:11:9be7:da80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 070db1576416726b781f5b7d6a977518d26dc10d590bf5e95d2ff28d4a2a9738

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
last-modified: Mon, 25 Jul 2022 12:30:33 GMT
server: AmazonS3
age: 74052
etag: "39ac5ff2fa05962d7ca101d5076977d6"
x-cache: Hit from cloudfront
content-type: image/gif
date: Sat, 30 Jul 2022 05:02:44 GMT
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 2715292
x-amz-cf-id: GmKtkXIeZxr_1IT4CK0vfyemb48_tm6s5Wc49UYiEqc395OrdOExPA==

GET
H/1.1 200
OK dcb2154d7c02d03dc8ec1e6a00524235_160.jpg
imageaws.popin.cc/article/ 34 KB
35 KB 500ms
499ms Image
image/jpeg 119.63.198.180
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageaws.popin.cc/article/dcb2154d7c02d03dc8ec1e6a00524235_160.jpg
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.198.180 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: d86d85e17d07c9075a1ae3b3b0beddfefe5767845c5a312d6f72bc2d7ee5391c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 31 Jul 2022 01:30:09 GMT
Last-Modified: Sun, 27 Jun 2021 04:08:35 GMT
Server: nginx
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Embedder-Policy: require-corp
ETag: "e4931868802efd0c34a68a413eb97766"
X-Cache-Status: HIT from 10.252.43.26
x-amz-version-id: lCMA.YVZIG9aunZu0.hmVDKeXK0r.MwP
Cache-Control: max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 35081
Expires: Mon, 31 Jul 2023 01:30:09 GMT

GET
H2 200 0955dd1c2f1f2a2d11e817078c372c35.gif
d2cli4kgl5uxre.cloudfront.net/ML/ 2 MB
2 MB 72ms
71ms Image
image/gif 2600:9000:211e:3800:11:9be7:da80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2cli4kgl5uxre.cloudfront.net/ML/0955dd1c2f1f2a2d11e817078c372c35.gif
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:3800:11:9be7:da80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ff3463f326af73ac0a2a4d2b900b0a5036910e01487f63e327314726133e83ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
last-modified: Wed, 20 Jul 2022 13:53:47 GMT
server: AmazonS3
age: 73723
etag: "0955dd1c2f1f2a2d11e817078c372c35"
x-cache: Hit from cloudfront
content-type: image/gif
date: Sat, 30 Jul 2022 07:41:41 GMT
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 2247866
x-amz-cf-id: LPOFeep5t3Sr_XICmHAFGw-X-7e4pPANIhvg7xZ046Q21Of37TOZQg==

GET
H/1.1 200
OK 882558c6d83d0150e09727f7c0923b5f_160.jpg
imageaws.popin.cc/article/ 31 KB
32 KB 517ms
516ms Image
image/jpeg 119.63.198.180
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageaws.popin.cc/article/882558c6d83d0150e09727f7c0923b5f_160.jpg
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.198.180 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: cbe02aa76fac3236ba785f65834ca69bda89049848de74077dce32c9c6adc95d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 31 Jul 2022 01:30:10 GMT
Last-Modified: Sat, 30 Jul 2022 14:25:12 GMT
Server: nginx
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Embedder-Policy: require-corp
ETag: "fd4ac5e6e376217231f892ea6ddb8dd9"
X-Cache-Status: HIT from 10.252.44.28
x-amz-version-id: rSOR3wZwkDpdZZ6mgd3ND8d2WZrsfnM2
Cache-Control: max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 32106
Expires: Mon, 31 Jul 2023 01:30:10 GMT

GET
H2 200 089eb04a85645b7cf299d16d670d4450.png
d2cli4kgl5uxre.cloudfront.net/ML/ 91 KB
91 KB 73ms
72ms Image
image/png 2600:9000:211e:3800:11:9be7:da80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2cli4kgl5uxre.cloudfront.net/ML/089eb04a85645b7cf299d16d670d4450.png
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:3800:11:9be7:da80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd90411ecf6224d7345468d42de92c9d6d8fcf687590b01b47593031cfe392e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
last-modified: Fri, 29 Jul 2022 06:11:25 GMT
server: AmazonS3
age: 69504
etag: "089eb04a85645b7cf299d16d670d4450"
x-cache: Hit from cloudfront
content-type: image/png
date: Sat, 30 Jul 2022 07:02:59 GMT
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 93119
x-amz-cf-id: BlMfqZksp2HbxyhjQUsrwI5rwqRsSEy_gBUdhrBdz2hU7FmReQZMag==

GET
H/1.1 200
OK 1fab0ee622b439a6dea1daa736941c5a_160.jpg
imageaws.popin.cc/article/ 28 KB
28 KB 521ms
520ms Image
image/jpeg 119.63.198.180
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageaws.popin.cc/article/1fab0ee622b439a6dea1daa736941c5a_160.jpg
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.198.180 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 7d0e37ab9fcf3593d37afef65574ef25dcbbcb7b80b8a1fc58c0b44a12b608c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 31 Jul 2022 01:30:10 GMT
Last-Modified: Thu, 28 Jul 2022 16:14:34 GMT
Server: nginx
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Embedder-Policy: require-corp
ETag: "df81f1ff340b3abfda3bb476b36e3b12"
X-Cache-Status: HIT from 10.252.43.26
x-amz-version-id: vYmbJeXnOC_77KswHxZvTVwSf51NVx0.
Cache-Control: max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 28168
Expires: Mon, 31 Jul 2023 01:30:10 GMT

GET
H2 200 9bf62cb50eff92080769020a4e225997.png
d2cli4kgl5uxre.cloudfront.net/ML/ 31 KB
32 KB 73ms
72ms Image
image/png 2600:9000:211e:3800:11:9be7:da80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2cli4kgl5uxre.cloudfront.net/ML/9bf62cb50eff92080769020a4e225997.png
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:3800:11:9be7:da80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7f0529bcb85bf4415a28735aef7edd93bf9e4ddb0d82da5e676bb9a4337c2949

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 04:03:19 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
last-modified: Wed, 27 Jul 2022 12:51:21 GMT
server: AmazonS3
age: 77210
etag: "9bf62cb50eff92080769020a4e225997"
x-cache: Hit from cloudfront
x-amz-version-id: null
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-type: image/png
content-length: 32229
x-amz-cf-id: 47MnFCyy55EDRuopq1rARFrKyIHjhGWENMHK9honChe_cMSxI86hkw==

GET
H/1.1 200
OK b52af2471ab88d7753dd167a8c79197e_160.jpg
imageaws.popin.cc/article/ 21 KB
22 KB 496ms
495ms Image
image/jpeg 119.63.198.180
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageaws.popin.cc/article/b52af2471ab88d7753dd167a8c79197e_160.jpg
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.198.180 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: e440e5b3c3ed7628536f43b299590e0695b040f78079a6622512389f5d2ffd9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 31 Jul 2022 01:30:10 GMT
Last-Modified: Sun, 07 Nov 2021 07:49:21 GMT
Server: nginx
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Embedder-Policy: require-corp
ETag: "c3f5237c20f008d523ec4abc73b90394"
X-Cache-Status: HIT from 10.252.44.28
x-amz-version-id: JU7l8oR4llHEFhBr82yxFpnMB6a6PP6z
Cache-Control: max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 21493
Expires: Mon, 31 Jul 2023 01:30:10 GMT

GET
H/1.1 200
OK logo.png
api.popin.cc/images/ 2 KB
3 KB 255ms
254ms Image
image/png 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.popin.cc/images/logo.png
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 6753ab9ab14844d0e9ecbbf13df7accf525291cef950547034e5ab67be9e508e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 31 Jul 2022 01:30:08 GMT
Last-Modified: Tue, 02 Apr 2019 12:00:56 GMT
Server: nginx
ETag: "b10c5c3579ba2dba39fd2804188dc3f1"
X-Cache-Status: HIT from 10.252.55.26
x-amz-version-id: null
Cache-Control: max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 2316
Expires: Sun, 31 Jul 2022 02:30:08 GMT

GET
H2 200 discoverylogs
log.popin.cc/log/popin_media/ 66 B
223 B 271ms
271ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNSwicGFyYW0xIjoxLCJhcGlfaG9zdCI6InRoLnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6Ind3dy5tYXRpY2hvbndlZWtseS5jb20iLCJ1cmwiOiJodHRwczovL3d3dy5tYXRpY2hvbndlZWtseS5jb20vaG90LW5ld3MvYXJ0aWNsZV81NjMzMzgiLCJ1aWQiOiJkOTA0MjAwMWJlYWMwZDcyNDE2MTY1OTIzMTAwNjQwMyIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6ImUyZWMzYjU0LTk0ZTctNDc5OC04N2Y5LWM4MzM5ZjhjNTQ2MCIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidGRfdGl0bGUiOiIiLCJ0ZF91cmwiOiJodHRwczovL3d3dy5tYXRpY2hvbndlZWtseS5jb20vaG90LW5ld3MvYXJ0aWNsZV81NjMzMzgiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwMy4wLjUwNjAuMTM0IFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IldpbjMyIiwidGRfaG9zdCI6Ind3dy5tYXRpY2hvbndlZWtseS5jb20iLCJ0ZF9wYXRoIjoiL2hvdC1uZXdzL2FydGljbGVfNTYzMzM4IiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTAzLjAuNTA2MCIsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJjbGllbnRfaWQiOiJlMmVjM2I1NC05NGU3LTQ3OTgtODdmOS1jODMzOWY4YzU0NjAiLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0=&t=1659231008045
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:08 GMT
last-modified: Fri, 10 Jan 2020 11:34:08 GMT
server: nginx/1.13.5
etag: "5e186130-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H2 200 adlogs
log.popin.cc/log/popin_ads/ 66 B
223 B 270ms
268ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_ads/adlogs?data=eyJ0eXBlIjoicmVxIiwicmlkIjoiIiwiYWxnIjoiIiwiY2hhbm5lbF9pZCI6IjUzX2ZlZWRfd2l0aF9zel9wYyIsInRpbWVfc2hvd19zZWNvbmRzIjoyLCJyZXF1ZXN0X2FkIjoxMCwiZG1mIjoibSIsInJlc3BvbnNlX2FkIjoxMCwic21qYWQiOjAsImFwaV9ob3N0IjoidGgucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoid3d3Lm1hdGljaG9ud2Vla2x5LmNvbSIsInVybCI6Imh0dHBzOi8vd3d3Lm1hdGljaG9ud2Vla2x5LmNvbS9ob3QtbmV3cy9hcnRpY2xlXzU2MzMzOCIsImxvZ2lkIjoiYTgxMmJjZTktZmI3OS00ZDkwLTg4ZmYtMDJiNzZhZDI1N2E5IiwidWlkIjoiZDkwNDIwMDFiZWFjMGQ3MjQxNjE2NTkyMzEwMDY0MDMiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiJlMmVjM2I1NC05NGU3LTQ3OTgtODdmOS1jODMzOWY4YzU0NjAiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi4Lia4LiBLiDguJvguK3guKgu4Lie4LiaIOC4meC4seC4geC4reC4reC4geC5geC4muC4muC5g+C4meC4geC4o+C4uOC4h+C5gOC4l+C4nuC4ryBXRkgg4LmD4LiK4LmJ4LiL4Lit4Lif4LiV4LmM4LmB4Lin4Lij4LmM4Lic4Li04LiU4LiB4LiO4Lir4Lih4Liy4LiiISIsInRkX3VybCI6Imh0dHBzOi8vd3d3Lm1hdGljaG9ud2Vla2x5LmNvbS9ob3QtbmV3cy9hcnRpY2xlXzU2MzMzOCIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTAzLjAuNTA2MC4xMzQgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiV2luMzIiLCJ0ZF9ob3N0Ijoid3d3Lm1hdGljaG9ud2Vla2x5LmNvbSIsInRkX3BhdGgiOiIvaG90LW5ld3MvYXJ0aWNsZV81NjMzMzgiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiIxMDMuMC41MDYwIiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImNsaWVudF9pZCI6ImUyZWMzYjU0LTk0ZTctNDc5OC04N2Y5LWM4MzM5ZjhjNTQ2MCIsImNvbW1vbl9jYXRlZ29yeSI6InNvY2lhbCIsImNhdGVnb3J5Ijoi4LiC4LmI4Liy4Lin4LmA4LiU4LmI4LiZIiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjZ9&t=1659231008080
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:08 GMT
last-modified: Fri, 10 Jan 2020 11:34:08 GMT
server: nginx/1.13.5
etag: "5e186130-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H2 200 s.gif
r.popin.cc/ 35 B
186 B 777ms
256ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/s.gif?url=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&uid=d9042001beac0d724161659231006403&type=pc_pv&nid=pc&media=www.matichonweekly.com&r5=ca_%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%94%E0%B9%88%E0%B8%99&t=1659231008081&tz=th
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:08 GMT
last-modified: Wed, 04 Sep 2019 04:26:06 GMT
server: nginx
etag: "5d6f3cde-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H2 200 discoverylogs
log.popin.cc/log/popin_media/ 66 B
223 B 270ms
269ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJyX3VybCI6IiIsInR5cGUiOjAsImFwaV9ob3N0IjoidGgucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoid3d3Lm1hdGljaG9ud2Vla2x5LmNvbSIsInVybCI6Imh0dHBzOi8vd3d3Lm1hdGljaG9ud2Vla2x5LmNvbS9ob3QtbmV3cy9hcnRpY2xlXzU2MzMzOCIsImxvZ2lkIjoiYTgxMmJjZTktZmI3OS00ZDkwLTg4ZmYtMDJiNzZhZDI1N2E5IiwidWlkIjoiZDkwNDIwMDFiZWFjMGQ3MjQxNjE2NTkyMzEwMDY0MDMiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiJlMmVjM2I1NC05NGU3LTQ3OTgtODdmOS1jODMzOWY4YzU0NjAiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi4Lia4LiBLiDguJvguK3guKgu4Lie4LiaIOC4meC4seC4geC4reC4reC4geC5geC4muC4muC5g+C4meC4geC4o+C4uOC4h+C5gOC4l+C4nuC4ryBXRkgg4LmD4LiK4LmJ4LiL4Lit4Lif4LiV4LmM4LmB4Lin4Lij4LmM4Lic4Li04LiU4LiB4LiO4Lir4Lih4Liy4LiiISIsInRkX3VybCI6Imh0dHBzOi8vd3d3Lm1hdGljaG9ud2Vla2x5LmNvbS9ob3QtbmV3cy9hcnRpY2xlXzU2MzMzOCIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTAzLjAuNTA2MC4xMzQgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiV2luMzIiLCJ0ZF9ob3N0Ijoid3d3Lm1hdGljaG9ud2Vla2x5LmNvbSIsInRkX3BhdGgiOiIvaG90LW5ld3MvYXJ0aWNsZV81NjMzMzgiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiIxMDMuMC41MDYwIiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImNsaWVudF9pZCI6ImUyZWMzYjU0LTk0ZTctNDc5OC04N2Y5LWM4MzM5ZjhjNTQ2MCIsImNvbW1vbl9jYXRlZ29yeSI6InNvY2lhbCIsImNhdGVnb3J5Ijoi4LiC4LmI4Liy4Lin4LmA4LiU4LmI4LiZIiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjZ9&t=1659231008081
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:08 GMT
last-modified: Fri, 10 Jan 2020 11:34:08 GMT
server: nginx/1.13.5
etag: "5e186130-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H/1.1 200
OK other
inrecsys.popin.cc/PopinService/Logs/ 0
108 B 1005ms
249ms Image
text/plain 119.63.197.136
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://inrecsys.popin.cc/PopinService/Logs/other?data=eyJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiJlMmVjM2I1NC05NGU3LTQ3OTgtODdmOS1jODMzOWY4YzU0NjAiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi4Lia4LiBLiDguJvguK3guKgu4Lie4LiaIOC4meC4seC4geC4reC4reC4geC5geC4muC4muC5g+C4meC4geC4o+C4uOC4h+C5gOC4l+C4nuC4ryBXRkgg4LmD4LiK4LmJ4LiL4Lit4Lif4LiV4LmM4LmB4Lin4Lij4LmM4Lic4Li04LiU4LiB4LiO4Lir4Lih4Liy4LiiISIsInRkX3VybCI6Imh0dHBzOi8vd3d3Lm1hdGljaG9ud2Vla2x5LmNvbS9ob3QtbmV3cy9hcnRpY2xlXzU2MzMzOCIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTAzLjAuNTA2MC4xMzQgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiV2luMzIiLCJ0ZF9ob3N0Ijoid3d3Lm1hdGljaG9ud2Vla2x5LmNvbSIsInRkX3BhdGgiOiIvaG90LW5ld3MvYXJ0aWNsZV81NjMzMzgiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2lwIjoiMzcuNTguNTcuMSIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiIxMDMuMC41MDYwIiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImRpc2hfY29tbW9uX2NhdGVnb3J5Ijoic29jaWFsIiwia2V5Ijoia2V5MTY1OTIzMTAwNjQwNCIsIm5vdyI6MTY1OTIzMTAwODA4MSwiY2xpZW50X2lkIjoiZTJlYzNiNTQtOTRlNy00Nzk4LTg3ZjktYzgzMzlmOGM1NDYwIiwidXJsIjoiaHR0cHM6Ly93d3cubWF0aWNob253ZWVrbHkuY29tL2hvdC1uZXdzL2FydGljbGVfNTYzMzM4IiwidWlkIjoiZDkwNDIwMDFiZWFjMGQ3MjQxNjE2NTkyMzEwMDY0MDMiLCJzbWpJZCI6IiIsImRldmljZSI6InBjIiwiZGlzaF9tZWRpYSI6Ind3dy5tYXRpY2hvbndlZWtseS5jb20iLCJkaXNoX2NhdGVnb3J5Ijoi4LiC4LmI4Liy4Lin4LmA4LiU4LmI4LiZIiwiZGlzaF9kb21haW4iOiJ3d3cubWF0aWNob253ZWVrbHkuY29tIiwidl9kaXNoX2xhYmVscyI6IuC4p+C4seC4meC4reC4seC4h+C4hOC4suC4oyzguKHguLTguJbguLjguJnguLLguKLguJks4LiX4Li14LmILOC4oOC4suC4ouC5g+C4mSzguYDguIrguLfguYjguK0s4Lir4LiZ4Li24LmI4LiHLOC4reC4ouC5iOC4suC4hyzguIfguLLguJks4LiC4LmI4Liy4LinLOC4muC5ieC4suC4mSIsInZfZGlzaF90bGFiZWxzIjoi4LiB4Lij4Li44LiH4LmA4LiX4Lie4LivLOC4geC4juC4q+C4oeC4suC4oizguJnguLHguIEs4LmD4LiK4LmJLOC4nOC4tOC4lCzguK3guK3guIEs4LmB4Lia4LiaLOC4nuC4mizguJrguIEs4LmD4LiZIiwibG9naWQiOiJhODEyYmNlOS1mYjc5LTRkOTAtODhmZi0wMmI3NmFkMjU3YTkiLCJhcGlfaG9zdCI6InRoLnBvcGluLmNjIiwiZG9tYWluIjoid3d3Lm1hdGljaG9ud2Vla2x5LmNvbSIsInBvcGluX3ZlcnNpb24iOjZ9
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.63.197.136 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Length: 0
Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/plain

GET
H2 200 s.gif
r.popin.cc/ 35 B
186 B 527ms
258ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/s.gif?url=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&uid=&type=pc_channel_pv&nid=pc&media=www.matichonweekly.com&r5=ca_%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%94%E0%B9%88%E0%B8%99|ch_53_feed_with_sz_pc&t=1659231008124&tz=th
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:08 GMT
last-modified: Wed, 04 Sep 2019 04:26:06 GMT
server: nginx
etag: "5d6f3cde-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H2 200 discoverylogs
log.popin.cc/log/popin_media/ 66 B
223 B 270ms
269ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjo3LCJpc19mZWVkX21vZHVsZSI6dHJ1ZSwiY2hhbm5lbF9pZCI6IjUzX2ZlZWRfd2l0aF9zel9wYyIsImV4cGVjdGVkX2FkIjoxMCwicmVuZGVyZWRfYWQiOjEwLCJhcGlfaG9zdCI6InRoLnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6Ind3dy5tYXRpY2hvbndlZWtseS5jb20iLCJ1cmwiOiJodHRwczovL3d3dy5tYXRpY2hvbndlZWtseS5jb20vaG90LW5ld3MvYXJ0aWNsZV81NjMzMzgiLCJsb2dpZCI6ImE4MTJiY2U5LWZiNzktNGQ5MC04OGZmLTAyYjc2YWQyNTdhOSIsInVpZCI6ImQ5MDQyMDAxYmVhYzBkNzI0MTYxNjU5MjMxMDA2NDAzIiwidGRfdmVyc2lvbiI6IjEuNy4xIiwidGRfY2xpZW50X2lkIjoiZTJlYzNiNTQtOTRlNy00Nzk4LTg3ZjktYzgzMzlmOGM1NDYwIiwidGRfY2hhcnNldCI6InV0Zi04IiwidGRfbGFuZ3VhZ2UiOiJlbi11cyIsInRkX2NvbG9yIjoiMjQtYml0IiwidGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidGRfdmlld3BvcnQiOiIxNjAweDEyMDAiLCJ0ZF90aXRsZSI6IuC4muC4gS4g4Lib4Lit4LioLuC4nuC4miDguJnguLHguIHguK3guK3guIHguYHguJrguJrguYPguJnguIHguKPguLjguIfguYDguJfguJ7guK8gV0ZIIOC5g+C4iuC5ieC4i+C4reC4n+C4leC5jOC5geC4p+C4o+C5jOC4nOC4tOC4lOC4geC4juC4q+C4oeC4suC4oiEiLCJ0ZF91cmwiOiJodHRwczovL3d3dy5tYXRpY2hvbndlZWtseS5jb20vaG90LW5ld3MvYXJ0aWNsZV81NjMzMzgiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwMy4wLjUwNjAuMTM0IFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IldpbjMyIiwidGRfaG9zdCI6Ind3dy5tYXRpY2hvbndlZWtseS5jb20iLCJ0ZF9wYXRoIjoiL2hvdC1uZXdzL2FydGljbGVfNTYzMzM4IiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTAzLjAuNTA2MCIsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJjbGllbnRfaWQiOiJlMmVjM2I1NC05NGU3LTQ3OTgtODdmOS1jODMzOWY4YzU0NjAiLCJjb21tb25fY2F0ZWdvcnkiOiJzb2NpYWwiLCJjYXRlZ29yeSI6IuC4guC5iOC4suC4p+C5gOC4lOC5iOC4mSIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ==&t=1659231008124
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:08 GMT
last-modified: Fri, 10 Jan 2020 11:34:08 GMT
server: nginx/1.13.5
etag: "5e186130-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H2 200 log.gif
r.popin.cc/ 35 B
186 B 461ms
260ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/log.gif?type=related-th&uid=d9042001beac0d724161659231006403&url=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&t=1659231008124
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:08 GMT
last-modified: Wed, 04 Sep 2019 04:26:06 GMT
server: nginx
etag: "5d6f3cde-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

POST
H2 200 / Show response
aiqua-sdk.c.appier.net/aiqua/web/73ad50a3dfb780a32ec4/data/ 0
315 B 767ms
254ms XHR
application/json 18.138.163.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aiqua-sdk.c.appier.net/aiqua/web/73ad50a3dfb780a32ec4/data/
Requested by: Host: cdn.qgraph.io
URL: https://cdn.qgraph.io/v3/r/aiqua.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.138.163.233 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-138-163-233.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.3.9.v20160517) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.matichonweekly.com/
accept-language: de-DE,de;q=0.9
Package-Name: www.matichonweekly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 31 Jul 2022 01:30:09 GMT
server: Jetty(9.3.9.v20160517)
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.matichonweekly.com
access-control-allow-credentials: true
access-control-allow-headers: Package-Name, Content-Type
content-length: 0

OPTIONS
H2 200 /
aiqua-sdk.c.appier.net/aiqua/web/73ad50a3dfb780a32ec4/data/ Frame 0
0 778ms
249ms Preflight
application/json 18.138.163.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aiqua-sdk.c.appier.net/aiqua/web/73ad50a3dfb780a32ec4/data/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.138.163.233 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-138-163-233.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.3.9.v20160517) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,package-name
Access-Control-Request-Method: POST
Origin: https://www.matichonweekly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Package-Name, Content-Type
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://www.matichonweekly.com
access-control-max-age: 604800
cache-control: max-age=604800
content-length: 0
content-type: application/json
date: Sun, 31 Jul 2022 01:30:09 GMT
server: Jetty(9.3.9.v20160517)

GET
H2 200 3001652-2067283-240-180-0001.ts Show response
3001653-matichon-weekly.cf.ivideosmart.com/3001652/2067283/ 76 KB
76 KB 733ms
733ms XHR
video/mp2t 2600:9000:206f:4800:13:dd95:c600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://3001653-matichon-weekly.cf.ivideosmart.com/3001652/2067283/3001652-2067283-240-180-0001.ts
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.12.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4800:13:dd95:c600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8a9b9d93df2fba5b57eff273ab91a6dbb7f4d4fc10305d33327eea7beb8a711a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:10 GMT
via: 1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-length: 77644
last-modified: Tue, 07 Jun 2022 04:06:15 GMT
server: AmazonS3
etag: "82329b1029af4bccb70be45934f16418"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: video/mp2t
access-control-allow-origin: https://www.matichonweekly.com
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-cf-id: jWlNnDpeZVWWTIynWW-nQZeMpvWlb2AceEcXrrQi5GXjMALv-KAgzA==

GET
DATA 200
OK truncated
/ 307 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8147d95456088b4e403d7073e6c469996fc406fae907897441b69cbc657eb61d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 200 PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 0
0 66ms
9ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.matichonweekly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.matichonweekly.com
access-control-max-age: 600
age: 0
content-length: 0
date: Sun, 31 Jul 2022 01:30:09 GMT
server: ATS/9.1.0.46

POST
H/1.1 204
No Content 321689 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
1 KB 89ms
23ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/321689?src_sys=prebid
Requested by: Host: hdrbd.ivstracker.net
URL: https://hdrbd.ivstracker.net/hbplacementsservices/3001653
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.matichonweekly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 31 Jul 2022 01:30:09 GMT
X-SpotX-Timing-Transform: 0.000260
X-SpotX-Timing-SpotMarket: 0.003670
X-SpotX-Timing-Page-Mux: 0.000806
X-SpotX-Timing-Page-Require: 0.000320
X-fe: 013
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000020
X-SpotX-Timing-Page: 0.007850
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000262
Last-Modified: Sun, 31 Jul 2022 01:30:09 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.003670
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.matichonweekly.com
X-SpotX-Timing-Page-Misc: 0.002501
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000011
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
121 B 94ms
48ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hdrbd.ivstracker.net
URL: https://hdrbd.ivstracker.net/hbplacementsservices/3001653
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.matichonweekly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.matichonweekly.com
date: Sun, 31 Jul 2022 01:30:08 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg8.smartadserver.com/prebid/ 171 B
564 B 202ms
93ms XHR
application/json 185.86.137.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/prebid/v1
Requested by: Host: hdrbd.ivstracker.net
URL: https://hdrbd.ivstracker.net/hbplacementsservices/3001653
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.matichonweekly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 01:30:08 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.matichonweekly.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H2 204 PBJS Show response
c2shb.pubgw.yahoo.com/admax/bid/partners/ 0
199 B 38ms
21ms XHR
text/plain 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by: Host: hdrbd.ivstracker.net
URL: https://hdrbd.ivstracker.net/hbplacementsservices/3001653
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.matichonweekly.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.matichonweekly.com
date: Sun, 31 Jul 2022 01:30:09 GMT
access-control-allow-credentials: true
server: ATS/9.1.0.46
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 36 B
642 B 98ms
63ms XHR
application/json 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=760102&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%229237a03de8be97%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.3.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2210ebfe014e13b66%22%2C%22ext%22%3A%7B%22siteID%22%3A%22760102%22%2C%22sid%22%3A%22640x480%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fx-mpegURL%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A60%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B640%2C480%5D%5D%2C%22placement%22%3A1%2C%22w%22%3A640%2C%22h%22%3A480%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22ivideosmart.com%22%2C%22sid%22%3A%223001653%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by: Host: hdrbd.ivstracker.net
URL: https://hdrbd.ivstracker.net/hbplacementsservices/3001653
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2663831a8078b0549c4fbac719d0c8e3f6f2993b46e0c1024cc9ad4edb420f2e

Request headers

Referer: https://www.matichonweekly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 31 Jul 2022 01:30:09 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ynkOv4pr2VxMgRdB3%2FHeNVb9TPUn6DyVRQ1u4H0UAd6%2Bv7DwzIrU30Hpd1pLdILsZoMTkelU7qex5%2FiEfth5ed1hrhGkpCmb4OdfualkNW2gGIgl57ogvViYvxG7komj1ypW%2FA6e"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.matichonweekly.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7332912eddf29013-FRA
expires: 0

GET
H/1.1 200
OK videoPlayed_0pct Show response
p-events.ivideosmart.com/prod/v1/ 0
293 B 173ms
173ms XHR
application/json 193.108.153.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p-events.ivideosmart.com/prod/v1/videoPlayed_0pct?clientConnType=Corporate&clientGroup=000&clientID=00000000-0000-0000-0000-000000000000&containerID=ivsplayer01&cpID=3001652&cpName=Matichon%20Weekly&device=others&domainAppName=www.matichonweekly.com&engVersion=0&eventAction=videoPlayed_0pct&eventPlayhead=0.249457&eventStarted=mute&eventTime=4110&hlsBitrate=171&hlsHeight=240&isOutstream=0&pageArticleID=95489e1339036851dc71d6725e9ff22b&pageID=1659231004953-17f69d62903d8&playerFlag=AD_nAndmTimePlay&playerHeight=168&playerMajorVersion=4&playerVersion=v4.113.0&playerWidth=300&productID=adbc5a6e-2085&productName=IVSN&referrer=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&spID=3001653&spName=Matichon%20Weekly&videoDuration=30&videoID=2067283&videoPlayedDuration=0&videoRequestId=1659231004968-f2b6db0509041&videoTitle=%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%94%E0%B9%88%E0%B8%99&videoType=ivideostream&__token__=st=1659231006~exp=1659238206~acl=/*~id=avs5jb6l9w5~hmac=dc986cf5c9024d2bec1be2e5c17b10ad58a5c43b77c7e4bb9ca64e8831ce3bcb
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-10.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://www.matichonweekly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.matichonweekly.com
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Forward-Proto: http
Akamai-Mon-Iucid-Del: 1190329
CDN-Origin-Protocol: HTTP
Content-Length: 0
Content-Type: application/json

GET
H/1.1 200
OK adRequest Show response
p-events.ivideosmart.com/prod/v1/ 0
293 B 173ms
173ms XHR
application/json 193.108.153.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p-events.ivideosmart.com/prod/v1/adRequest?adPlacement=preroll&adRequestId=1659231009264-654c735b902b6&clientConnType=Corporate&clientGroup=000&clientID=00000000-0000-0000-0000-000000000000&containerID=ivsplayer01&cpID=3001652&cpName=Matichon%20Weekly&device=others&domainAppName=www.matichonweekly.com&engVersion=0&eventAction=adRequest&eventPlayhead=0.249457&eventStarted=mute&eventTime=4311&hb=1&hbBidders=none&hbNetworks=smartadserver%2Cspotx%2Cspotx%2Cix%2Cpubmatic%2Cyahoossp&hbWinner=none&isOutstream=0&pageArticleID=95489e1339036851dc71d6725e9ff22b&pageID=1659231004953-17f69d62903d8&playerFlag=AD_nAndmTimePlay&playerMajorVersion=4&playerVersion=v4.113.0&productID=adbc5a6e-2085&productName=IVSN&referrer=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&spID=3001653&spName=Matichon%20Weekly&videoDuration=30&videoID=2067283&videoPlayedDuration=0&videoRequestId=1659231004968-f2b6db0509041&videoTitle=%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%94%E0%B9%88%E0%B8%99&videoType=ivideostream&__token__=st=1659231006~exp=1659238206~acl=/*~id=avs5jb6l9w5~hmac=dc986cf5c9024d2bec1be2e5c17b10ad58a5c43b77c7e4bb9ca64e8831ce3bcb
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-10.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://www.matichonweekly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.matichonweekly.com
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Forward-Proto: http
Akamai-Mon-Iucid-Del: 1190329
CDN-Origin-Protocol: HTTP
Content-Length: 0
Content-Type: application/json

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 22ms
22ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.matichonweekly.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 Jul 2022 01:30:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 24ms
24ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.matichonweekly.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 Jul 2022 01:30:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 getvastxml Show response
a.ivstracker.net/prod/ Frame 396F 16 KB
2 KB 783ms
267ms XHR
application/xml 54.251.149.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ivstracker.net/prod/getvastxml?device=desktop&cpid=3001652&spid=3001653&videoid=2067283&clientid=00000000-0000-0000-0000-000000000000&bucket=013&iabcategoryid=12&brand=Other&os=Windows&domain=www.matichonweekly.com&pageurl=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&widgetid=adbc5a6e-2085&playlistid=4033&playertype=IVSN&playerversion=v4.113.0&vwidth=300&vheight=168&startmode=mute&sound=off&position=1&try=0&broker=yes&adpod=0&adcnt=1&adnum=1&shuffle=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.522.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.251.149.69 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-251-149-69.ap-southeast-1.compute.amazonaws.com
Software: / Express
Resource Hash: 74655f0e2a3f63cc36eeaba15933f77c4ed47847bfbef5599b5363a7f0a6a715

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:10 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"3eab-jTaIp1qyWh8OtW7/WocOoclTgLo"
vary: Accept-Encoding
content-type: application/xml; charset=utf-8
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true

GET
H/1.1 200
OK TRcro8s0WceWn2zuX7mNP0rVF3Fghc8c.png
ivx-cdn.ivideosmart.com/images/2021/10/26/04/ 4 KB
4 KB 101ms
17ms Image
image/png 2a02:26f0:3500:16::215:1484
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ivx-cdn.ivideosmart.com/images/2021/10/26/04/TRcro8s0WceWn2zuX7mNP0rVF3Fghc8c.png
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd0f646bd06936974602e4d708317c3fb1b80de3dffc9b15cae499ff3112dad6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 31 Jul 2022 01:30:09 GMT
Last-Modified: Tue, 26 Oct 2021 04:02:04 GMT
Server: AmazonS3
x-amz-request-id: EE4MATZZRYN1ZFGT
ETag: "c1d79fd34d5c124c1451e91b15e9e16e"
Connection: keep-alive
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Akamai-Mon-Iucid-Del: 1141586
Accept-Ranges: bytes
Content-Length: 3674
x-amz-id-2: 9LQv2bwvTwbSSw3TK9hjaYNyBnTDw7KGAt4g5zLZb9ChuqAJwX3+QYGnN68GYErOhavN9FBEY5c=

GET
H2 200 3001652-2067283-240-180-0002.ts Show response
3001653-matichon-weekly.cf.ivideosmart.com/3001652/2067283/ 84 KB
84 KB 780ms
779ms XHR
video/mp2t 2600:9000:206f:4800:13:dd95:c600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://3001653-matichon-weekly.cf.ivideosmart.com/3001652/2067283/3001652-2067283-240-180-0002.ts
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.12.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4800:13:dd95:c600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0dd61feacd4b5da46a70154a4d6c048cebefe5bcb10cdef25a8d040bb8d7fed1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:11 GMT
via: 1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-length: 85540
last-modified: Tue, 07 Jun 2022 04:06:15 GMT
server: AmazonS3
etag: "d035cafc9e738209e3298c5ac313b31e"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: video/mp2t
access-control-allow-origin: https://www.matichonweekly.com
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-cf-id: VALPh8WJtco4m8TIFR84NaTrycnrF5WVUo70p_I7ST1X6l8AUkvheQ==

GET
H2 200 hotspot Show response
r.ivstracker.net/prod/ 0
172 B 809ms
260ms XHR
text/html 54.251.102.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.ivstracker.net/prod/hotspot?&action=impression&creativeid=80367278&advertiserid=80000126&campaignid=80000158
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivshotspots/js/default-hotspots.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.251.102.136 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-251-102-136.ap-southeast-1.compute.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin: https://www.matichonweekly.com
date: Sun, 31 Jul 2022 01:30:10 GMT
access-control-allow-credentials: true
x-powered-by: Express
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 396F 86 KB
17 KB 333ms
331ms XHR
text/xml 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F206696744%2C22713255812%2FIVS%2Fivs_video_matichonweekly&description_url=https%3A%2F%2Fwww.matichonweekly.com%2F&tfcd=0&npa=0&ad_type=audio_video&sz=300x250%7C400x300%7C640x360%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=399825282213165&ivsadpod=0&ivsadcnt=1&ivsadnum=1&ivsadrequestid=1659231009998-231ace214b86251ab4942ecb25111378&sdkv=h.3.522.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=4278896168&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.522.0&sid=9FEB748B-85DE-48E4-B0D1-F04C814C02B3&nel=0&eid=44725355%2C44750822%2C44751890%2C44754420%2C44760950%2C44762904%2C44765701%2C44767130&url=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&dlt=1659231003264&idt=3130&dt=1659231010108&cookie=ID%3D33a536d5732f4064%3AT%3D1659231005%3AS%3DALNI_MZoTGT0c_CM5fG5o1jdwFvw8qmhPA&scor=2068034409822331&fbidx=-1&ged=ve4_td7_tt4_pd7_la7000_er982.1.1149.299_vi0.0.1200.1600_vp100_ts1_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.522.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

a12e9547ed5018b7d1a41f1e6b24911a5d73fbf6ca4cb15e3671f58493727f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17255
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK adsManagerLoaded Show response
p-events.ivideosmart.com/prod/v1/ 0
293 B 173ms
173ms XHR
application/json 193.108.153.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p-events.ivideosmart.com/prod/v1/adsManagerLoaded?adRequestId=1659231009264-654c735b902b6&clientConnType=Corporate&clientGroup=000&clientID=00000000-0000-0000-0000-000000000000&containerID=ivsplayer01&cpID=3001652&cpName=Matichon%20Weekly&device=others&domainAppName=www.matichonweekly.com&engVersion=0&eventAction=adsManagerLoaded&eventPlayhead=1.015353&eventStarted=mute&eventTime=5518&isOutstream=0&pageArticleID=95489e1339036851dc71d6725e9ff22b&pageID=1659231004953-17f69d62903d8&playerFlag=AD_nAndmTimePlay&playerMajorVersion=4&playerVersion=v4.113.0&productID=adbc5a6e-2085&productName=IVSN&referrer=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&spID=3001653&spName=Matichon%20Weekly&videoDuration=30&videoID=2067283&videoPlayedDuration=0.736&videoRequestId=1659231004968-f2b6db0509041&videoTitle=%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%94%E0%B9%88%E0%B8%99&videoType=ivideostream&__token__=st=1659231006~exp=1659238206~acl=/*~id=avs5jb6l9w5~hmac=dc986cf5c9024d2bec1be2e5c17b10ad58a5c43b77c7e4bb9ca64e8831ce3bcb
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-10.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://www.matichonweekly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.matichonweekly.com
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Forward-Proto: http
Akamai-Mon-Iucid-Del: 1190329
CDN-Origin-Protocol: HTTP
Content-Length: 0
Content-Type: application/json

POST
H2 204 csi
csi.gstatic.com/ Frame 396F 0
54 B 817ms
268ms Ping
image/gif 2404:6800:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l68nau95&c=7266885146716&slotId=3633442573358&qqid=CNrw15f9ofkCFchX4AodVqAPzA&gqid=ItvlYv3aB8uHgAeJvqPQBA&fb=ima_html5-lima&sdkv=h.3.522.0&mrd=4&aab=0&itv=1&eee=missing-element&bi=missing-id&vast_v=4.0&ghmsh_eids=44725355%2C44750822%2C44751890%2C44754420%2C44760950%2C44762904%2C44765701%2C44767130&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=2&vhc=0&wta=1&hghme=1&met.4=ghmsh_s.l68naxel~ghmsh_s.l68naxen~ghmsh_s.l68naxen&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=C2dalHnMkW_qkhWW
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.522.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4001:808::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 01:30:11 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 396F 453 B
478 B 14ms
13ms Image
image/png 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-9298860897894361

Requested by

Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/js/core/bridge3.522.0_en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 00:58:52 GMT
x-content-type-options: nosniff
age: 1878
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 453
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: image/png
cache-control: public, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 31 Jul 2022 01:48:52 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 396F 42 B
64 B 25ms
24ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C63aJItvlYtrXCcivgQfWwL7gDIHzjYBrkLOr4sIQsJAfEAEgmKOQSWCV0qOCsAegAYeI3YIDyAEF4AIAqAMBmAQAqgTWAk_Q2WVqUMoJObkWgqAScXpqXKC6BsvtRDMdC8yD7oN6brZd5-nuYmFsB5BnAqDJtCL-8FdWX4T6sS0lZACcdymwJ3OLApUNsOLSvILT4heZWNhMTiYIMYD6X-EKiLzF6JbE_J-24g0fUNMpwJLQ97um1okme1JcauUAG9p8M_j3Evs29GjXVbxDsIUT3yn-sFNVgvbbSvouizTceiaNmMDN8pSKvGsWih_J5a9oT-kGHOt9xaE1LgkdN_SXuPzDN9-wkFmhLyy0lOd8JO3r77U_MmJKucOjno66TP5V1kpIuJbK8ckIgWKuE24RzLoXt22d2BV5j8RsDKw_h-fT0tSCpxrjZ1miy3G1I88aP4Lyn4Exd1JG8_s-tiaZI1EPBGQRLrikc8OXDHvcTdHx4Qw3X5m2-y46Q_GiYBpcstxtu7LXClif1Zq5qOnRWrLFLvabi8Np7cAElP-dtKME4AQBiAWOlr_iQZIFCAgDEAEYAVABoAZUgAfh96J9qAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcBqAgB0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTY3OTkzNTEyNjMwNjY2MTmxCfZJCpNPGaSFgAoDyAsB0AsOuAwBsBOx_90P2BMN2BQB0BUBmBYBqBYB4hYCCAH4FgGAFwE&sigh=qfYCO16pJkw&label=show_ad&sdkv=h.3.522.0&vci=CjwIAhoLSVZTQURTRVJWRVIgAyoSSVZTX05XX0FEMDFfSVZTRU5EMhNDSVZTX05XX0FEMDFfSVZTRU5EQAAKbQgCEhBhLml2c3RyYWNrZXIubmV0GgtJVlNBRFNFUlZFUiADKiFJVlNfTldfNDk3OF9DXzg4OV9BXzk4X0xfMF9JVlNFTkQyIkNJVlNfTldfNDk3OF9DXzg4OV9BXzk4X0xfMF9JVlNFTkRAmgYKawgBEhhwdWJhZHMuZy5kb3VibGVjbGljay5uZXQaB0FkU2Vuc2UgBCoMNTY3Njc4Nzg1OTM2Mgw2MDgyNDA4ODU5NTJA1AJSIxAPJQAASEIoAToLMzVQdUhzcDRUNzBCCWdvb2dsZWFkc1AAGAE.

Requested by

Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 01:30:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
pubads.g.doubleclick.net/pagead/ Frame 396F 0
0 52ms
52ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=C_Pl8ItvlYtrXCcivgQfWwL7gDIHzjYBrkLOr4sIQsJAfEAEgmKOQSWCV0qOCsAegAYeI3YIDyAEF4AIAqAMBmAQAqgTTAk_Q2WVqUMoJObkWgqAScXpqXKC6BsvtRDMdC8yD7oN6brZd5-nuYmFsB5BnAqDJtCL-8FdWX4T6sS0lZACcdymwJ3OLApUNsOLSvILT4heZWNhMTiYIMYD6X-EKiLzF6JbE_J-24g0fUNMpwJLQ97um1okme1JcauUAG9p8M_j3Evs29GjXVbxDsIUT3yn-sFNVgvbbSvouizTceiaNmMDN8pSKvGsWih_J5a9oT-kGHOt9xaE1LgkdN_SXuPzDN9-wkFmhLyy0lOd8JO3r77U_MmJKucOjno66TP5V1kpIuJbK8ckIgWKuE24RzLoXt22d2BV5j8RsDKw_h-fT0tSCpxrjZ1miy3G1I88aP4Lyn4Exd1JG8_tmt_SfKRuDNPa2lFu56CDouPWn9F-uZb5k2wOl5iSZSdi6p7_KyWXBB6X5ErsAf8k9OFnGdqpgoQ2GEMAElP-dtKME4AQBoAZUgAfh96J9qAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDGiDKoCAHSCBEIgOGAEBABGB0yAqoCOgKAQPIIG2FkeC1zdWJzeW4tNjc5OTM1MTI2MzA2NjYxOYAKA8gLAbATsf_dD8ITBhiHiN2CA9gTDdgUAdAVAZgWAagWAeIWAggBgBcBshceChwIABIUcHViLTk0MjI1ODUzODI2NzM1NjYYoOUf&sigh=TZ66Fd80LYY&cmd=Ch1jYS12aWRlby1wdWItOTQyMjU4NTM4MjY3MzU2NhAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&vt=10&sdkv=h.3.522.0&vci=CjwIAhoLSVZTQURTRVJWRVIgAyoSSVZTX05XX0FEMDFfSVZTRU5EMhNDSVZTX05XX0FEMDFfSVZTRU5EQAAKbQgCEhBhLml2c3RyYWNrZXIubmV0GgtJVlNBRFNFUlZFUiADKiFJVlNfTldfNDk3OF9DXzg4OV9BXzk4X0xfMF9JVlNFTkQyIkNJVlNfTldfNDk3OF9DXzg4OV9BXzk4X0xfMF9JVlNFTkRAmgYKawgBEhhwdWJhZHMuZy5kb3VibGVjbGljay5uZXQaB0FkU2Vuc2UgBCoMNTY3Njc4Nzg1OTM2Mgw2MDgyNDA4ODU5NTJA1AJSIxAPJQAASEIoAToLMzVQdUhzcDRUNzBCCWdvb2dsZWFkc1AAGAE.
Requested by: Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 396F 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK adLoaded Show response
p-events.ivideosmart.com/prod/v1/ 0
293 B 170ms
169ms XHR
application/json 193.108.153.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p-events.ivideosmart.com/prod/v1/adLoaded?adCnt=1&adId=567678785936&adNum=1&adPlacement=preroll&adPod=0&adRequestId=1659231009264-654c735b902b6&adSystem=AdSense&clientConnType=Corporate&clientGroup=000&clientID=00000000-0000-0000-0000-000000000000&containerID=ivsplayer01&cpID=3001652&cpName=Matichon%20Weekly&device=others&domainAppName=www.matichonweekly.com&engVersion=0&eventAction=adLoaded&eventPlayhead=1.015353&eventStarted=mute&eventTime=5548&isOutstream=0&pageArticleID=95489e1339036851dc71d6725e9ff22b&pageID=1659231004953-17f69d62903d8&playerFlag=AD_nAndmTimePlay&playerMajorVersion=4&playerVersion=v4.113.0&productID=adbc5a6e-2085&productName=IVSN&referrer=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&spID=3001653&spName=Matichon%20Weekly&videoDuration=30&videoID=2067283&videoPlayedDuration=0&videoRequestId=1659231004968-f2b6db0509041&videoTitle=%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%94%E0%B9%88%E0%B8%99&videoType=ivideostream&__token__=st=1659231006~exp=1659238206~acl=/*~id=avs5jb6l9w5~hmac=dc986cf5c9024d2bec1be2e5c17b10ad58a5c43b77c7e4bb9ca64e8831ce3bcb
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-10.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://www.matichonweekly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.matichonweekly.com
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Forward-Proto: http
Akamai-Mon-Iucid-Del: 1190329
CDN-Origin-Protocol: HTTP
Content-Length: 0
Content-Type: application/json

POST
H2 204 csi
csi.gstatic.com/ 0
327 B 790ms
266ms Ping
image/gif 2404:6800:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~l68natcu&c=7266885146716&slotId=3633442573358&eee=missing-element&bi=missing-id
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4001:808::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 01:30:11 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 396F 0
20 B 48ms
48ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&lid=143&sdkv=h.3.522.0&e=44725355%2C44750822%2C44751890%2C44754420%2C44760950%2C44762904%2C44765701%2C44767130&id=ima_html5&c=3103575307853507&domain=www.matichonweekly.com

Requested by

Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 01:30:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

206
Partial Content

videoplayback
rr3---sn-4g5e6nsk.googlevideo.com/
Redirect Chain

https://rr5---sn-5hnednss.googlevideo.com/videoplayback?expire=1659259810&ei=ItvlYp-cF5KJ6dsPzs63sAs&ip=37.58.57.1&id=df93ee1eca784fbd&itag=22&source=youtube&requiressl=yes&mh=es&mm=31&mn=sn-5hnedn...
https://rr3---sn-4g5e6nsk.googlevideo.com/videoplayback?expire=1659259810&ei=ItvlYp-cF5KJ6dsPzs63sAs&ip=37.58.57.1&id=df93ee1eca784fbd&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=...

5 MB
0

84ms
19ms

Media
video/mp4

2a00:1450:4001:62::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr3---sn-4g5e6nsk.googlevideo.com/videoplayback?expire=1659259810&ei=ItvlYp-cF5KJ6dsPzs63sAs&ip=37.58.57.1&id=df93ee1eca784fbd&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=50.178&lmt=1657034435387500&txp=5318224&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhAMHqCxOcK19CSI5vk6cWdIp-d6ZwIvfwchkbHNTxuafmAiEAt35GBKYUk5U72S3ZlRgydMrXrC-6StiuSva9SQwdmfk=&cpn=C2dalHnMkW_qkhWW&redirect_counter=1&rm=sn-5hnezs76&req_id=f7b743f86ecf36e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=es&mip=2a00:c98:2030:a004:1::4&mm=31&mn=sn-4g5e6nsk&ms=au&mt=1659230854&mv=u&mvi=3&pl=32&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAPBxR_bwIWH3AKimndEX2fhNPU2dkRkK0tKKgm8wd-ltAiBhCkZJP3ptzd5NOqMmhqot3Nqcew9nxm8PYMQrBXuB4Q%3D%3D

Requested by

Host: www.matichonweekly.com
URL: https://www.matichonweekly.com/hot-news/article_563338

Protocol

HTTP/1.1

Server

2a00:1450:4001:62::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 31 Jul 2022 01:30:10 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 Jul 2022 15:20:35 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-8670843/8670844
Cache-Control: private, max-age=28500
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 8670844
Expires: Sun, 31 Jul 2022 01:30:10 GMT

Redirect headers

Date: Sun, 31 Jul 2022 01:30:10 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: text/html
Location: https://rr3---sn-4g5e6nsk.googlevideo.com/videoplayback?expire=1659259810&ei=ItvlYp-cF5KJ6dsPzs63sAs&ip=37.58.57.1&id=df93ee1eca784fbd&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=50.178&lmt=1657034435387500&txp=5318224&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhAMHqCxOcK19CSI5vk6cWdIp-d6ZwIvfwchkbHNTxuafmAiEAt35GBKYUk5U72S3ZlRgydMrXrC-6StiuSva9SQwdmfk=&cpn=C2dalHnMkW_qkhWW&redirect_counter=1&rm=sn-5hnezs76&req_id=f7b743f86ecf36e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=es&mip=2a00:c98:2030:a004:1::4&mm=31&mn=sn-4g5e6nsk&ms=au&mt=1659230854&mv=u&mvi=3&pl=32&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAPBxR_bwIWH3AKimndEX2fhNPU2dkRkK0tKKgm8wd-ltAiBhCkZJP3ptzd5NOqMmhqot3Nqcew9nxm8PYMQrBXuB4Q%3D%3D
Cache-Control: private, max-age=900
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Content-Length: 0
Expires: Sun, 31 Jul 2022 01:30:10 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 34ms
34ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220727&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c2c0057e402d89a387f4a17dd3989f0aa841ab23e17969eaefa5a1043c875e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 Jul 2022 01:30:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10663
x-xss-protection: 0

POST
H3 200 rum Show response
www.matichonweekly.com/cdn-cgi/ 0
171 B 32ms
21ms XHR
text/plain 2606:4700:20::ac43:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.matichonweekly.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.matichonweekly.com/hot-news/article_563338
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
content-type: application/json

Response headers

date: Sun, 31 Jul 2022 01:30:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.matichonweekly.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 733291391a2f9152-FRA
vary: Origin

POST
H3 200 rum Show response
www.matichonweekly.com/cdn-cgi/ 0
171 B 32ms
23ms XHR
text/plain 2606:4700:20::ac43:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.matichonweekly.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.matichonweekly.com/hot-news/article_563338
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
content-type: application/json

Response headers

date: Sun, 31 Jul 2022 01:30:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.matichonweekly.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 733291392a429152-FRA
vary: Origin

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 396F 42 B
64 B 38ms
38ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C63aJItvlYtrXCcivgQfWwL7gDIHzjYBrkLOr4sIQsJAfEAEgmKOQSWCV0qOCsAegAYeI3YIDyAEF4AIAqAMBmAQAqgTWAk_Q2WVqUMoJObkWgqAScXpqXKC6BsvtRDMdC8yD7oN6brZd5-nuYmFsB5BnAqDJtCL-8FdWX4T6sS0lZACcdymwJ3OLApUNsOLSvILT4heZWNhMTiYIMYD6X-EKiLzF6JbE_J-24g0fUNMpwJLQ97um1okme1JcauUAG9p8M_j3Evs29GjXVbxDsIUT3yn-sFNVgvbbSvouizTceiaNmMDN8pSKvGsWih_J5a9oT-kGHOt9xaE1LgkdN_SXuPzDN9-wkFmhLyy0lOd8JO3r77U_MmJKucOjno66TP5V1kpIuJbK8ckIgWKuE24RzLoXt22d2BV5j8RsDKw_h-fT0tSCpxrjZ1miy3G1I88aP4Lyn4Exd1JG8_s-tiaZI1EPBGQRLrikc8OXDHvcTdHx4Qw3X5m2-y46Q_GiYBpcstxtu7LXClif1Zq5qOnRWrLFLvabi8Np7cAElP-dtKME4AQBiAWOlr_iQZIFCAgDEAEYAVABoAZUgAfh96J9qAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcBqAgB0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTY3OTkzNTEyNjMwNjY2MTmxCfZJCpNPGaSFgAoDyAsB0AsOuAwBsBOx_90P2BMN2BQB0BUBmBYBqBYB4hYCCAH4FgGAFwE&sigh=qfYCO16pJkw&label=video_ad_loaded&sdkv=h.3.522.0&vci=CjwIAhoLSVZTQURTRVJWRVIgAyoSSVZTX05XX0FEMDFfSVZTRU5EMhNDSVZTX05XX0FEMDFfSVZTRU5EQAAKbQgCEhBhLml2c3RyYWNrZXIubmV0GgtJVlNBRFNFUlZFUiADKiFJVlNfTldfNDk3OF9DXzg4OV9BXzk4X0xfMF9JVlNFTkQyIkNJVlNfTldfNDk3OF9DXzg4OV9BXzk4X0xfMF9JVlNFTkRAmgYKawgBEhhwdWJhZHMuZy5kb3VibGVjbGljay5uZXQaB0FkU2Vuc2UgBCoMNTY3Njc4Nzg1OTM2Mgw2MDgyNDA4ODU5NTJA1AJSIxAPJQAAXEIoAToLMzVQdUhzcDRUNzBCCWdvb2dsZWFkc1AAGAE.

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 01:30:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Oy6hyfNY.js Show response
tpc.googlesyndication.com/sodar/ Frame 396F 41 KB
15 KB 80ms
23ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.522.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 10:58:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 397887
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15406
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 26 Jul 2023 10:58:43 GMT

GET
H2 202 vast
r.ivstracker.net/prod/ Frame 396F 0
257 B 266ms
261ms Image
text/html 54.251.102.136
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.ivstracker.net/prod/vast?action=impression&device=desktop&cpid=3001652&spid=3001653&videoid=2067283&clientid=00000000-0000-0000-0000-000000000000&bucket=013&iabcategoryid=12&brand=Other&os=Windows&domain=www.matichonweekly.com&pageurl=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&widgetid=adbc5a6e-2085&playlistid=4033&playertype=IVSN&playerversion=v4.113.0&vwidth=300&vheight=168&startmode=mute&sound=off&position=1&try=0&devicetype=desktop&videoplayed0=1659231009032&hbGrp=yes&stackdepth=1&tagid=&advertiserid=&dbglog=6&cpm=invalid&dealid=invalid&bidder=invalid&instanceid=1&campaignid=&stackidx=0&savecinfo=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.251.102.136 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-251-102-136.ap-southeast-1.compute.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 31 Jul 2022 01:30:10 GMT
access-control-allow-credentials: true
x-powered-by: Express
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 202 vast
r.ivstracker.net/prod/ Frame 396F 0
369 B 268ms
262ms Image
text/html 54.251.102.136
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.ivstracker.net/prod/vast?action=impression&domain=www.matichonweekly.com&country=DE&spid=3001653&cpid=3001652&device=desktop&playertype=IVSN&clientid=00000000-0000-0000-0000-000000000000&adsclientid=A76-0b2018c5-9c46-4543-8d3e-d3ed9694f562&playlistid=4033&sound=off&startmode=mute&pageurl=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&position=1&playerversion=v4.113.0&vwidth=300&fromhb=no&iabcategoryid=12&widgetid=adbc5a6e-2085&videoid=2067283&segmentnames=&adpod=0&adcnt=1&adnum=1&ivsdebug=&stackdepth=2&adrequestid=1659231009998-231ace214b86251ab4942ecb25111378&tagid=4978&advertiserid=98&campaignid=889&stackidx=0&savecinfo=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.251.102.136 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-251-102-136.ap-southeast-1.compute.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 31 Jul 2022 01:30:10 GMT
access-control-allow-credentials: true
x-powered-by: Express
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H3 200 adview
pubads.g.doubleclick.net/pagead/ Frame 396F 0
0 76ms
71ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=C_Pl8ItvlYtrXCcivgQfWwL7gDIHzjYBrkLOr4sIQsJAfEAEgmKOQSWCV0qOCsAegAYeI3YIDyAEF4AIAqAMBmAQAqgTTAk_Q2WVqUMoJObkWgqAScXpqXKC6BsvtRDMdC8yD7oN6brZd5-nuYmFsB5BnAqDJtCL-8FdWX4T6sS0lZACcdymwJ3OLApUNsOLSvILT4heZWNhMTiYIMYD6X-EKiLzF6JbE_J-24g0fUNMpwJLQ97um1okme1JcauUAG9p8M_j3Evs29GjXVbxDsIUT3yn-sFNVgvbbSvouizTceiaNmMDN8pSKvGsWih_J5a9oT-kGHOt9xaE1LgkdN_SXuPzDN9-wkFmhLyy0lOd8JO3r77U_MmJKucOjno66TP5V1kpIuJbK8ckIgWKuE24RzLoXt22d2BV5j8RsDKw_h-fT0tSCpxrjZ1miy3G1I88aP4Lyn4Exd1JG8_tmt_SfKRuDNPa2lFu56CDouPWn9F-uZb5k2wOl5iSZSdi6p7_KyWXBB6X5ErsAf8k9OFnGdqpgoQ2GEMAElP-dtKME4AQBoAZUgAfh96J9qAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDGiDKoCAHSCBEIgOGAEBABGB0yAqoCOgKAQPIIG2FkeC1zdWJzeW4tNjc5OTM1MTI2MzA2NjYxOYAKA8gLAbATsf_dD8ITBhiHiN2CA9gTDdgUAdAVAZgWAagWAeIWAggBgBcBshceChwIABIUcHViLTk0MjI1ODUzODI2NzM1NjYYoOUf&sigh=TZ66Fd80LYY&cmd=Ch1jYS12aWRlby1wdWItOTQyMjU4NTM4MjY3MzU2NhAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&sdkv=h.3.522.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H2 200 B20932857.250678774;dc_trk_aid=446802029;dc_trk_cid=118457793;dc_dbm_token=AD1EzRQAAAA5CjMKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMIjpa_4kGoAoSqmQGwAoqd3eADQDsQ5LIXwCVOdcjFY0dOlFHpoi4STQ==;ord=41000...
ad.doubleclick.net/ddm/trackimp/N50801.279382BIDMANAGER_DFASITE_/ Frame 396F 42 B
533 B 130ms
45ms Image
image/gif 142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N50801.279382BIDMANAGER_DFASITE_/B20932857.250678774;dc_trk_aid=446802029;dc_trk_cid=118457793;dc_dbm_token=AD1EzRQAAAA5CjMKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMIjpa_4kGoAoSqmQGwAoqd3eADQDsQ5LIXwCVOdcjFY0dOlFHpoi4STQ==;ord=4100065554;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=;dc_exteid=9037044966105795194;dc_av=520;dc_sk=1;dc_ctype=84;dc_ref=;dc_pubid=3;dc_btype=23?gclid=EAIaIQobChMI2vDXl_2h-QIVyFfgCh1WoA_MEAEYASAAEgKB7_D_BwE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 01:30:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 396F 42 B
64 B 46ms
42ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cyw1_ItvlYtrXCcivgQfWwL7gDIHzjYBrkLOr4sIQsJAfEAEgmKOQSWCV0qOCsAegAYeI3YIDyAEF4AIAqAMBmAQAqgTTAk_Q2WVqUMoJObkWgqAScXpqXKC6BsvtRDMdC8yD7oN6brZd5-nuYmFsB5BnAqDJtCL-8FdWX4T6sS0lZACcdymwJ3OLApUNsOLSvILT4heZWNhMTiYIMYD6X-EKiLzF6JbE_J-24g0fUNMpwJLQ97um1okme1JcauUAG9p8M_j3Evs29GjXVbxDsIUT3yn-sFNVgvbbSvouizTceiaNmMDN8pSKvGsWih_J5a9oT-kGHOt9xaE1LgkdN_SXuPzDN9-wkFmhLyy0lOd8JO3r77U_MmJKucOjno66TP5V1kpIuJbK8ckIgWKuE24RzLoXt22d2BV5j8RsDKw_h-fT0tSCpxrjZ1miy3G1I88aP4Lyn4Exd1JG8_tmt_SfKRuDNPa2lFu56CDouPWn9F-uZb5k2wOl5iSZSdi6p7_KyWXBB6X5ErsAf8k9OFnGdqpgoQ2GEMAElP-dtKME4AQBiAWOlr_iQaAGVIAH4feifagHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAagIAdIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi02Nzk5MzUxMjYzMDY2NjE5gAoDyAsBsBOx_90P2BMN2BQB0BUBmBYBqBYB4hYCCAH4FgGAFwE&sigh=JFitUbO05Pk&cmd=Ch1jYS12aWRlby1wdWItOTQyMjU4NTM4MjY3MzU2NhAAGAI&label=vast_creativeview&ad_mt=0&acvw=sv%3D929%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D982,1,1149,299%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D50131%26vmtime%3D-1%26is%3D275%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D4140%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D540623458%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1659231005215%26ptlt%3D1659231010753%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.02%26t%3D1659231010489&sdkv=h.3.522.0&vci=CjwIAhoLSVZTQURTRVJWRVIgAyoSSVZTX05XX0FEMDFfSVZTRU5EMhNDSVZTX05XX0FEMDFfSVZTRU5EQAAKbQgCEhBhLml2c3RyYWNrZXIubmV0GgtJVlNBRFNFUlZFUiADKiFJVlNfTldfNDk3OF9DXzg4OV9BXzk4X0xfMF9JVlNFTkQyIkNJVlNfTldfNDk3OF9DXzg4OV9BXzk4X0xfMF9JVlNFTkRAmgYKbggBEhhwdWJhZHMuZy5kb3VibGVjbGljay5uZXQaB0FkU2Vuc2UgBCoMNTY3Njc4Nzg1OTM2Mgw2MDgyNDA4ODU5NTJA1AJSJhAPJQAAXEIoAToLMzVQdUhzcDRUNzBCCWdvb2dsZWFkc0iDAlAAGAE.

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 01:30:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 396F 42 B
64 B 101ms
97ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssoR3FnUfOQkgu579I0FKoDIbqfobFetJSnE7GArW85T68yG57vMy92kgqFWt3kRX9FypGy3PxrYLMcUHB00tvdXhmn79CXH0FAt4xHkV1p1l16mAnF3cxYOrIptZkMa0gESvp_Nm06tiY63M17zVTwlc_8czvqhJEjEb_I6Ng&sai=AMfl-YSx_I6akL_-hJpDfy14njsKTXleN20iqIGG6_LQHiNwdjOsIyCWlhe7pcGSDRVvedecL_R6XOHYI7ZRk8BEKXcAyjf7VU0-QUniwy2u1cq7Z7t6K1Clk_Ddjv4&sig=Cg0ArKJSzDb4-bQYvl_MEAE&cid=CAASF-RoT9Mbq_rcLfdwaFR-tOye35E4sGZQ&id=lidarv&acvw=sv%3D929%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D982,1,1149,299%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D50131%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D4140%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D540623458%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1659231005215%26ptlt%3D1659231010755%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1659231010489&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 01:30:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview_ext
pagead2.googlesyndication.com/ Frame 396F 42 B
64 B 39ms
35ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/activeview_ext?id=lidarv&avm=1&dc_pubid=3&dc_exteid=9037044966105795194&acvw=sv%3D929%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D982,1,1149,299%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D50131%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D4140%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D540623458%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1659231005215%26ptlt%3D1659231010755%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1659231010489?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 01:30:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pubid=3;dc_exteid=9037044966105795194;met=1;ecn1=1;etm1=0;eid1=200101;acvw=sv%3D929%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D982,1,1149,299%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,...
ade.googlesyndication.com/ddm/activity_ext/ Frame 396F 42 B
107 B 138ms
58ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=9037044966105795194;met=1;ecn1=1;etm1=0;eid1=200101;acvw=sv%3D929%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D982,1,1149,299%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D50131%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D4140%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D540623458%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1659231005215%26ptlt%3D1659231010755%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1659231010489?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 01:30:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 396F 42 B
64 B 46ms
42ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cyw1_ItvlYtrXCcivgQfWwL7gDIHzjYBrkLOr4sIQsJAfEAEgmKOQSWCV0qOCsAegAYeI3YIDyAEF4AIAqAMBmAQAqgTTAk_Q2WVqUMoJObkWgqAScXpqXKC6BsvtRDMdC8yD7oN6brZd5-nuYmFsB5BnAqDJtCL-8FdWX4T6sS0lZACcdymwJ3OLApUNsOLSvILT4heZWNhMTiYIMYD6X-EKiLzF6JbE_J-24g0fUNMpwJLQ97um1okme1JcauUAG9p8M_j3Evs29GjXVbxDsIUT3yn-sFNVgvbbSvouizTceiaNmMDN8pSKvGsWih_J5a9oT-kGHOt9xaE1LgkdN_SXuPzDN9-wkFmhLyy0lOd8JO3r77U_MmJKucOjno66TP5V1kpIuJbK8ckIgWKuE24RzLoXt22d2BV5j8RsDKw_h-fT0tSCpxrjZ1miy3G1I88aP4Lyn4Exd1JG8_tmt_SfKRuDNPa2lFu56CDouPWn9F-uZb5k2wOl5iSZSdi6p7_KyWXBB6X5ErsAf8k9OFnGdqpgoQ2GEMAElP-dtKME4AQBiAWOlr_iQaAGVIAH4feifagHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAagIAdIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi02Nzk5MzUxMjYzMDY2NjE5gAoDyAsBsBOx_90P2BMN2BQB0BUBmBYBqBYB4hYCCAH4FgGAFwE&sigh=JFitUbO05Pk&cmd=Ch1jYS12aWRlby1wdWItOTQyMjU4NTM4MjY3MzU2NhAAGAI&label=part2viewed&ad_mt=0&acvw=sv%3D929%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D982,1,1149,299%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D50131%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D4140%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D540623458%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1659231005215%26ptlt%3D1659231010756%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1659231010489&sdkv=h.3.522.0&vci=CjwIAhoLSVZTQURTRVJWRVIgAyoSSVZTX05XX0FEMDFfSVZTRU5EMhNDSVZTX05XX0FEMDFfSVZTRU5EQAAKbQgCEhBhLml2c3RyYWNrZXIubmV0GgtJVlNBRFNFUlZFUiADKiFJVlNfTldfNDk3OF9DXzg4OV9BXzk4X0xfMF9JVlNFTkQyIkNJVlNfTldfNDk3OF9DXzg4OV9BXzk4X0xfMF9JVlNFTkRAmgYKbggBEhhwdWJhZHMuZy5kb3VibGVjbGljay5uZXQaB0FkU2Vuc2UgBCoMNTY3Njc4Nzg1OTM2Mgw2MDgyNDA4ODU5NTJA1AJSJhAPJQAAXEIoAToLMzVQdUhzcDRUNzBCCWdvb2dsZWFkc0iDAlAAGAE.

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 01:30:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pubid=3;dc_exteid=9037044966105795194;met=1;ecn1=1;etm1=0;eid1=11;acvw=sv%3D929%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D982,1,1149,299%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0...
ade.googlesyndication.com/ddm/activity_ext/ Frame 396F 42 B
494 B 137ms
58ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=9037044966105795194;met=1;ecn1=1;etm1=0;eid1=11;acvw=sv%3D929%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D982,1,1149,299%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D50131%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D4140%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D540623458%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1659231005215%26ptlt%3D1659231010756%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1659231010489?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 01:30:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 202 vast
r.ivstracker.net/prod/ Frame 396F 0
369 B 265ms
261ms Image
text/html 54.251.102.136
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.ivstracker.net/prod/vast?action=start&domain=www.matichonweekly.com&country=DE&spid=3001653&cpid=3001652&device=desktop&playertype=IVSN&clientid=00000000-0000-0000-0000-000000000000&adsclientid=A76-0b2018c5-9c46-4543-8d3e-d3ed9694f562&playlistid=4033&sound=off&startmode=mute&pageurl=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&position=1&playerversion=v4.113.0&vwidth=300&fromhb=no&iabcategoryid=12&widgetid=adbc5a6e-2085&videoid=2067283&segmentnames=&adpod=0&adcnt=1&adnum=1&ivsdebug=&stackdepth=2&adrequestid=1659231009998-231ace214b86251ab4942ecb25111378&tagid=4978&advertiserid=98&campaignid=889&stackidx=0&savecinfo=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.251.102.136 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-251-102-136.ap-southeast-1.compute.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 31 Jul 2022 01:30:10 GMT
access-control-allow-credentials: true
x-powered-by: Express
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 202 vast
r.ivstracker.net/prod/ Frame 396F 0
257 B 265ms
261ms Image
text/html 54.251.102.136
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.ivstracker.net/prod/vast?action=start&device=desktop&cpid=3001652&spid=3001653&videoid=2067283&clientid=00000000-0000-0000-0000-000000000000&bucket=013&iabcategoryid=12&brand=Other&os=Windows&domain=www.matichonweekly.com&pageurl=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&widgetid=adbc5a6e-2085&playlistid=4033&playertype=IVSN&playerversion=v4.113.0&vwidth=300&vheight=168&startmode=mute&sound=off&position=1&try=0&devicetype=desktop&videoplayed0=1659231009032&hbGrp=yes&stackdepth=1&tagid=&advertiserid=&dbglog=6&cpm=invalid&dealid=invalid&bidder=invalid&instanceid=1&campaignid=&stackidx=0&savecinfo=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.251.102.136 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-251-102-136.ap-southeast-1.compute.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 31 Jul 2022 01:30:10 GMT
access-control-allow-credentials: true
x-powered-by: Express
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 396F 0
20 B 91ms
87ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?evt=showui&format=TRUEVIEW&lid=143&sdkv=h.3.522.0&e=44725355%2C44750822%2C44751890%2C44754420%2C44760950%2C44762904%2C44765701%2C44767130&id=ima_html5&c=3103575307853507&domain=www.matichonweekly.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 01:30:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 396F 42 B
64 B 46ms
43ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cyw1_ItvlYtrXCcivgQfWwL7gDIHzjYBrkLOr4sIQsJAfEAEgmKOQSWCV0qOCsAegAYeI3YIDyAEF4AIAqAMBmAQAqgTTAk_Q2WVqUMoJObkWgqAScXpqXKC6BsvtRDMdC8yD7oN6brZd5-nuYmFsB5BnAqDJtCL-8FdWX4T6sS0lZACcdymwJ3OLApUNsOLSvILT4heZWNhMTiYIMYD6X-EKiLzF6JbE_J-24g0fUNMpwJLQ97um1okme1JcauUAG9p8M_j3Evs29GjXVbxDsIUT3yn-sFNVgvbbSvouizTceiaNmMDN8pSKvGsWih_J5a9oT-kGHOt9xaE1LgkdN_SXuPzDN9-wkFmhLyy0lOd8JO3r77U_MmJKucOjno66TP5V1kpIuJbK8ckIgWKuE24RzLoXt22d2BV5j8RsDKw_h-fT0tSCpxrjZ1miy3G1I88aP4Lyn4Exd1JG8_tmt_SfKRuDNPa2lFu56CDouPWn9F-uZb5k2wOl5iSZSdi6p7_KyWXBB6X5ErsAf8k9OFnGdqpgoQ2GEMAElP-dtKME4AQBiAWOlr_iQaAGVIAH4feifagHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAagIAdIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi02Nzk5MzUxMjYzMDY2NjE5gAoDyAsBsBOx_90P2BMN2BQB0BUBmBYBqBYB4hYCCAH4FgGAFwE&sigh=JFitUbO05Pk&cmd=Ch1jYS12aWRlby1wdWItOTQyMjU4NTM4MjY3MzU2NhAAGAI&label=admute&ad_mt=0&acvw=sv%3D929%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D982,1,1149,299%26tos%3D12,0,0,0,0%26mtos%3D12,12,12,12,12%26amtos%3D0,0,0,0,0%26mcvt%3D12%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D12%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D12%26pst%3D-1%26dur%3D50131%26vmtime%3D-1%26dvs%3D12%26dfvs%3D12%26dvpt%3D12%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D4140%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D540623458%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1659231005215%26ptlt%3D1659231010759%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,12&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1659231010489&sdkv=h.3.522.0&vci=CjwIAhoLSVZTQURTRVJWRVIgAyoSSVZTX05XX0FEMDFfSVZTRU5EMhNDSVZTX05XX0FEMDFfSVZTRU5EQAAKbQgCEhBhLml2c3RyYWNrZXIubmV0GgtJVlNBRFNFUlZFUiADKiFJVlNfTldfNDk3OF9DXzg4OV9BXzk4X0xfMF9JVlNFTkQyIkNJVlNfTldfNDk3OF9DXzg4OV9BXzk4X0xfMF9JVlNFTkRAmgYKbggBEhhwdWJhZHMuZy5kb3VibGVjbGljay5uZXQaB0FkU2Vuc2UgBCoMNTY3Njc4Nzg1OTM2Mgw2MDgyNDA4ODU5NTJA1AJSJhAPJQAAXEIoAToLMzVQdUhzcDRUNzBCCWdvb2dsZWFkc0iDAlAAGAE.

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 01:30:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pubid=3;dc_exteid=9037044966105795194;met=1;ecn1=1;etm1=0;eid1=16;acvw=sv%3D929%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D982,1,1149,299%26tos%3D12,0,0,0,0%26mtos%3D12,12,12,12,12%26amtos%3D...
ade.googlesyndication.com/ddm/activity_ext/ Frame 396F 42 B
107 B 136ms
58ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=9037044966105795194;met=1;ecn1=1;etm1=0;eid1=16;acvw=sv%3D929%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D982,1,1149,299%26tos%3D12,0,0,0,0%26mtos%3D12,12,12,12,12%26amtos%3D0,0,0,0,0%26mcvt%3D12%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D12%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D12%26pst%3D-1%26dur%3D50131%26vmtime%3D-1%26dvs%3D12%26dfvs%3D12%26dvpt%3D12%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D4140%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D540623458%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1659231005215%26ptlt%3D1659231010759%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,12;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1659231010489?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 01:30:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 82ms
33ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 31 Jul 2022 01:30:10 GMT

GET
H/1.1 200
OK videoPlayPaused Show response
p-events.ivideosmart.com/prod/v1/ 0
293 B 177ms
177ms XHR
application/json 193.108.153.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p-events.ivideosmart.com/prod/v1/videoPlayPaused?clientConnType=Corporate&clientGroup=000&clientID=00000000-0000-0000-0000-000000000000&containerID=ivsplayer01&cpID=3001652&cpName=Matichon%20Weekly&device=others&domainAppName=www.matichonweekly.com&engVersion=0&eventAction=videoPlayPaused&eventPlayhead=1.015353&eventStarted=mute&eventTime=5817&isOutstream=0&pageArticleID=95489e1339036851dc71d6725e9ff22b&pageID=1659231004953-17f69d62903d8&playerFlag=AD_nAndmTimePlay&playerMajorVersion=4&playerVersion=v4.113.0&productID=adbc5a6e-2085&productName=IVSN&referrer=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&spID=3001653&spName=Matichon%20Weekly&videoDuration=30&videoID=2067283&videoPlayedDuration=0&videoRequestId=1659231004968-f2b6db0509041&videoTitle=%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%94%E0%B9%88%E0%B8%99&videoType=ivideostream&__token__=st=1659231006~exp=1659238206~acl=/*~id=avs5jb6l9w5~hmac=dc986cf5c9024d2bec1be2e5c17b10ad58a5c43b77c7e4bb9ca64e8831ce3bcb
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-10.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://www.matichonweekly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.matichonweekly.com
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Forward-Proto: http
Akamai-Mon-Iucid-Del: 1190329
CDN-Origin-Protocol: HTTP
Content-Length: 0
Content-Type: application/json

GET
H/1.1 200
OK adPlayed Show response
p-events.ivideosmart.com/prod/v1/ 0
293 B 182ms
182ms XHR
application/json 193.108.153.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p-events.ivideosmart.com/prod/v1/adPlayed?adCnt=1&adId=567678785936&adLinear=1&adNum=1&adPlacement=preroll&adPod=0&adRequestId=1659231009264-654c735b902b6&adSystem=AdSense&adTally=1&clientConnType=Corporate&clientGroup=000&clientID=00000000-0000-0000-0000-000000000000&containerID=ivsplayer01&cpID=3001652&cpName=Matichon%20Weekly&device=others&domainAppName=www.matichonweekly.com&engVersion=0&eventAction=adPlayed&eventPlayhead=1.015353&eventStarted=mute&eventTime=5819&isOutstream=0&pageArticleID=95489e1339036851dc71d6725e9ff22b&pageID=1659231004953-17f69d62903d8&playerFlag=AD_nAndmTimePlay&playerMajorVersion=4&playerVersion=v4.113.0&productID=adbc5a6e-2085&productName=IVSN&referrer=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&spID=3001653&spName=Matichon%20Weekly&videoDuration=30&videoID=2067283&videoPlayedDuration=0&videoRequestId=1659231004968-f2b6db0509041&videoTitle=%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%94%E0%B9%88%E0%B8%99&videoType=ivideostream&__token__=st=1659231006~exp=1659238206~acl=/*~id=avs5jb6l9w5~hmac=dc986cf5c9024d2bec1be2e5c17b10ad58a5c43b77c7e4bb9ca64e8831ce3bcb
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-10.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://www.matichonweekly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.matichonweekly.com
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Forward-Proto: http
Akamai-Mon-Iucid-Del: 1190329
CDN-Origin-Protocol: HTTP
Content-Length: 0
Content-Type: application/json

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 93ms
93ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931153&asId=a86ad1d1-7953-3872-cff6-b97b5c6df4e1&tv=%7Bc:jU7BqI,time:4319,type:e,im:%7Bpci:%7Btdr:3345%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:4319,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:904,wc:0.0.1600.1200,ac:0.0.1600.7586,am:a,cc:0.0.1600.7586,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B3445~0%5D,as:%5B793~1600.5850,1002~1600.7352,1650~1600.7586%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:92,fm:td7Kd5b+1*.931153%7C11%7C12%7C13%7C14%7C15%7C161%7C171%7C181%7C191%7C1a1%7C1b1%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h,idMap:1*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 31 Jul 2022 01:30:10 GMT
X-Server-Name: dt41.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3 200 hhrtBw21.html Show response
tpc.googlesyndication.com/sodar/ Frame 15D3 23 KB
9 KB 28ms
27ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/hhrtBw21.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 348911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 27 Jul 2022 00:34:59 GMT
expires: Thu, 27 Jul 2023 00:34:59 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 34F4 13 KB
5 KB 26ms
25ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.matichonweekly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 22687
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 30 Jul 2022 19:12:03 GMT
expires: Sun, 30 Jul 2023 19:12:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C172 783 B
536 B 33ms
33ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

82ffa92718627d527751da0dd9d6744038618f2cd00f3e8e0ea14867ede8e9ea

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3E9o4keJEXQxhYg9UMUtqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.matichonweekly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-3E9o4keJEXQxhYg9UMUtqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 31 Jul 2022 01:30:10 GMT
expires: Sun, 31 Jul 2022 01:30:10 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js Show response
pagead2.googlesyndication.com/bg/ Frame 15D3 36 KB
14 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 20:23:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18375
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13883
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 30 Jul 2023 20:23:55 GMT

GET
H3 200 4JAIKwid8f35vx5JMDPHWQJTURDOey7UpTPwaznZUPM.js Show response
pagead2.googlesyndication.com/bg/ Frame 34F4 36 KB
14 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4JAIKwid8f35vx5JMDPHWQJTURDOey7UpTPwaznZUPM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e090082b089df1fdf9bf1e493033c75902535110ce7b2ed4a533f06b39d950f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 21:07:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 102164
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13903
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Jul 2023 21:07:26 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C172 0
0 68ms
67ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220727&jk=2341100944955711&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H2 200 3001652-2067283-240-180-0003.ts Show response
3001653-matichon-weekly.cf.ivideosmart.com/3001652/2067283/ 73 KB
74 KB 753ms
753ms XHR
video/mp2t 2600:9000:206f:4800:13:dd95:c600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://3001653-matichon-weekly.cf.ivideosmart.com/3001652/2067283/3001652-2067283-240-180-0003.ts
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.12.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4800:13:dd95:c600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc4e1dc7d53e2c420f2c5a533b24817327da6b172c15d2e30f796711207d0104

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:12 GMT
via: 1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-length: 75200
last-modified: Tue, 07 Jun 2022 04:06:15 GMT
server: AmazonS3
etag: "b3ddfeac1478790fc6b783a5a1cdf1ad"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: video/mp2t
access-control-allow-origin: https://www.matichonweekly.com
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-cf-id: VMQI4T59CmDjiZDJExNy0PqkVN9xTJs5Y01pcMyD3YSjO_eXYB-f3g==

GET
H2 204 playback
s.youtube.com/api/stats/ Frame 396F 0
0 72ms
19ms Image
text/html 2a00:1450:400c:c0a::8a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.youtube.com/api/stats/playback?ns=yt&fexp=44725355%2C44750822%2C44751890%2C44754420%2C44760950%2C44762904%2C44765701%2C44767130&el=adunit&cpn=C2dalHnMkW_qkhWW&docid=35PuHsp4T70&visitordata=CgtSTy1JNGJZZHZlNA%253D%253D&ver=2&cmt=0.199&fmt=18&rt=0.000&adformat=2_2_1&euri=https%3A%2F%2Fwww.matichonweekly.com%2F&len=50.132&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=103.0.5060.134&cos=Win32&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=28&rtn=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::8a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 15D3 0
20 B 50ms
50ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.522.0&bgai=BrS1sItvlYtrXCcivgQfWwL7gDAAAAAA4AboFEwj989WX_aH5AhXLA-AKHQnfCEo&bg=!m5ilmNzNAAacadVKvGk7ACkAdvg8WpKRNhmlRqtycc41MLV8y9wu78bohBRdhzIPbqW9xMfaVS4sIwIAAABzUgAAAAJoAQcKARZCjuLPa9aoNAvt05ZEdyUucKrT3XjHjcFcuslMuFmcJKksfgnytsv7_jEJWJ7J3EpEUtBe8nNGhWOX-_Wy5x8afztb2ZwQJa4XCk_aWQ3BMZhzt0mVf69e6r2v26nLB0gbWIQhcPToTZ285MIE-g_NjlkJePZ5C6-4ucS7Pj0ErVDMdGz973r20Wshdre1ZQX3muVOvhvw8OOhqBhG3ZcQ4R2uoaB-WIKK3aofs2EPgmvWM8bgWp54icRyErltsyBYK7ceKbJr9bdkQCJ0XLJEB2wA16uSAugCCKUw83_cFGwUkdAxd7q614FWFFf4PXj2ZstgKXeuDHqnMQprKaW56TtaEbX0syaaDsIx8LjiEPvsPElEI5kCTXdabt4c0GuO-VJ3x2lQHTvbKZ9Z7iTha7vryGtE69UQ_D8AvAkZxUu56k5u2lfp1-5g1sn1cFcD5eNmyW9ZJGrrb5QYzLkw0P-nyP2x4OczfZUWZV2bf0KoZKoSV1SAxMZqEjrlvZ26QjYuVtcgfmabGsvCvj3GUqOH_OqsZw-oLg9hqJCtKN4g5nEsV4fXIM5RwuKlS4-KWBmFFWKgtiQN12NvOs090tUkXpISqO09XL937mwsOjRG1w1XQhn5PfjZBEX9oDuVYHIF3VP4TzBexYdTMGZbSQjkGxgXCigz8aNnqg5_CKhmgb9YCHTsPLp65t9S5dzoIhUYJXAg-0fDjjxpxVBvJUbQL7YQ-tWXbaFVcTijcTlXw5n7RnsHlPQr5-wKqSy54xFEu3_ISWQEO0BquUSpYzbAVPVOFqPxeE9SbYsQvPKRPpIoqXmQ-_gb9nWNe9ZUeGO2g5tz8b4i1LP3U-tMMjDl_rsC_04PCgV9Xu2DlSpDDcpPG3nD8n2iMsToGCc8eYmkOqzIHAjizJtFTmHWwd-_ZR63qDCvRfx0OJ13X7xvEkAT2w7SPic_bPM5Q180Hd-SAxVqKrfmwl1QIUI6O0Pcs_5L5bAHPPAejyX8jbhuUZRARabN6jhcaZDzM7t1mG20rhCC7OzrUyInoKpfaX7UatVD3Q2Hl0QHAdYt5SfUkZ1BPENewUU5GHxgxzG9zkB4S60ckbF2H5ynxrwwYaHAXEUpDAhGcw6O_6IfTBOliWGozXcC1wm2-aVOtegadD7odl4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 01:30:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 34F4 0
9 B 13ms
12ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?QDQnTQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H2 200 /
track.adform.net/serving/unload/ Frame CCD0 35 B
503 B 29ms
28ms Ping
image/gif 37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=6190494811640102372@@53578336,2440756737014485258,0|0|0|0|0|0|0|0|0||0|1|||||1|0|0|DHnQe8rv6Z1X7EYoWZQhUa1_9a3UeOxu5FftSPALzMpz4vkbpVaj6RhpnBRkvb3lA7z_uuw_WOM1|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 01:30:11 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 1D8B 35 B
503 B 29ms
28ms Ping
image/gif 37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=5514431867155879621@@54736914,190916884924567640,100|4900|0|0|0|0|0|0|0||191|1|||||1|0|0|Zx-7hHJ1MvNX7EYoWZQhUbPeTr-2FSpSWXHi9_ClflFAyVEzoo3CNRhpnBRkvb3lA7z_uuw_WOM1|||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 01:30:11 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 / Show response
aiqua-sdk.c.appier.net/aiqua/web/73ad50a3dfb780a32ec4/data/ 0
314 B 254ms
253ms XHR
application/json 18.138.163.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aiqua-sdk.c.appier.net/aiqua/web/73ad50a3dfb780a32ec4/data/
Requested by: Host: cdn.qgraph.io
URL: https://cdn.qgraph.io/v3/r/aiqua.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.138.163.233 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-138-163-233.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.3.9.v20160517) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.matichonweekly.com/
accept-language: de-DE,de;q=0.9
Package-Name: www.matichonweekly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 31 Jul 2022 01:30:11 GMT
server: Jetty(9.3.9.v20160517)
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.matichonweekly.com
access-control-allow-credentials: true
access-control-allow-headers: Package-Name, Content-Type
content-length: 0

OPTIONS
H2 200 /
aiqua-sdk.c.appier.net/aiqua/web/73ad50a3dfb780a32ec4/data/ Frame 0
0 249ms
248ms Preflight
application/json 18.138.163.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aiqua-sdk.c.appier.net/aiqua/web/73ad50a3dfb780a32ec4/data/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.138.163.233 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-138-163-233.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.3.9.v20160517) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,package-name
Access-Control-Request-Method: POST
Origin: https://www.matichonweekly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Package-Name, Content-Type
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://www.matichonweekly.com
access-control-max-age: 604800
cache-control: max-age=604800
content-length: 0
content-type: application/json
date: Sun, 31 Jul 2022 01:30:11 GMT
server: Jetty(9.3.9.v20160517)

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 65ms
65ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220727&jk=2341100944955711&bg=!Y2ClYCTNAAacadVKvGk7ACkAdvg8WmlFi_uwGpVzkkpRRRp-bWFZgQg99vsaWvbeb57Yqq6IJlJXSQIAAABkUgAAAAloAQcKACoZhZFhmZqAqxzzjQufXMDT5JyOqllsjX6Nf542BEX1rGIQYEf0iHRARPOZAp117rmQaAOFF75msaBgC8WFINCPjm1-_re2YtIie12Z82Eh7TH2_j-t5bdbrcTgjOwLV0YUpEVJVsBjY_0dbmhLKC9UHUeCT7LxYCniWBeifHoPMH36RJq62VIL5_RF4eA2JWcWWy61UDOGWWt_QbWg8BlUDanA2ymrYqOQVbx2FIIY8PF_WROQR42VxiRpSt2uXzEI4D-6qgTnGmbNB0mPvyihCuohxwFhm-sRfNzpexZS_9FGSrAfKlDs08WN1g74sWJcUSGSPSvlfZAHKQiqb2wdm8B6s965eKMp6gb44Q8KVfoWTN6vZ8dvOPKzdUAtADI-EQj6JVyk7oa3D3vj1TpxxD1wSM4P80tf__VMOob7bpbuHqPdOiB3EVR5xFufsAvhMRhIZiPcn0J4ORfspmc9qVz6DsO33GLx9wM3S5hcxiGySfnlnOhQF663X406tLk4FaTT-cWlPiiCM4R8lpY8k8gI94hIqaCI_Hoah2GYnCuLgxxlkmnu3QvKJnFhJDyTOR0SaHIGoNCnL97rGZpE8M_yzG1tQ08tBIgjRimNzUzj9dwHAZQ4eH3ImB9VVR0VeuQ8CWoQszePCYQx4plwyjRZCUS8Q8gcO8jVEuWfD6vN8ltQIJGZRbzkJVC7mIvqRWkcnTaMD2AfrJD_PWokD-Wv0tcAmGJo1l8kLYVqff6ckVVgOs0iYApZxOJujetMvmETijnNI9azGClg89wwmHvfuELrkcOAsCu64Wsu3umV1Lw7O1RKDjQJHlsSrKbfliZpz_t1sTwBKeiNVaTPY5Luf0C6JbrZGkWcvBki0YiPs7lf9O5n_G_JLEZWb4uPTbJF_CYU3s0o8Ykq7FgeCuEOIlI4kVKSEHI_iTIieUachFU3t1ewIdg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ 0
54 B 569ms
267ms Ping
image/gif 2404:6800:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=2~l68naxfs&c=7266885146716&slotId=3633442573358&met.4=hvd_lc.l68naxfs~hvd_ad.l68naxfs~hvd_mad.l68naxfs~hvd_admu.l68naxfs~hvd_src.l68naxfs&ps=298x167
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4001:808::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 01:30:12 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3001652-2067283-240-180-0004.ts Show response
3001653-matichon-weekly.cf.ivideosmart.com/3001652/2067283/ 80 KB
81 KB 751ms
751ms XHR
video/mp2t 2600:9000:206f:4800:13:dd95:c600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://3001653-matichon-weekly.cf.ivideosmart.com/3001652/2067283/3001652-2067283-240-180-0004.ts
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.12.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4800:13:dd95:c600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ebe155ab5706a90a4ba62bdfbcc044a57dbf04b6389f6de9044779fb7968c436

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:13 GMT
via: 1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-length: 82156
last-modified: Tue, 07 Jun 2022 04:06:15 GMT
server: AmazonS3
etag: "c70737531568cc3ea3fc865af5618e22"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: video/mp2t
access-control-allow-origin: https://www.matichonweekly.com
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-cf-id: yO3HTBzdj4MSLvNm39Dn_NbenDYK549rTLN7-FvPx6aL6v2G7hxZUw==

GET
H/1.1 200
OK checksum Show response
api.dable.io/items/services/matichonweekly.com/id/563338/ 97 B
411 B 297ms
297ms Script
text/javascript 13.209.232.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dable.io/items/services/matichonweekly.com/id/563338/checksum?callback=dbljson3

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.209.232.2 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-209-232-2.ap-northeast-2.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

f73dba8fc6450d27bb6254d9b89aac743a6891a30b31a0cebada2473303b0388

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: istio-envoy
etag: W/"61-MwPBPqnF18O/1hBHI1khmklNUsY"
content-type: text/javascript; charset=utf-8
x-envoy-upstream-service-time: 8
Connection: keep-alive
Content-Length: 110

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ 0
42 B 61ms
14ms Image
text/plain 198.47.127.18
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=159892
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:10 GMT
content-length: 0

GET
H/1.1 200
OK update Show response
api.dable.io/items/services/matichonweekly.com/id/563338/ 65 B
337 B 307ms
306ms Script
text/javascript 13.209.232.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dable.io/items/services/matichonweekly.com/id/563338/update?title=%E0%B8%9A%E0%B8%81.%20%E0%B8%9B%E0%B8%AD%E0%B8%A8.%E0%B8%9E%E0%B8%9A%20%E0%B8%99%E0%B8%B1%E0%B8%81%E0%B8%AD%E0%B8%AD%E0%B8%81%E0%B9%81%E0%B8%9A%E0%B8%9A%E0%B9%83%E0%B8%99%E0%B8%81%E0%B8%A3%E0%B8%B8%E0%B8%87%E0%B9%80%E0%B8%97%E0%B8%9E%E0%B8%AF%20WFH%20%E0%B9%83%E0%B8%8A%E0%B9%89%E0%B8%8B%E0%B8%AD%E0%B8%9F%E0%B8%95%E0%B9%8C%E0%B9%81%E0%B8%A7%E0%B8%A3%E0%B9%8C%E0%B8%9C%E0%B8%B4%E0%B8%94%E0%B8%81%E0%B8%8E%E0%B8%AB%E0%B8%A1%E0%B8%B2%E0%B8%A2!&image_url=https%3A%2F%2Fwww.matichonweekly.com%2Fwp-content%2Fuploads%2F2022%2F06%2F286130853_706081487118454_6239794186772126587_n.jpg&price=&author=https%3A%2F%2Fwww.facebook.com%2Fmatichonweekly&currency=&sale_price=&sale_currency=&category1=%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%94%E0%B9%88%E0%B8%99&category2=&category3=&custom1=&custom2=&custom3=&custom4=&custom5=&published_time=2022-06-07T08%3A29%3A53%2B00%3A00&url=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&description=%E0%B8%9A%E0%B8%81.%E0%B8%9B%E0%B8%AD%E0%B8%A8.%20%E0%B8%A3%E0%B8%B2%E0%B8%A2%E0%B8%87%E0%B8%B2%E0%B8%99%20%E0%B8%9E%E0%B8%9A%E0%B8%81%E0%B8%A3%E0%B8%93%E0%B8%B5%E0%B8%9E%E0%B8%99%E0%B8%B1%E0%B8%81%E0%B8%87%E0%B8%B2%E0%B8%99%E0%B8%A0%E0%B8%B2%E0%B8%A2%E0%B9%83%E0%B8%99%E0%B8%AD%E0%B8%87%E0%B8%84%E0%B9%8C%E0%B8%81%E0%B8%A3%E0%B8%AD%E0%B8%A2%E0%B9%88%E0%B8%B2%E0%B8%87%E0%B8%99%E0%B9%89%E0%B8%AD%E0%B8%A2%E0%B8%AB%E0%B8%99%E0%B8%B6%E0%B9%88%E0%B8%87%E0%B9%81%E0%B8%AB%20%5B%E2%80%A6%5D&body_length=2769&callback=dbljson4

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.209.232.2 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-209-232-2.ap-northeast-2.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

2a03fb4b5919e5b637568d74b2ae96d11a22a0ccaa32ece91c1337f269677099

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: istio-envoy
content-type: text/javascript; charset=utf-8
x-envoy-upstream-service-time: 16
Connection: keep-alive
Content-Length: 78

POST
H2 200 nhwimp Show response
nhwimp.izooto.com/ 0
70 B 430ms
131ms XHR
text/plain 52.172.204.196
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://nhwimp.izooto.com/nhwimp
Requested by: Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.172.204.196 Pune, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.matichonweekly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 31 Jul 2022 01:30:12 GMT
x-powered-by: ASP.NET
content-length: 0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 396F 42 B
64 B 58ms
57ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssoR3FnUfOQkgu579I0FKoDIbqfobFetJSnE7GArW85T68yG57vMy92kgqFWt3kRX9FypGy3PxrYLMcUHB00tvdXhmn79CXH0FAt4xHkV1p1l16mAnF3cxYOrIptZkMa0gESvp_Nm06tiY63M17zVTwlc_8czvqhJEjEb_I6Ng&sai=AMfl-YSx_I6akL_-hJpDfy14njsKTXleN20iqIGG6_LQHiNwdjOsIyCWlhe7pcGSDRVvedecL_R6XOHYI7ZRk8BEKXcAyjf7VU0-QUniwy2u1cq7Z7t6K1Clk_Ddjv4&sig=Cg0ArKJSzDb4-bQYvl_MEAE&cid=CAASF-RoT9Mbq_rcLfdwaFR-tOye35E4sGZQ&id=lidarv&acvw=sv%3D929%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D982,1,1149,299%26tos%3D2040,0,0,0,0%26mtos%3D2040,2040,2040,2040,2040%26amtos%3D0,0,0,0,0%26mcvt%3D2040%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2040%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D421%26pst%3D421%26dur%3D50131%26vmtime%3D1957%26dtos%3D2040%26dtoss%3D1%26dvs%3D2028%26dfvs%3D2028%26dvpt%3D2028%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D4140%26femvt%3D0%26emc%3D13%26emuc%3D0%26emb%3D12,0,0,0,0%26avms%3Dexc%26qi%3D540623458%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26pnmm%3D1659231005215%26ptlt%3D1659231012788%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2040&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1659231010489

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 01:30:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview_ext
pagead2.googlesyndication.com/ Frame 396F 42 B
64 B 23ms
20ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/activeview_ext?id=lidarv&dc_pubid=3&dc_exteid=9037044966105795194&acvw=sv%3D929%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D982,1,1149,299%26tos%3D2040,0,0,0,0%26mtos%3D2040,2040,2040,2040,2040%26amtos%3D0,0,0,0,0%26mcvt%3D2040%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2040%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D421%26pst%3D421%26dur%3D50131%26vmtime%3D1957%26dtos%3D2040%26dtoss%3D1%26dvs%3D2028%26dfvs%3D2028%26dvpt%3D2028%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D4140%26femvt%3D0%26emc%3D13%26emuc%3D0%26emb%3D12,0,0,0,0%26avms%3Dexc%26qi%3D540623458%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26pnmm%3D1659231005215%26ptlt%3D1659231012788%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2040&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1659231010489?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 01:30:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_pubid=3;dc_exteid=9037044966105795194;met=1;ecn1=1;etm1=0;eid1=200000;acvw=sv%3D929%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D982,1,1149,299%26tos%3D2040,0,0,0,0%26mtos%3D2040,2040,2040,2040,...
ade.googlesyndication.com/ddm/activity_ext/ Frame 396F 42 B
63 B 85ms
53ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=9037044966105795194;met=1;ecn1=1;etm1=0;eid1=200000;acvw=sv%3D929%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D982,1,1149,299%26tos%3D2040,0,0,0,0%26mtos%3D2040,2040,2040,2040,2040%26amtos%3D0,0,0,0,0%26mcvt%3D2040%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2040%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D421%26pst%3D421%26dur%3D50131%26vmtime%3D1957%26dtos%3D2040%26dtoss%3D1%26dvs%3D2028%26dfvs%3D2028%26dvpt%3D2028%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D4140%26femvt%3D0%26emc%3D13%26emuc%3D0%26emb%3D12,0,0,0,0%26avms%3Dexc%26qi%3D540623458%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26pnmm%3D1659231005215%26ptlt%3D1659231012788%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2040;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1659231010489?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 01:30:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 202 vast
r.ivstracker.net/prod/ Frame 396F 0
369 B 262ms
260ms Image
text/html 54.251.102.136
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.ivstracker.net/prod/vast?action=viewable_impression&domain=www.matichonweekly.com&country=DE&spid=3001653&cpid=3001652&device=desktop&playertype=IVSN&clientid=00000000-0000-0000-0000-000000000000&adsclientid=A76-0b2018c5-9c46-4543-8d3e-d3ed9694f562&playlistid=4033&sound=off&startmode=mute&pageurl=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&position=1&playerversion=v4.113.0&vwidth=300&fromhb=no&iabcategoryid=12&widgetid=adbc5a6e-2085&videoid=2067283&segmentnames=&adpod=0&adcnt=1&adnum=1&ivsdebug=&stackdepth=2&adrequestid=1659231009998-231ace214b86251ab4942ecb25111378&tagid=4978&advertiserid=98&campaignid=889&stackidx=0&savecinfo=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.251.102.136 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-251-102-136.ap-southeast-1.compute.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 31 Jul 2022 01:30:12 GMT
access-control-allow-credentials: true
x-powered-by: Express
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 202 vast
r.ivstracker.net/prod/ Frame 396F 0
257 B 264ms
262ms Image
text/html 54.251.102.136
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.ivstracker.net/prod/vast?action=viewable_impression&device=desktop&cpid=3001652&spid=3001653&videoid=2067283&clientid=00000000-0000-0000-0000-000000000000&bucket=013&iabcategoryid=12&brand=Other&os=Windows&domain=www.matichonweekly.com&pageurl=https%3A%2F%2Fwww.matichonweekly.com%2Fhot-news%2Farticle_563338&widgetid=adbc5a6e-2085&playlistid=4033&playertype=IVSN&playerversion=v4.113.0&vwidth=300&vheight=168&startmode=mute&sound=off&position=1&try=0&devicetype=desktop&videoplayed0=1659231009032&hbGrp=yes&stackdepth=1&tagid=&advertiserid=&dbglog=6&cpm=invalid&dealid=invalid&bidder=invalid&instanceid=1&campaignid=&stackidx=0&savecinfo=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.251.102.136 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-251-102-136.ap-southeast-1.compute.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 31 Jul 2022 01:30:12 GMT
access-control-allow-credentials: true
x-powered-by: Express
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 3001652-2067283-240-180-0005.ts Show response
3001653-matichon-weekly.cf.ivideosmart.com/3001652/2067283/ 73 KB
73 KB 724ms
723ms XHR
video/mp2t 2600:9000:206f:4800:13:dd95:c600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://3001653-matichon-weekly.cf.ivideosmart.com/3001652/2067283/3001652-2067283-240-180-0005.ts
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.12.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4800:13:dd95:c600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 70994b55b156febbc5a4c4ead2f014f32f8359b3aa301d8f27968356520a47d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:14 GMT
via: 1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-length: 74448
last-modified: Tue, 07 Jun 2022 04:06:15 GMT
server: AmazonS3
etag: "a5e99d957e1978b854fd1734cb2c0fed"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: video/mp2t
access-control-allow-origin: https://www.matichonweekly.com
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-cf-id: Iy93MbbQS7fUY2VxikuzXQexMfuh8uxgUSPtPLERTiz9ujiSFIwoQw==

POST
H2 200 all
csm.eu.criteo.net/ Frame 753F 0
127 B 18ms
17ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 31 Jul 2022 01:30:12 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 3001652-2067283-240-180-0006.ts Show response
3001653-matichon-weekly.cf.ivideosmart.com/3001652/2067283/ 63 KB
64 KB 781ms
781ms XHR
video/mp2t 2600:9000:206f:4800:13:dd95:c600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://3001653-matichon-weekly.cf.ivideosmart.com/3001652/2067283/3001652-2067283-240-180-0006.ts
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.12.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4800:13:dd95:c600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aa9b96f05acdbc3620d753128c182f3f95d07a3ab9a9546edbf7ec69ac37ec78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:15 GMT
via: 1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-length: 64484
last-modified: Tue, 07 Jun 2022 04:06:15 GMT
server: AmazonS3
etag: "ec98b702ecff28eda310d2839cac64b6"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: video/mp2t
access-control-allow-origin: https://www.matichonweekly.com
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-cf-id: 7yoxtkfYGJ4kfQISalk4-Rnrv6yHt01QsoVbes-t4dn36D8Coqwn9Q==

GET
H2 200 3001652-2067283-240-180-0007.ts Show response
3001653-matichon-weekly.cf.ivideosmart.com/3001652/2067283/ 30 KB
31 KB 736ms
736ms XHR
video/mp2t 2600:9000:206f:4800:13:dd95:c600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://3001653-matichon-weekly.cf.ivideosmart.com/3001652/2067283/3001652-2067283-240-180-0007.ts
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.12.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4800:13:dd95:c600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7f6a4d77806d57a886e331df32bd5a1b9851e55ce97adf51136b46b377ded6ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.matichonweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:30:17 GMT
via: 1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-length: 31020
last-modified: Tue, 07 Jun 2022 04:06:15 GMT
server: AmazonS3
etag: "3245386573f26edd2c9d443f4ae7da36"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: video/mp2t
access-control-allow-origin: https://www.matichonweekly.com
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-cf-id: D_rC34wWXNQkKj-h5-9fCkgxWGSW6OlUWLond4R8wXjJ-8vcTeYHiw==

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 396F 42 B
64 B 29ms
27ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cyw1_ItvlYtrXCcivgQfWwL7gDIHzjYBrkLOr4sIQsJAfEAEgmKOQSWCV0qOCsAegAYeI3YIDyAEF4AIAqAMBmAQAqgTTAk_Q2WVqUMoJObkWgqAScXpqXKC6BsvtRDMdC8yD7oN6brZd5-nuYmFsB5BnAqDJtCL-8FdWX4T6sS0lZACcdymwJ3OLApUNsOLSvILT4heZWNhMTiYIMYD6X-EKiLzF6JbE_J-24g0fUNMpwJLQ97um1okme1JcauUAG9p8M_j3Evs29GjXVbxDsIUT3yn-sFNVgvbbSvouizTceiaNmMDN8pSKvGsWih_J5a9oT-kGHOt9xaE1LgkdN_SXuPzDN9-wkFmhLyy0lOd8JO3r77U_MmJKucOjno66TP5V1kpIuJbK8ckIgWKuE24RzLoXt22d2BV5j8RsDKw_h-fT0tSCpxrjZ1miy3G1I88aP4Lyn4Exd1JG8_tmt_SfKRuDNPa2lFu56CDouPWn9F-uZb5k2wOl5iSZSdi6p7_KyWXBB6X5ErsAf8k9OFnGdqpgoQ2GEMAElP-dtKME4AQBiAWOlr_iQaAGVIAH4feifagHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAagIAdIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi02Nzk5MzUxMjYzMDY2NjE5gAoDyAsBsBOx_90P2BMN2BQB0BUBmBYBqBYB4hYCCAH4FgGAFwE&sigh=JFitUbO05Pk&cmd=Ch1jYS12aWRlby1wdWItOTQyMjU4NTM4MjY3MzU2NhAAGAI&label=video_skip_shown&ad_mt=5214&acvw=sv%3D929%26cb%3Dima%26nas%3D1%26sdk%3Dh%26p%3D982,1,1149,299%26p0%3D982,1,1149,299%26tos%3D5260,0,0,0,0%26mtos%3D5260,5260,5260,5260,5260%26amtos%3D0,0,0,0,0%26mcvt%3D5260%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D5260%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1046%26pst%3D421%26dur%3D50131%26vmtime%3D5214%26is%3D275%26i0%3D275%26cs%3D16781587%26c%3D1%26c0%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D5260,5260,5260,5260,5260%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D4140%26femvt%3D0%26emc%3D29%26emuc%3D0%26emb%3D28,0,0,0,0%26avms%3Dexc%26qi%3D540623458%26psm%3D-2147483585%26psv%3D-2147483585%26psfv%3D-2147483585%26psa%3D0%26pnmm%3D1659231005215%26ptlt%3D1659231016007%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,5260%26ss0%3D0.02&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.02%26t%3D1659231010489&sdkv=h.3.522.0&vci=CjwIAhoLSVZTQURTRVJWRVIgAyoSSVZTX05XX0FEMDFfSVZTRU5EMhNDSVZTX05XX0FEMDFfSVZTRU5EQAAKbQgCEhBhLml2c3RyYWNrZXIubmV0GgtJVlNBRFNFUlZFUiADKiFJVlNfTldfNDk3OF9DXzg4OV9BXzk4X0xfMF9JVlNFTkQyIkNJVlNfTldfNDk3OF9DXzg4OV9BXzk4X0xfMF9JVlNFTkRAmgYKbggBEhhwdWJhZHMuZy5kb3VibGVjbGljay5uZXQaB0FkU2Vuc2UgBCoMNTY3Njc4Nzg1OTM2Mgw2MDgyNDA4ODU5NTJA1AJSJhAPJQAAXEIoAToLMzVQdUhzcDRUNzBCCWdvb2dsZWFkc0iDAlAAGAE.

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 01:30:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

332 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

51 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.matichonweekly.com/hot-news	1969-12-31 23:59:59	Name: verify Value: test
www.matichonweekly.com/	1970-01-20 05:03:55	Name: __oagr Value: true
.izooto.com/	1970-02-04 04:53:51	Name: IZCID Value: 67246383-1550-4ebf-b19a-83af14194663
.matichonweekly.com/	1970-01-20 04:55:17	Name: _gid Value: GA1.2.232450102.1659231005
.matichonweekly.com/	1970-01-20 04:53:51	Name: _gat_UA-51245873-4 Value: 1
.matichonweekly.com/	1970-01-20 22:25:03	Name: _ga_MHT6T7VS95 Value: GS1.1.1659231005.1.0.1659231005.0
.spotxchange.com/	1970-01-20 13:39:27	Name: audience Value: 4e21685c-1070-11ed-9051-153cf9b00406
.aralego.com/	1970-01-20 13:39:27	Name: gdpr Value: 1
.aralego.com/	1970-01-20 13:39:27	Name: sspid Value: db85e1e0-5703-31cb-a20d-764c244fd9a0
.adform.net/	1970-01-20 05:38:29	Name: C Value: 1
.doubleclick.net/	1970-01-20 14:15:27	Name: IDE Value: AHWqTUmlEeWGses3SsvLkfaBmXFbfObstQt-T-VoDvnNcxNFvvqZJw9Xxd23DRATjy4
.matichonweekly.com/	1970-01-20 14:15:27	Name: __gads Value: ID=33a536d5732f4064:T=1659231005:S=ALNI_MZoTGT0c_CM5fG5o1jdwFvw8qmhPA
.adform.net/	1970-01-20 06:20:15	Name: uid Value: 5514431867155879621
.adform.net/	1970-01-20 05:03:55	Name: TPC Value: 1659231006115
.dable.io/	1970-01-20 07:17:51	Name: uid Value: 71941740.1659231006062
.dable.io/	1970-01-20 04:55:12	Name: _skp Value: 1
.dable.io/	1970-01-20 05:12:28	Name: _gg_ck_match Value: 1
.dable.io/	1970-01-20 05:12:28	Name: _nas_ck_match Value: 1
.dable.io/	1970-01-20 05:12:28	Name: _nh_ck_match Value: 1
www.matichonweekly.com/	1969-12-31 23:59:59	Name: _grf_vis Value: 1
.matichonweekly.com/	1969-12-31 23:59:59	Name: _cbclose Value: 1
.matichonweekly.com/	1969-12-31 23:59:59	Name: _cbclose32543 Value: 1
.matichonweekly.com/	1970-01-20 13:39:27	Name: _uid32543 Value: EFD1289B.1
.matichonweekly.com/	1970-01-20 04:53:52	Name: _ctout32543 Value: 1
.www.matichonweekly.com/	1970-01-20 22:25:03	Name: dable_uid Value: 71941740.1659231006062
.matichonweekly.com/	1970-01-20 13:39:27	Name: _ss_pp_id Value: d9042001beac0d724161659231006403
.matichonweekly.com/	1970-01-20 13:39:27	Name: _qg_fts Value: 1659231006
.matichonweekly.com/	1970-01-20 13:39:27	Name: QGUserId Value: 4821264333204963
.matichonweekly.com/	1970-01-20 05:14:00	Name: _qg_cm Value: 1
.th.giraff.io/	1970-01-20 13:39:27	Name: gid Value: rBYQBWLl2x6T03QCFzHWAg==
www.matichonweekly.com/	1970-01-20 13:39:27	Name: _grf_uid Value: 417644797
www.matichonweekly.com/	1970-01-20 04:55:17	Name: _grf_cm Value: 1
.toast.com/	1970-01-30 05:17:20	Name: BID Value: ZM7M2TJM7VIF480906KT23WLA
.toast.com/	1970-01-20 05:37:03	Name: txmed_1440080439 Value: 71941740.1659231006062_:_EXP_:_1661823006
.toast.com/	1970-01-20 05:37:03	Name: txsync Value: 1659231006
.matichonweekly.com/	1970-01-20 22:25:03	Name: _ga Value: GA1.2.894751020.1659231005
.vk.com/	1970-01-20 13:34:12	Name: remixlang Value: 6
.vk.com/	1970-01-20 13:39:27	Name: remixstlid Value: 9082710328305703841_Sfzo7RFlmETax2cf3yYzrjf0rW0i91wnypJoSNVFn9L
.uuidksinc.net/	1970-01-20 13:39:27	Name: jcsuuid Value: at9CSRw6rIkZIW13dqda
.ad.daum.net/	1970-01-20 07:03:27	Name: DSPR Value: %7B%22v%22%3A1%2C%22dr%22%3A%7B%22t%22%3A%2220220731%22%2C%22u%22%3A%2271941740.1659231006062%22%7D%7D
.ds.kakao.com/	1970-01-20 07:03:27	Name: DSPR Value: %7B%22v%22%3A1%2C%22dr%22%3A%7B%22t%22%3A%2220220731%22%2C%22u%22%3A%2271941740.1659231006062%22%7D%7D
.popin.cc/	1970-01-20 13:39:27	Name: uid Value: d9042001beac0d724161659231006403
.yengo.com/	1970-01-20 13:39:27	Name: nid Value: F2r5X2Ll2x9NfzyfBmD2Ag==
.admixer.co.kr/	1970-01-20 22:25:35	Name: __auid Value: 0ecddc57c9f04268e0264d46e3ebc561
.admixer.co.kr/	1970-01-20 22:25:35	Name: __puid_120 Value: 71941740.1659231006062
.admixer.co.kr/	1970-01-20 22:25:35	Name: __id_utm Value: 20220731
.admixer.co.kr/	1970-01-20 22:25:35	Name: __id_inf_120 Value: 0_71941740.1659231006062
.matichonweekly.com/	1970-01-20 22:25:03	Name: _td Value: e2ec3b54-94e7-4798-87f9-c8339f8c5460
.c.appier.net/	1970-01-20 13:39:27	Name: _auid Value: 6ZajMvy0CliHWoMjINvlYg
.in.treasuredata.com/	1970-01-20 22:25:03	Name: _td_global Value: de0674e7-c364-4c71-9edb-c9de072befe3
.c.appier.net/	1970-01-23 20:29:51	Name: QGUserId Value: 4821264333204963

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.matichonweekly.com/wp-content/plugins/seed-fonts/fonts/upcxdregular/font.css?ver=5.9.3 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.matichonweekly.com/wp-content/plugins/seed-fonts/fonts/upcxibold/font.css?ver=5.9.3 Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
javascript	warning	URL: https://www.matichonweekly.com/hot-news/article_563338 Message: The resource https://www.matichonweekly.com/wp-content/plugins/plugin-pdpa/js/pdpa.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3001653-matichon-weekly.cf.ivideosmart.com
3ccbf1d820fb883e754c4a0d89b398c5.safeframe.googlesyndication.com
a.ivstracker.net
a.th.giraff.io
act.ds.kakao.com
ad.doubleclick.net
ade.googlesyndication.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
adx.dable.io
aiqua-sdk.c.appier.net
ajax.googleapis.com
analytics.ad.daum.net
api.dable.io
api.popin.cc
api.quantumgraph.com
c2shb.pubgw.yahoo.com
cat.nl.eu.criteo.com
cdn.aralego.net
cdn.izooto.com
cdn.jsdelivr.net
cdn.qgr.ph
cdn.qgraph.io
cdnjs.cloudflare.com
cm-exchange.toast.com
cm.g.doubleclick.net
cmp.optad360.io
code.th.giraff.io
code.yengo.com
connect.facebook.net
connect.ok.ru
csi.gstatic.com
csm.eu.criteo.net
d2cli4kgl5uxre.cloudfront.net
d2wy8f7a9ursnm.cloudfront.net
data.th.giraff.io
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
get.optad360.io
gocm.c.appier.net
googleads.g.doubleclick.net
graph.facebook.com
hbopenbid.pubmatic.com
hdrbd.ivstracker.net
htlb.casalemedia.com
idsync.admixer.co.kr
image8.pubmatic.com
imageaws.popin.cc
images.dable.io
imasdk.googleapis.com
in.treasuredata.com
inrecsys.popin.cc
ivx-cdn.ivideosmart.com
ivxplayer.ivideosmart.com
jscdn.appier.net
log.popin.cc
lvs2.truehits.in.th
nhwimp.izooto.com
p-events.ivideosmart.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel.adsafeprotected.com
platform.twitter.com
player.ivideosmart.com
prg8.smartadserver.com
pubads.g.doubleclick.net
r-log.dable.io
r.ivstracker.net
r.popin.cc
region1.google-analytics.com
rr3---sn-4g5e6nsk.googlevideo.com
rr5---sn-5hnednss.googlevideo.com
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
s.uuidksinc.net
s.youtube.com
s0.2mdn.net
s1.adform.net
search.spotxchange.com
securepubads.g.doubleclick.net
sessions.bugsnag.com
sp-api.dable.io
stat.matichon.co.th
static.adsafeprotected.com
static.cloudflareinsights.com
static.criteo.net
static.dable.io
stats.g.doubleclick.net
sync.aralego.com
sync.search.spotxchange.com
syndication.twitter.com
th.popin.cc
tpc.googlesyndication.com
track.adform.net
vk.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.matichonweekly.com
103.243.202.190
104.111.225.233
104.18.18.126
104.244.36.20
104.244.42.200
119.63.193.220
119.63.197.136
119.63.197.150
119.63.198.143
119.63.198.180
119.63.198.188
13.209.232.2
139.162.117.143
142.250.184.194
142.250.185.102
142.250.74.194
143.204.215.50
172.217.16.194
178.250.0.139
178.250.0.162
178.250.2.148
18.138.163.233
18.138.171.139
18.156.195.47
183.110.238.136
185.64.189.112
185.86.137.32
185.94.180.123
185.94.180.125
192.96.200.41
193.108.153.10
198.47.127.18
2001:4860:4802:34::36
203.150.243.253
211.249.220.158
217.20.155.208
23.106.249.95
2404:6800:4001:808::2003
2600:1901:0:7a0b::
2600:9000:206f:4800:13:dd95:c600:93a1
2600:9000:206f:9600:11:a4de:2580:93a1
2600:9000:206f:a000:15:a80b:45c0:93a1
2600:9000:206f:a800:6:b871:4f00:93a1
2600:9000:211e:3800:11:9be7:da80:93a1
2600:9000:214f:8c00:8:48e:53c0:93a1
2600:9000:214f:b800:1a:f2c5:bfc0:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6816:4e7b
2606:4700:20::ac43:47fe
2606:4700:20::ac43:4b8a
2606:4700:440e::6812:2fe6
2606:4700::6810:5614
2606:4700::6811:180e
2606:4700::6812:d841
27.254.32.27
2a00:1450:4001:62::8
2a00:1450:4001:806::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:812::2006
2a00:1450:4001:813::2002
2a00:1450:4001:827::2008
2a00:1450:4001:828::2002
2a00:1450:4001:829::2004
2a00:1450:4001:829::200a
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9c
2a00:1450:400c:c0a::8a
2a00:1450:400e:1b::a
2a00:1450:4014:80b::2003
2a00:1450:4014:80f::200a
2a02:2638:1::2
2a02:2638:1::3
2a02:2638:1::4
2a02:2638::2
2a02:26f0:3500:16::215:1484
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.34.229.18
3.37.25.164
31.220.27.155
34.111.114.222
34.199.182.125
37.157.2.248
37.157.4.28
43.134.100.94
52.172.204.196
52.19.54.25
52.78.181.17
54.251.102.136
54.251.149.69
65.9.66.63
87.240.190.78
99.86.1.145
02596787bdfdd5ad9150e4ed2ac1c3e3c1d6fec89fe1378e705d3ee370faa80f
0290f0d61a6b94aca37bd874640ee172d86ec3743f3c0a611063036261074f92
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
05e360f2c3667bbad4d17ff01852dd8ec11532ace3d9f9e3c3e43b62ff5705e1
060be7d3aea9e633af3b04e95481eaf4faf22fcfdaa7ceafa3099a61851ed69f
06716b096a061583b1edf34d5d429cdb328cd0ddfac171046d493b61639f6a11
070db1576416726b781f5b7d6a977518d26dc10d590bf5e95d2ff28d4a2a9738
080a485f94dee0e757572d6258ffb9faa1bf8876bef1aa5f60e15a81d54c4709
08e53442748a876d664005ea82f14fe894211f54adab26f33e9eb4e332c68b0d
09293705618c6bed98e82622b9fae2ee50f0d1c9c5e10249e073529b98587af6
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09b8585932e9851125c885d435a53f925d6b4d508b9f49b5cb929690509f1d85
0ba2a305961f23c0df2de773fe45b59000e7c4c63ae96278fd5412c33e0cdeee
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0ce978a7907fdf3a7b393ff68e8c0c17703c7f2eae4772b4bdce769668118dda
0dd61feacd4b5da46a70154a4d6c048cebefe5bcb10cdef25a8d040bb8d7fed1
0ee1c948369a346f632bdea506c33184fe96c3ddc0c6b03fffa58050b50c3c46
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12796fdde0d04c84163ea0b09a577b3a84d1a0dfe85f12ec643ba1476a91f014
12d3107d37f7fc791f9f9f1577064060f60f06cc7e4870a6d81652762316c74b
1303913fe03f778d4a176109e258c31993f56a79ec1ac840d6d0d34ddc43f3fe
19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b
1c8056fe7b5300fd52705d5fd42f12b5be946776ab517288d1bcee24559d66c4
1f51166899f96e582bc10b3361c7452d1b54eb4be542b1ae61dc3c57c567c20e
20a2be099fb65cf89afe84219ba9a65a4673114965d81313809f156860838273
218adede21e3502e8e18a8cc22ae1b170f5c4a522ec92ec08c0b67102d87394a
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
24f3dba78c31c5d70638101d559216361f0a1b8e2ce168a784a57bafdc971f86
258244a42788eab80744e7ad1ee234f8fd7dcb2680189d02c93c33db9f5e2e53
2663831a8078b0549c4fbac719d0c8e3f6f2993b46e0c1024cc9ad4edb420f2e
266aa2666a61b6fe3fccee2ed348b67ee588c0c9b2a6e219f67c1f5ebd8b18b2
2a03fb4b5919e5b637568d74b2ae96d11a22a0ccaa32ece91c1337f269677099
2a2ac34136c00e48cd04edf792aec5e6dba2b4cd5942b9383f3f56764125e808
2a2c0de0d0803440c2508db2390752a397c6dfb8f888ed513972e18c2a1f1829
30809be8855fd7127208ae071c5da033f2a51446fdeb02ba322fdc3dd6e5629f
33489265f7d6c34780f85e6297345f70a0643efee718f0b657f1145cb67cb86b
367770ecadfdefb26a0c19a356b689ff45180e85c628c45f76878f090ac3cd15
371b8a95c0ae58615c94d11533eed39bb3a273213338c6096cbaaafa5ba3452b
378b3869ece39b08f9a6687aad1bf8a827ac2f45bdab48160e7777c024feb1da
37f71b3323ce1a46333b0bc8dbc8ca5d032e99f28c12d4adc6afc670bcce57df
37fb546f8426b457a1ad6fa0f6eef42a199837d34d79cd3c4df1162c2c19abd6
3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3b5fa673e9895df434c74682bf5558e84bb22b07b040dfeb10e23d9d1d26d049
3fe5d81f649921471284c6867e9eedd92925f629f3cd5a68735a6ceace449ad4
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
415920fe1cb28c3b147ab7fba8a7a24866b8f5e4b65f2df8138486f9f8c221e1
429a25d8eef1001e6b06d1317d40331da3fe5c1ed171bdc591749d8a946385e5
44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436
44b225ce41883f563770b5b123f708803b72d6134bdee1894af3115f60966be1
459a6a5d06fb96912a3b4c63b8f3317b315fb128f7ab042d150b5e2f61fbbbab
4850ec6cee6505f8dcbba89fe5ae7c2625b53dd4f9362541d0804ee5f0594b3c
48d1186e375dd91148851d1b190b40e99f821b7258e175c3ac15f7c05673096a
4b48cb37d94e20dedb73678f26f36367455b3997df408b1f6a59c91938b20b71
4c2c0057e402d89a387f4a17dd3989f0aa841ab23e17969eaefa5a1043c875e4
4cd66a56163bc8fc2d0b3aaffdad70c997e95fb8dec978e09bf0f05574688ff0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ee4197ae3e7bac4347e8443d7e264781c7d154e24d27da0eec14b9d4bfc1d61
50d33039f12b5b24478c81c7f1b1ee879d63c1cdbf5abf2651bf2c58d2f8d45a
52d51ae583fae6bca8d8831f74056c6904b522f2172125e88b38a55731cdfc06
53199b27b4586638855e2056af4053c91c1b8a817a63dfdd660625655b4d81f4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5618af731dc478d20e8a62fd09850f4592a353adb7cee7d899ca475811e06d87
599d48c6dc3d6053f15a101fdc6320d97018bc589a7bf19b4918ef5723aa4ba6
5a6b50e7af52623e36936efe55d693103c8760437feb56cb1d70ebc3bd7e8546
5d35b0a7c4239b58fce4228835ef69328907b86e5e2b2f207fdfd85967d7d16b
5d3b2814d7b7f2c2aaac48e0636bba02ae086ca9aca2b04d0d9fa7576b75f5fe
5d65a168b39aa7ed07e34ce77d62b8b06e2b684f82d4d59482005d458c363504
5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6291200fb4b26ede6d46247883ef48aedf1f2a26170d947e85346ef62d758997
6466d1307e3fc1654a26472042f57686cf199dcf6315799cb2da85da99eb9ff9
64e277a8a009d28ecfa2f584646e8eea8efac99bd5dc4c9fc2eb9b07179dcf46
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66a4f6f4681744137dbb6e09072d4c35e771163213a2b1a66902ba318ded22cb
6753ab9ab14844d0e9ecbbf13df7accf525291cef950547034e5ab67be9e508e
68373eec97343cf05d245626b50d5afad969c2384fd23eb1a7be48cfb449a39b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bfdae4a96ded74a8b76984a830bba5e90a6a14a529f56ca4a2bf75021fe45fd
6da8ecfa2f77607a7d1a9ade762d6422a34f241dfdedd854dc9839933ce6ee66
70994b55b156febbc5a4c4ead2f014f32f8359b3aa301d8f27968356520a47d1
714844e6baefe74b0264c15dd042e6d47bd054144f4cfc48cebb68ac211dc959
7193880fe91c29a4e6afd3fa256ecb0fa7bdb324573c3a96e9691e8a6671e72a
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
729887ed0703aa2603f43696e7512e459899961b4f0d2b7a5ed86cdbc134f662
74655f0e2a3f63cc36eeaba15933f77c4ed47847bfbef5599b5363a7f0a6a715
74a36b5e7aa86dea54216c82390d18b821bc597647db38a459c4c1657d4b2bd2
751c34b114333af17ad58fd47e026fc298b2ec96e64c5145a54b339374f10986
76aecb3c9ebe74d9adb2ec0d106647d92b2d0924730fe95c51790a7c622b6c52
7ac242ca01033f140f43a397a96e72c8ce6d3c241bd58353aba0dc9d0822f59d
7d0e37ab9fcf3593d37afef65574ef25dcbbcb7b80b8a1fc58c0b44a12b608c8
7f0529bcb85bf4415a28735aef7edd93bf9e4ddb0d82da5e676bb9a4337c2949
7f6a4d77806d57a886e331df32bd5a1b9851e55ce97adf51136b46b377ded6ac
7fcb57eb9682bc01ed2a77c8bffe1a5f1c5ab42a20993c4b2e9b729755e3b628
80e112f302dc9e0e4167ec6030a7be016734cbddf0fbcb5bad8476b5290ec39f
8147d95456088b4e403d7073e6c469996fc406fae907897441b69cbc657eb61d
828e2359ff39cad670818dd76a29609e0f30f217b6b59a58094328cf67d1c59f
82ffa92718627d527751da0dd9d6744038618f2cd00f3e8e0ea14867ede8e9ea
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85193287223bd2dbecfa6fc801d040ce3648b1932ced4cdcda733a714ea92ad9
85d26e1312fd497b2cd26cc5c5f0b7945016a95e4d36c687c5cf9eb8dbe8a9b9
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
88e905c74aa8214333eed33d4c21da22647b931cd42dd72f4aa12b91940c0abd
8a9b9d93df2fba5b57eff273ab91a6dbb7f4d4fc10305d33327eea7beb8a711a
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c9ed1a1966e70ffe80b49fb84d8c6ff14b0a04a0bae5bb2f7a8b16699f0da98
8cba2108d103c0d9b11deac5697dc1e61808c753c71da6841186dd3ee0d71318
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8fcc9407543aaf920136a3d1908bbee883a0528e9e889c31f4a6643bdb84e01e
91cf4bb532d484a0cb2118052070f44c1104b73332f2095ce14c70cac7dda203
9262f9c429d4fb251053f4d7d6d9f8dd871dc6b2df438ba19ca442e3f7bcfc86
93072530d1228ef896a3aebb64d86f39fb57f35c32883b07168571651f02f27c
944146ef126e70cb54d0e7e925f81b68d9a7dc885a8b4f21adc5b684884f4e5e
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
9cb93fc023cca355260310e41056be397ecad26f94a578c5b147762b40fc6d3b
9dda059e8035161599612e3148d50157203c46e1323b0233e067507007a0a04c
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a10b9570a1c7858442b42f1cd48b69a191638269f37e4046607bf5fe188e38bf
a12e9547ed5018b7d1a41f1e6b24911a5d73fbf6ca4cb15e3671f58493727f39
a13ff34f1f6805135cb084e3cb1044861ca7037ddeaff9e8359bec5cf4010ef4
a1677303bcd387e2270564b14b34621e7b240f91429be28fff78695b2ef3b747
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a407bad2c5c1c6331c406392e74465bca0603fb1040b476e6592fe6fd4a56faf
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
a4f2cd1c2e40dfecb8433a6493d77517c97634b5e5b9b043865e90f6ee645c07
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a815319861beaab11efcbd20da38cd0c8e9bcc30f6640bc62b49ba4f7d3d146d
a8e4803f10ffe472af238b835964e6d6031eda6383aade8113297c7038915006
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa9b96f05acdbc3620d753128c182f3f95d07a3ab9a9546edbf7ec69ac37ec78
aad8e52435bbf0b56092d8f6e923bef6685e87f80ed10d8cd64b78c64a7373c7
af2b2ef1a591daa094704cb74bf4c4c5b29ed76fc02ff547b47b14e624a0b35d
b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2e74dfcaff5e1438c1c72ad3888acf062a4566b136b158a371e46784422a290
b40ed885c6eabc68309c7e3377008ec3aaba2add66e43fcf6fc2851cdc6a2f98
b41160aa7e40734b42b924d6394e802b511ad2a732eaf3dcb1c8d30e4b2043f7
b41447094b55af7ccffa35209b132e812859f30bdce59e357a6021cc49f1a08c
b6d20032c4fc0c7b9ef1b30b5788dba3ec59e9175bc66a1c78dd872accb5e062
b839a7d12b81f1a32ae704bb6e911b2416e9eda8e81aa7642599c07e65299291
b95cdee26b59ba4c7ab3e4e6512d7d19db6234a124f01746477958b05101c7dd
bc1887e3481a05350645d217e67b2095daddfc37dfa4a7fe1042f9934b7a007c
bc9f94672474b5de1b97483bd55200ffc418aa413b2c7dc119b1ff9dbd368695
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2
c36212a9f246a9e5b25d86c5df839302435bc23f527ea7649b75e223f080ed11
c5ed818755223a03cbbfdb5ab7c4b759a9b0f01673363197ea01a54b0072cbc9
ca8912d156188fe98bd0c2b0028df379e9c414975a4742aa98a644ee76e048e8
ca8f5b527f7b05cc197be6a570581130a8c18cbb7fc102c5818cce3fa7a199b5
cbd10cb21b369754d1ee913922c1e56e43568dc82a513e3d8ff94c0883ca029a
cbe02aa76fac3236ba785f65834ca69bda89049848de74077dce32c9c6adc95d
cc4a4e57220edd8226ec13e560303de81fc6222356bd35df5cb4ebbfbbe1c289
ccaf59e06eb4f607fdedb30b166d8ab31ae2f92eaf4a2f998504204f1a2bf526
cd7be141712bd08e101d53cbd4155c341cadb977a37e0cbb4d0adf17ad4a9c71
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
cebfa75512f12a4d2f05cacae40f83ddc3e1efaf90aba3d5c9eabe0625a94858
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d113270b0085beaea8236b480a8c85af4b7bc0447e32c8c6e081d729c0405a96
d1c59e1b38fa1204803f1d29be158886c25efb6fe42d02cfcd1643746249bf39
d2552b5a5b1d8d9b480866377443816318a135709b83b2e4009219d6dd082fcb
d27e325ac01eb2db9f69f39f1000c9a431bc4adb1e82c9c429c54eb3e0779281
d3743330192c96b9b8f5b72f69f932359bb892b65535311b1ffb1fef98536c23
d63aa579bc22aae521900160eb59d7bbecb007d60a48c90c217ed00044be7470
d86c8d510fc7334badac90c7e5413bac08c068cb403e85f49e299c13895fe113
d86d85e17d07c9075a1ae3b3b0beddfefe5767845c5a312d6f72bc2d7ee5391c
d93020493ab455746716fd097c26728a1a85ab9533d51714020bf1c84b75d604
dc7375f568ea439c4f544ac6488b963a8d57d6cd65b0a8a551230d330e55483f
dd0f646bd06936974602e4d708317c3fb1b80de3dffc9b15cae499ff3112dad6
dd5a327cacc6d55aaf0fbd27f6c312e0dfeac90d75c625ef085d0b7cf076886c
dd90411ecf6224d7345468d42de92c9d6d8fcf687590b01b47593031cfe392e6
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df87dd4398d992cba646bc40217e27c5843b946250208fa21e09b4be3ebe7859
e0296240dbe3d57e6814971209a4f01f8bf824be562a48e4deeb5a9924680ec9
e090082b089df1fdf9bf1e493033c75902535110ce7b2ed4a533f06b39d950f3
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e15da45d5cba0ab4632c82da75b5a2c19336715e3543f8a80d615937bfad60e6
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e432b5ad48c1acacf7359218e84c15a30768307b293f70b50a2b2891c312733c
e440e5b3c3ed7628536f43b299590e0695b040f78079a6622512389f5d2ffd9d
e4e093b5a1fae09afd7607e5b87fabd2b8b1e2901c191c6b9169a5811cbc00df
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e861d3c3bf074c8b832c72921647e53513a1493a855cbfe43820933cbeb35dca
e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423
ebe155ab5706a90a4ba62bdfbcc044a57dbf04b6389f6de9044779fb7968c436
ed02212bdc9d93554d8645301fb1b7123480302e0492e770bb43c8e13e7b75b5
ee4cfb80dd25cc2c164efef4ebc1b0ba0e31627dcb02eca8a726bb49347ceeb3
ee54ef1afbdc76b2fec5a8aa092fd0c220071a5b4ee412ebc7f123b86780d4c9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd2b206db6071e9ce6f80eebef5e7161de7804ba2de18d29d80923651ac02db
f02199cfc7ce94ce104ad1fc23929de7109ef2b43a0043612e3c04016d1ad0ca
f324c06e9e87405a95bfd62767836e03f5365df485a050564a4bcea15d1e82fa
f4dd3a8ec45cad68bcf5c67d59e5837725ca814880388a8976eca3c9c954ca35
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f73dba8fc6450d27bb6254d9b89aac743a6891a30b31a0cebada2473303b0388
f7e464dbae19da0d1dbc647186d3573cebb1b5bc384f0685494e8d2eb954cca6
faf6a88aa31dff0fa1d61fbcf1a1bdc1151b81157e830f9722d0dea7dcdf451d
fb1a61e7dae81abe461f7c8d4d09ec5bd2009ac94447971e585f7b120b021ae8
fc4e1dc7d53e2c420f2c5a533b24817327da6b172c15d2e30f796711207d0104
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fedc75dd4569afd0c848fbb9a9ee3353314db54eaa583b32b488b8e3f7a36ce0
ff3463f326af73ac0a2a4d2b900b0a5036910e01487f63e327314726133e83ad
ff73967a98dbf0e26497c62c5d6e0fd9d0968f92031da77900e05a2ec344d3e5

www.matichonweekly.com Open in urlscan Pro 2606:4700:20::ac43:4b8a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

381 Requests

98 %HTTPS

46 %IPv6

55 Domains

105 Subdomains

96 IPs

16 Countries

14829 kBTransfer

27858 kBSize

51 Cookies

24 Outgoing links

Page URL History

Redirected requests

381 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 17 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.matichonweekly.com Open in urlscan Pro
2606:4700:20::ac43:4b8a Public Scan

Screenshot
Live screenshot

Full Image

381
Requests

98 %
HTTPS

46 %
IPv6

55
Domains

105
Subdomains

96
IPs

16
Countries

14829 kB
Transfer

27858 kB
Size

51
Cookies

381 HTTP transactions
17 data transactions