cnvyl.katerionews.com Open in urlscan Pro
2606:4700:3030::6815:46c3 Public Scan

URL: https://katerionews.com/latest-news/
Title: Latest News

URL: https://katerionews.com/latest-news/world/
Title: World

URL: https://katerionews.com/latest-news/sports/
Title: Sports

URL: https://katerionews.com/latest-news/science-technology/
Title: Science & Technology

URL: https://katerionews.com/latest-news/lifestyle/
Title: Lifestyle

URL: https://katerionews.com/latest-news/entertainment/
Title: Entertainment

URL: https://katerionews.com/military-aircraft-experiment-spotted-at-chicago-ohare-strange-evidence-science-channel/

URL: https://katerionews.com/2023/01/24/
Title: January 24, 2023

URL: https://katerionews.com/author/admin556/
Title: admin

URL: https://katerionews.com/military-aircraft-experiment-spotted-at-chicago-ohare-strange-evidence-science-channel/#respond
Title: 0

URL: https://katerionews.com/apple-mac-studio-vs-mac-mini-m1-2000-vs-700-mac/

URL: https://katerionews.com/apple-mac-studio-vs-mac-mini-m1-2000-vs-700-mac/#respond
Title: 0

URL: https://katerionews.com/founder-fireside-clubhouse/

URL: https://katerionews.com/founder-fireside-clubhouse/#respond
Title: 0

URL: https://katerionews.com/negotiating-your-first-term-sheet/

URL: https://katerionews.com/2023/01/23/
Title: January 23, 2023

URL: https://katerionews.com/negotiating-your-first-term-sheet/#respond
Title: 0

URL: https://katerionews.com/1more-evo-audiophile-grade-anc-true-wireless-earbuds/

URL: https://katerionews.com/1more-evo-audiophile-grade-anc-true-wireless-earbuds/#respond
Title: 0

URL: https://katerionews.com/can-one-survive-the-third-story-jump-from-the-show-burn-notice-mythbusters-science-channel/

URL: https://katerionews.com/can-one-survive-the-third-story-jump-from-the-show-burn-notice-mythbusters-science-channel/#respond
Title: 0

URL: https://wordpress.org/
Title: Proudly powered by WordPress

URL: https://www.acmethemes.com/
Title: Acme Themes

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://waaw.ac/f/1eZisRF9BgAt Page URL
https://waaw.ac/watch_video.php?v=Sm9tazRLM0NoZEk5cGwyS3c3K1JsQzAycXhnU3pYeDRwMUNyeHV5UmhvK0wrZDE5eW5ZdGN3UkY0WGpOdXVPVQ%3D%3D Page URL
https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 150

https://bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1683804614185-951996230838-001201-002-003896%26biddername%3D10%26pid%3D59c9148628a0612da3689288%26key%3D%25%25VGUID%25%25 HTTP 302
https://sync.aniview.com/cookiesyncendpoint?auid=1683804614185-951996230838-001201-002-003896&biddername=10&pid=59c9148628a0612da3689288&key=MsrZK4wmEfES&ev=1&us_privacy=1---&pid=562704

Request Chain 151

https://ads.stickyadstv.com/user-matching?id=3655&_fw_gdpr=1&_fw_gdpr_consent=undefined HTTP 302
https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=692e3d37c25f57d0a8a3db45d3b95&_fw_gdpr=1&_fw_gdpr_consent=undefined

Request Chain 153

https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=undefined&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1683804614185-951996230838-001201-002-003896%26biddername%3D200%26key%3D%5BRX_UUID%5D HTTP 302
https://sync.aniview.com/cookiesyncendpoint?auid=1683804614185-951996230838-001201-002-003896&biddername=200&key=OPTOUT

Request Chain 158

https://csync.loopme.me/?pubid=11455&gdpr=1&gdpr_consent=undefined&redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1683804614185-951996230838-001201-002-003896%26biddername%3D56%26pid%3D59c9148628a0612da3689288%26key%3D%7Bdevice_id%7D HTTP 307
https://sync.aniview.com/cookiesyncendpoint?auid=1683804614185-951996230838-001201-002-003896&biddername=56&pid=59c9148628a0612da3689288&key=91d46104-5636-45c5-8ab8-aa3bcdfcb072&gdpr_consent=undefined&gdpr=1

Request Chain 203

https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

Request Chain 204

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

Request Chain 209

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
https://ads.servenobid.com/sync?pid=312&uid=4201403600601124566

Request Chain 210

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
https://ads.servenobid.com/sync?pid=310&uid=GoJyARZH6Xn4BzGtRpyo-naX

Request Chain 212

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1683804616906 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=8155331897 HTTP 302
https://sync.1rx.io/usersync/turn/7739819000531172984?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-feca3cfb-0f10-4144-b02e-938a1d1b0c94-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-feca3cfb-0f10-4144-b02e-938a1d1b0c94-003 HTTP 302
https://ads.servenobid.com/sync?pid=321&uid=RX-feca3cfb-0f10-4144-b02e-938a1d1b0c94-003

Request Chain 213

https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
https://ads.servenobid.com/sync?pid=324&uid=5109685627561611451

Request Chain 215

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
https://ads.servenobid.com/sync?pid=327&uid=1c17496e-d55e-45d8-8ec0-bbefa5fc7ad6&gdpr=0&gdpr_consent=&us_privacy=1YN-

Request Chain 216

https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58559/occ?verify=true HTTP 302
https://ads.servenobid.com/sync?pid=337&uid=y-ANR.1zJE2uHLOnJADwS7PNix_vIlk73ZHhflGGc-~A

Request Chain 217

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
https://ads.servenobid.com/sync?pid=346&uid=ua-e73015e6-19e9-3fd2-ab45-fc3f57282943

Request Chain 218

https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58632/occ?verify=true HTTP 302
https://ads.servenobid.com/sync?pid=339&uid=y-ANR.1zJE2uHLOnJADwS7PNix_vIlk73ZHhflGGc-~A

Request Chain 220

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
https://ads.servenobid.com/sync?pid=353&uid=0000EEA

Request Chain 241

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZFzRyI9ru5Ldq7LfjkJipgAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAkPn2SQX_j6Lb9dawYiuZ4&google_cver=1

Request Chain 242

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZFzRyI9ru5Ldq7LfjkJipgAACF8AAAAB&gpp=&gpp_sid= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZFzRyI9ru5Ldq7LfjkJipgAACF8AAAAB&gpp=&gpp_sid=&dcc=t

Request Chain 243

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZFzRyI9ru5Ldq7LfjkJipgAACF8AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFmiLphDgyKwi5Tp4TYnG9g&google_cver=1

Request Chain 246

https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4201403600601124566

Request Chain 247

https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=91d46104-5636-45c5-8ab8-aa3bcdfcb072&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null

Request Chain 248

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=

Request Chain 251

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://usersync.gumgum.com/usersync?b=apn&i=4201403600601124566

Request Chain 252

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_85505070-4616-4c38-813f-8c64a36256f5&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_85505070-4616-4c38-813f-8c64a36256f5&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2 HTTP 307
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2 HTTP 302
https://x.bidswitch.net/sync?dsp_id=59&user_id=0b30b107-303d-46e1-acdd-60b81b6630a7&ssp=gumgum2 HTTP 302
https://usersync.gumgum.com/usersync?b=bsw&i=21b83d42-9e35-4995-a546-914ee588db19&gdpr=&gdpr_consent=&us_privacy=

Request Chain 253

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sta&i=0-6ba00f39-46d7-51bb-6830-19a07e155b29$ip$178.162.209.136

Request Chain 254

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_85505070-4616-4c38-813f-8c64a36256f5&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
https://stags.bluekai.com/site/23178?id=tWiDGT3hlmuFa6J7iKzU&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT25CXNFCEOVBTNBWG25KGME3EUN3JJN5FKJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT25CXNFCEOVBTNBWG25KGME3EUN3JJN5FKJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=tWiDGT3hlmuFa6J7iKzU&us_privacy=1---

Request Chain 255

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://usersync.gumgum.com/usersync?b=pln&i=THEvlCqarLK0&ev=1&pid=558355

Request Chain 256

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
https://usersync.gumgum.com/usersync?b=obn&i=ENC%28pW-MOWezLb817qJGAISN4SAFDk9qmQpLbHe1Kpp2sbvlFmuBrbr7DnHwTroCzzLp%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28pW-MOWezLb817qJGAISN4SAFDk9qmQpLbHe1Kpp2sbvlFmuBrbr7DnHwTroCzzLp%29 HTTP 302
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_85505070-4616-4c38-813f-8c64a36256f5&obuid=ENC(pW-MOWezLb817qJGAISN4SAFDk9qmQpLbHe1Kpp2sbvlFmuBrbr7DnHwTroCzzLp) HTTP 302
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
https://rtb.mfadsrvr.com/sync?ssp=outbrain&ssp_user_id=$D&initiator=platform HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=outbrain&ssp_user_id=$D&initiator=platform HTTP 302
https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=d14525fd-5910-4da6-8614-83b355d8823b&gdpr=&gdpr_consent=&us_privacy=

Request Chain 257

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=opx&i=fcdaab1a-8e9e-496e-8988-41f561cc1d2a

Request Chain 258

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=oth&i=y-yR2GyVhE2pc4T6ZrOlFlZhZBo96IhVEXOvZn~A

Request Chain 259

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=vnt&i=ee959771-0b34-4f65-b6b4-f96b75170fb1

Request Chain 260

https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
https://usersync.gumgum.com/usersync?b=snc&i=GDPR

Request Chain 262

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://usersync.gumgum.com/usersync?b=idi&i=8e91fa3c-fec9-41d3-89dd-f62498c9dc94

Request Chain 263

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sad&i=6177750915998741045

Request Chain 273

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=6177750915998741045&gdpr=0&gdpr_consent=

Request Chain 278

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://usersync.gumgum.com/usersync?b=mmh&i=44c9645c-d1c9-4400-9be2-bf913998f9a9&gdpr=0&gdpr_consent=

Request Chain 279

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZFzRyQAJOUKy_gBL HTTP 302
https://usersync.gumgum.com/usersync?b=atm&i=ZFzRyQAJOUKy_gBL&gdpr=0&gdpr_consent=&_test=ZFzRyQAJOUKy_gBL

Request Chain 281

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://usersync.gumgum.com/usersync?b=sus&i=ZFzRycCo8XUAAHzuVAEAAAAA

Request Chain 282

https://cs.admanmedia.com/sync/gumgum?puid=e_85505070-4616-4c38-813f-8c64a36256f5&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1--- HTTP 302
https://usersync.gumgum.com/usersync?b=aad&i=cfa1c989-c1c4-4293-93d5-41ee6b9de28c

Request Chain 284

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://usersync.gumgum.com/usersync?b=rth&i=B712TKm6GeB0l8YSZZ6K&pi=gumgum&tc=1

Request Chain 285

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
https://eus.rubiconproject.com/usync.html?p=gumgum

Request Chain 320

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDZzjQr7dzgM-Jei_gBZFOA&google_cver=1&google_push=ATf1kGOIaWr0KUV43C9CVSH6Nexrk73owavPtFj1ov2CYmKVZ_Aurywe1NkO00oY_850fefWf9SwzffYjy7Qmn_y-wGWS7Y9zK97nk8iXixYdm40AStqcP-E7iyKFEzu3u8fe5kPA12wI1e0dTERyRlN9kVA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhKMVNMU04tMy1FN05N&google_push=ATf1kGOIaWr0KUV43C9CVSH6Nexrk73owavPtFj1ov2CYmKVZ_Aurywe1NkO00oY_850fefWf9SwzffYjy7Qmn_y-wGWS7Y9zK97nk8iXixYdm40AStqcP-E7iyKFEzu3u8fe5kPA12wI1e0dTERyRlN9kVA

Request Chain 321

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOxTxwpHyyqyFhgqXN--YQs&google_cver=1&google_push=ATf1kGPHFwe_L-tOyw3a3aGUmUEAz_3Gc04bM1XVHPaKFLFphGYdlAtpRNUdEe0J32xznhQXNXejylqgndy0pHVUXDYKv5MmVp1MV-vkGsFj1CalUpugC7d9w4ILCmdHG3zg802WyPC0FPuQehmp7yADpBG3 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPHFwe_L-tOyw3a3aGUmUEAz_3Gc04bM1XVHPaKFLFphGYdlAtpRNUdEe0J32xznhQXNXejylqgndy0pHVUXDYKv5MmVp1MV-vkGsFj1CalUpugC7d9w4ILCmdHG3zg802WyPC0FPuQehmp7yADpBG3&google_hm=GoJyARZH6Xn4BzGtRpyo-naX

Request Chain 322

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEFC9HfWVyiC4KBIBm-R8_RE&google_cver=1&google_push=ATf1kGMA3bk1rYPSEtf4HX5AGEoJmRcX5VuxpTM723DbwTpD0qnvEG03Zof6a0R08XhzCZTYRI7GAlIPCntU1NlICcQw_3IrZJgWUus4BAaSOX7nUmDhRyH-dHprBorPcF8bPz0vQgCFlvZq5hhnPpyECaFM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGMA3bk1rYPSEtf4HX5AGEoJmRcX5VuxpTM723DbwTpD0qnvEG03Zof6a0R08XhzCZTYRI7GAlIPCntU1NlICcQw_3IrZJgWUus4BAaSOX7nUmDhRyH-dHprBorPcF8bPz0vQgCFlvZq5hhnPpyECaFM HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 335

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 344

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=WDRYQABuRxG0t_AwlXuqxw&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=WDRYQABuRxG0t_AwlXuqxw

Request Chain 345

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=

Request Chain 347

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAf4RUTHAif-UeETTOV-9rs&google_cver=1

Request Chain 348

https://token.rubiconproject.com/token?pid=2046&pt=n&a=1 HTTP 302
https://rubicon-match.dotomi.com/match/bounce/current?networkId=12783&version=1&nuid=KbmSfgou5Moi5HBA2CTzJYXsnMZhMiGdLdsvN9R-tmQ

Request Chain 350

https://secure.adnxs.com/getuidnb?https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4894%26nid%3D1986%26put%3D$UID%26expires%3D30 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=4201403600601124566&expires=30

Request Chain 430

https://marazma.com/load HTTP 302
https://xml.poprtb.com/redirect?feed=491010&auth=OpDJQF&pubid=152420

Request Chain 445

https://mc.yandex.ru/watch/90175160?wmode=7&page-url=https%3A%2F%2Fvideocdnmetrika.com%2Ff.php%3Fsid%3D212040%26rand%3D962215149&page-ref=https%3A%2F%2Ftestingmetriksbre.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73idgcr0qjmn%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1031%3Acn%3A1%3Adp%3A0%3Als%3A1363909227936%3Ahid%3A281849956%3Az%3A0%3Ai%3A20230511113019%3Aet%3A1683804619%3Ac%3A1%3Arn%3A135239553%3Arqn%3A1%3Au%3A1683804619991603999%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A9%2C17%2C78%2C0%2C1%2C0%2C%2C12%2C0%2C%2C%2C%2C120%3Aco%3A0%3Acpf%3A1%3Ans%3A1683804618165%3Arqnl%3A1%3Ast%3A1683804619%3At%3A&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/90175160/1?wmode=7&page-url=https%3A%2F%2Fvideocdnmetrika.com%2Ff.php%3Fsid%3D212040%26rand%3D962215149&page-ref=https%3A%2F%2Ftestingmetriksbre.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73idgcr0qjmn%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1031%3Acn%3A1%3Adp%3A0%3Als%3A1363909227936%3Ahid%3A281849956%3Az%3A0%3Ai%3A20230511113019%3Aet%3A1683804619%3Ac%3A1%3Arn%3A135239553%3Arqn%3A1%3Au%3A1683804619991603999%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A9%2C17%2C78%2C0%2C1%2C0%2C%2C12%2C0%2C%2C%2C%2C120%3Aco%3A0%3Acpf%3A1%3Ans%3A1683804618165%3Arqnl%3A1%3Ast%3A1683804619%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 453

https://gum.criteo.com/sid/json?origin=publishertag&domain=katerionews.com&sn=ChromeSyncframe&so=0&topUrl=cnvyl.katerionews.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=gDGaw3xKREh3d3FHSlFXNThSSkpRNkdHZGh4cVBFVVp6V0hVNTBpTUl2VVMyYzVGZjIyN2dVT3ZwRjQ1RkwvaW9QbWtxNjZ5cHllS1E4K3BSU0xQVTArNFZPS2FWSlZaMCsxblJ4UlVvQWQvS01QN2hxeExobDBXdkJhTHNhbzAwM3FPbDQ2R3BwaVlxbVcxWjhDdWZYbGpPeDFyV1RTZk9Db1orRW9XaTBJN2dOem92Und2R0NDaG5CWWJ1TmdRbTVmTGs3ZEtMMDh5bzJTbFJiQ2xPQ0dHWjhFcDk2SS84V2hlbUYraG5RTUYreExhMzU0RFNjeGJueGxPUGJsS2NaZVRENUpOVExkVzZiNGpmSXhtdFBMNVh1T2tXTmE1TFY2ZCsrd1QrVy9hNEx4bz18&cppv=2

Request Chain 462

https://counter.yadro.ru/hit?rhttps%3A//waaw.ac/e/VDFzNEluSU0wbzdEMmJhL0UrQ0svdz09%3Fhttp_referer%3Dhttps%253A%252F%252Fwaaw.ac%252Ff%252F1eZisRF9BgAt%26embed_from%3Dembed_from;s1600*1200*24;uhttps%3A//waaw.ac/player/embed_player.php%3Fvpn%3D1%26vid%3D1;0.437557525604215 HTTP 302
https://counter.yadro.ru/hit?q;rhttps%3A//waaw.ac/e/VDFzNEluSU0wbzdEMmJhL0UrQ0svdz09%3Fhttp_referer%3Dhttps%253A%252F%252Fwaaw.ac%252Ff%252F1eZisRF9BgAt%26embed_from%3Dembed_from;s1600*1200*24;uhttps%3A//waaw.ac/player/embed_player.php%3Fvpn%3D1%26vid%3D1;0.437557525604215

Request Chain 466

https://mc.yandex.com/watch/54046198?wmode=7&page-url=https%3A%2F%2Fwaaw.ac%2Fplayer%2Fembed_player.php%3Fvpn%3D1%26vid%3D1&page-ref=https%3A%2F%2Fwaaw.ac%2Fe%2FVDFzNEluSU0wbzdEMmJhL0UrQ0svdz09%3Fhttp_referer%3Dhttps%253A%252F%252Fwaaw.ac%252Ff%252F1eZisRF9BgAt%26embed_from%3Dembed_from&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73flq82iod0f%3Afp%3A3080%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1031%3Acn%3A1%3Adp%3A0%3Als%3A1301802836572%3Ahid%3A820546722%3Az%3A0%3Ai%3A20230511113023%3Aet%3A1683804623%3Ac%3A1%3Arn%3A613443198%3Arqn%3A1%3Au%3A1683804623663257879%3Aw%3A1170x760%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C652%2C25%2C1%2C0%2C%2C3723%2C1%2C5904%2C5904%2C0%2C4403%3Aco%3A0%3Acpf%3A1%3Ans%3A1683804613691%3Arqnl%3A1%3Ast%3A1683804623%3At%3AVideo%20player&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/54046198/1?wmode=7&page-url=https%3A%2F%2Fwaaw.ac%2Fplayer%2Fembed_player.php%3Fvpn%3D1%26vid%3D1&page-ref=https%3A%2F%2Fwaaw.ac%2Fe%2FVDFzNEluSU0wbzdEMmJhL0UrQ0svdz09%3Fhttp_referer%3Dhttps%253A%252F%252Fwaaw.ac%252Ff%252F1eZisRF9BgAt%26embed_from%3Dembed_from&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73flq82iod0f%3Afp%3A3080%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1031%3Acn%3A1%3Adp%3A0%3Als%3A1301802836572%3Ahid%3A820546722%3Az%3A0%3Ai%3A20230511113023%3Aet%3A1683804623%3Ac%3A1%3Arn%3A613443198%3Arqn%3A1%3Au%3A1683804623663257879%3Aw%3A1170x760%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C652%2C25%2C1%2C0%2C%2C3723%2C1%2C5904%2C5904%2C0%2C4403%3Aco%3A0%3Acpf%3A1%3Ans%3A1683804613691%3Arqnl%3A1%3Ast%3A1683804623%3At%3AVideo%20player&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 479

https://gum.criteo.com/sid/json?origin=publishertag&domain=katerionews.com&sn=ChromeSyncframe&so=3&topUrl=cnvyl.katerionews.com&bundle=bhBj719Kc0JvQ01qRkxIamRrd2Z0djJ3cFNoUjVzaWpiaUNHJTJCQ0tvSWhiZGIlMkZYamJXYiUyRlFlVENHbVlSbmZpd2pma1laVk0yZk5mbXBraG0zR0hKdlNUNXNSSGN4d21BNGNyZjZEYVloRW9qUEZKRVhQU2t6TGs2cEtaVkdEWlVxRW1DcnF3Snlzbmk4c29WZWRzQ3klMkJDdGdsQSUzRCUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=jkaygHxucmlKa1dsR1pyRUV1Y2tIMjBoNkZ2SlNJaTE2a3Jkazk0Um1uZnJyc0Fkc3M3VE9XaS9pRkg5YnNLZUhUWERMVEhRcHFmcURMQkoydmZDNmRwM1hJZEVheUlON1EvTjNDOVdDbGJqS0FVK3V2QmdnTVY1R0hlR05GelF6TmZLcDI3eHgrZkg2WUpRckxlV3BTaVZFUXZqRFozRFFxNlUyWkU1Q2VPdm8xOEhyN05McUs0RzJCajNmdFpXNndjNlVUZUhKR1NzaDNMTVY5MTBHcWtzcm1jRkRRS1FBSkc1UFJuUTBqZGVBenV4RnFKalQySDB2cFNuaVFDRlZiYzV1Uzc3TnRFemppRzBGUzVOc3hYb1pEOXBxSTU4S3dxdGw1c3NGbTJhN3N1Zz18&cppv=2

481 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 1eZisRF9BgAt
waaw.ac/f/ 14 KB
5 KB 82ms
32ms Document
text/html 190.115.19.71
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://waaw.ac/f/1eZisRF9BgAt

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

Software

Google Frontend /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, stale-if-error=30, max-age=30
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 11 May 2023 11:30:11 GMT
expires: Thu, 11 May 2023 11:31:11 GMT
server: Google Frontend
vary: Accept-Encoding
x-cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-cache-status-inferno: EXPIRED
x-content-type-options: nosniff
x-inferno-limit-req: PASSED
x-inferno-location: player
x-origin-location: player
x-robots-tag: 'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
x-xss-protection: 1; mode=block;

GET
H2 200 watch_video.php
waaw.ac/ 14 KB
5 KB 33ms
33ms Document
text/html 190.115.19.71
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://waaw.ac/watch_video.php?v=Sm9tazRLM0NoZEk5cGwyS3c3K1JsQzAycXhnU3pYeDRwMUNyeHV5UmhvK0wrZDE5eW5ZdGN3UkY0WGpOdXVPVQ%3D%3D

Requested by

Host: waaw.ac
URL: https://waaw.ac/f/1eZisRF9BgAt

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

Software

Google Frontend /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

Referer: https://waaw.ac/f/1eZisRF9BgAt
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, stale-if-error=30, max-age=30
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 11 May 2023 11:30:11 GMT
expires: Thu, 11 May 2023 11:31:11 GMT
server: Google Frontend
vary: Accept-Encoding
x-cache-status-inferno: MISS
x-content-type-options: nosniff
x-inferno-limit-req: PASSED
x-inferno-location: player
x-origin-location: player
x-robots-tag: 'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
x-xss-protection: 1; mode=block;

GET
H2 200 main.css
waaw.ac/styles/cbv2new/theme/ 82 KB
21 KB 15ms
14ms Stylesheet
text/css 190.115.19.71
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://waaw.ac/styles/cbv2new/theme/main.css?232
Requested by: Host: waaw.ac
URL: https://waaw.ac/watch_video.php?v=Sm9tazRLM0NoZEk5cGwyS3c3K1JsQzAycXhnU3pYeDRwMUNyeHV5UmhvK0wrZDE5eW5ZdGN3UkY0WGpOdXVPVQ%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waaw.ac/watch_video.php?v=Sm9tazRLM0NoZEk5cGwyS3c3K1JsQzAycXhnU3pYeDRwMUNyeHV5UmhvK0wrZDE5eW5ZdGN3UkY0WGpOdXVPVQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: cache
date: Thu, 11 May 2023 11:30:11 GMT
content-encoding: gzip
x-cache-status-inferno-s: HIT
last-modified: Sat, 26 Mar 2022 09:09:58 GMT
server: Google Frontend
etag: W/"623ed866-148e9"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials: true
x-inferno-location: static
accessing-static: 1

GET
H2 200 jquery-eu-cookie-law-popup.css
waaw.ac/styles/global/ 2 KB
1006 B 21ms
20ms Stylesheet
text/css 190.115.19.71
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://waaw.ac/styles/global/jquery-eu-cookie-law-popup.css
Requested by: Host: waaw.ac
URL: https://waaw.ac/watch_video.php?v=Sm9tazRLM0NoZEk5cGwyS3c3K1JsQzAycXhnU3pYeDRwMUNyeHV5UmhvK0wrZDE5eW5ZdGN3UkY0WGpOdXVPVQ%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waaw.ac/watch_video.php?v=Sm9tazRLM0NoZEk5cGwyS3c3K1JsQzAycXhnU3pYeDRwMUNyeHV5UmhvK0wrZDE5eW5ZdGN3UkY0WGpOdXVPVQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: cache
date: Thu, 11 May 2023 11:30:11 GMT
content-encoding: gzip
x-cache-status-inferno-s: HIT
last-modified: Sat, 11 Mar 2017 18:53:53 GMT
server: Google Frontend
etag: W/"58c447c1-79f"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials: true
x-inferno-location: static
accessing-static: 1

GET
H2 200 view_channel.css
waaw.ac/styles/cbv2new/theme/ 2 KB
1 KB 21ms
21ms Stylesheet
text/css 190.115.19.71
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://waaw.ac/styles/cbv2new/theme/view_channel.css
Requested by: Host: waaw.ac
URL: https://waaw.ac/watch_video.php?v=Sm9tazRLM0NoZEk5cGwyS3c3K1JsQzAycXhnU3pYeDRwMUNyeHV5UmhvK0wrZDE5eW5ZdGN3UkY0WGpOdXVPVQ%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waaw.ac/watch_video.php?v=Sm9tazRLM0NoZEk5cGwyS3c3K1JsQzAycXhnU3pYeDRwMUNyeHV5UmhvK0wrZDE5eW5ZdGN3UkY0WGpOdXVPVQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: cache
date: Thu, 11 May 2023 11:30:11 GMT
content-encoding: gzip
x-cache-status-inferno-s: HIT
last-modified: Tue, 19 Feb 2013 18:42:58 GMT
server: Google Frontend
etag: W/"5123c7b2-93b"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials: true
x-inferno-location: static
accessing-static: 1

GET
H2 200 rating.css
waaw.ac/styles/cbv2new/theme/ 4 KB
2 KB 22ms
21ms Stylesheet
text/css 190.115.19.71
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://waaw.ac/styles/cbv2new/theme/rating.css
Requested by: Host: waaw.ac
URL: https://waaw.ac/watch_video.php?v=Sm9tazRLM0NoZEk5cGwyS3c3K1JsQzAycXhnU3pYeDRwMUNyeHV5UmhvK0wrZDE5eW5ZdGN3UkY0WGpOdXVPVQ%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waaw.ac/watch_video.php?v=Sm9tazRLM0NoZEk5cGwyS3c3K1JsQzAycXhnU3pYeDRwMUNyeHV5UmhvK0wrZDE5eW5ZdGN3UkY0WGpOdXVPVQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: cache
date: Thu, 11 May 2023 11:30:11 GMT
content-encoding: gzip
x-cache-status-inferno-s: HIT
last-modified: Sat, 07 Sep 2013 15:43:21 GMT
server: Google Frontend
etag: W/"522b4999-fbe"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials: true
x-inferno-location: static
accessing-static: 1

GET
H2 200 jquery.min.js
unpkg.com/jquery@2.2.4/dist/ 84 KB
31 KB 38ms
20ms Script
application/javascript 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/jquery@2.2.4/dist/jquery.min.js

Requested by

Host: waaw.ac
URL: https://waaw.ac/watch_video.php?v=Sm9tazRLM0NoZEk5cGwyS3c3K1JsQzAycXhnU3pYeDRwMUNyeHV5UmhvK0wrZDE5eW5ZdGN3UkY0WGpOdXVPVQ%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://waaw.ac/
Origin: https://waaw.ac
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:11 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 11002166
last-modified: Fri, 20 May 2016 17:24:42 GMT
fly-request-id: 01GNXCQ8W8ZEADCK3ZJEZ6B604-fra
server: cloudflare
etag: W/"14e4a-abtp4lyn1e8JNTF1hOYVPz/ZqIw"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c5a16a89acf2c51-FRA

GET
H2 200 Primary Request / Show response
cnvyl.katerionews.com/hot-news/ 71 KB
11 KB 185ms
140ms Document
text/html 2606:4700:3030::6815:46c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Requested by: Host: waaw.ac
URL: https://waaw.ac/watch_video.php?v=Sm9tazRLM0NoZEk5cGwyS3c3K1JsQzAycXhnU3pYeDRwMUNyeHV5UmhvK0wrZDE5eW5ZdGN3UkY0WGpOdXVPVQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:46c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e7065b985686ecad42fcd6bfc5a56e3b9201fa2b055355298e9b70e38387c58

Request headers

Referer: https://waaw.ac/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 7c5a16a92c422bcd-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 11 May 2023 11:30:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6x4ZZAEnN3gr84hTYB%2FVQVJHO74EJ3n1Qg16ObyBpjRz0ndT0xSCyn%2FpfgZCpy7M8KEtaC%2B9A%2FjebNw%2BLlcVH%2BYpUNjUs%2F2aVDZDYh%2BCeHebFp9Gor5WmFutvN5NQ0k89o0Ol3pPTDQlhySK5Fm%2F1iZhu8U%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 style.min.css
katerionews.com/wp-includes/css/dist/block-library/ 95 KB
13 KB 37ms
27ms Stylesheet
text/css 2606:4700:3030::6815:46c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://katerionews.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:46c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Apr 2023 19:41:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 775462
etag: W/"644acfea-17ced"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DLEdQfuDeGEzrAodTzxGI%2FLZ0t%2F3Si93nhZ3SQWMF%2BLTzV29JpzYTuUI7MGueFBSO6vpYzKgvd0B%2Bt8ilJz7lEsVI7MWt1mW2RelFaVxC8q%2FxNCQsG7JTOZDPmiY9Uqi5XllCEBMXxlLdJl8NKE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7c5a16aa1dbd2bcd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jun 2023 12:05:50 GMT

GET
H2 200 classic-themes.min.css
katerionews.com/wp-includes/css/ 291 B
498 B 29ms
19ms Stylesheet
text/css 2606:4700:3030::6815:46c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://katerionews.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:46c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Apr 2023 19:41:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 775382
etag: W/"644acfea-123"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lT%2BA3ngfl%2BSAzoHruxzCJFiJmdbn%2FHJIjLRjfvOr2l8dQcwbQ3nwEfg9D%2Fk5tVW3bK5vJl69gXOaRFR0BTPHqVMfnjoeXH4rrnp2gdI%2Bjoad2lnu9l32Bx1SVKdjquhpZLC1cAJ2n2SUZ16AUHQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7c5a16aa1dbc2bcd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jun 2023 12:07:10 GMT

GET
H2 200 wpautoterms.css
katerionews.com/wp-content/plugins/auto-terms-of-service-and-privacy-policy/css/ 547 B
485 B 28ms
19ms Stylesheet
text/css 2606:4700:3030::6815:46c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://katerionews.com/wp-content/plugins/auto-terms-of-service-and-privacy-policy/css/wpautoterms.css?ver=6.1.1
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:46c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2721cb3be7704be75a403489d609671fab74269a881ca8b62f1b47f118c02a76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 19 Jan 2023 11:35:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 775382
etag: W/"63c92b0f-223"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7MHI9fMfZtKWeFM7HagtRKg49f7ye08Gt9yZPiiOOa9baCXEsjG2StZrdu5IjVQv7fkskAq569HIkNIjAm9MB3au%2Ff%2F5U%2F3dNJCSlSivxnAcG9kkFnBN1R%2BgTBPVW%2BXntofLQyi9sNT5%2BjOkLUE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7c5a16aa1dc92bcd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jun 2023 12:07:10 GMT

GET
H2 200 styles.css
katerionews.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 27ms
18ms Stylesheet
text/css 2606:4700:3030::6815:46c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://katerionews.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.2
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:46c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Apr 2023 19:41:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 775382
etag: W/"644acfcd-b2b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ER4kwyIYXHCg5Hmh%2BiPzrgEKVqqH%2FUY7oCyVS6mdPw4HEAqwDjrdgOyK2pY4WSW9bHC24AMfJQ8H2pPmHozU6s8tk%2B5oFsuiSYmgLo2vfK0OUoYDBNNlBZs5q1qS2oJP9mn1bXcb%2B1a%2FLc4qehc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7c5a16aa1dc22bcd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jun 2023 12:07:10 GMT

GET
H2 200 style-frontend-pro.1.20.2.css
katerionews.com/wp-content/plugins/social-pug/assets/dist/ 0
341 B 27ms
17ms Stylesheet
text/css 2606:4700:3030::6815:46c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://katerionews.com/wp-content/plugins/social-pug/assets/dist/style-frontend-pro.1.20.2.css?ver=1.20.2
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:46c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 775552
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
last-modified: Tue, 21 Mar 2023 20:25:18 GMT
server: cloudflare
etag: "641a12ae-0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kYDUzNMXKt3nAUUQWkNhCr9dx0Z1nGSqltu%2BAAIoNjqkFo%2BA6K8YggnnARm%2FxGifdO3E497LAxKK77iOuneeGBDjhVkISw8mn%2F4h%2BQRc%2FZWSZ4xcr4awSOfEPOr86glSCGdOJqtzf1Ke9TDYNKo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7c5a16aa1dc52bcd-FRA
expires: Thu, 01 Jun 2023 12:04:20 GMT

GET
H2 200 jquery.bxslider.min.css
katerionews.com/wp-content/themes/supermag/assets/library/bxslider/css/ 2 KB
928 B 28ms
18ms Stylesheet
text/css 2606:4700:3030::6815:46c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://katerionews.com/wp-content/themes/supermag/assets/library/bxslider/css/jquery.bxslider.min.css?ver=4.2.5
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:46c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 392d77cffdff39dc3f1a1b0f8f75dc53a84b0329bdb9d43908ead698ed004e9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 05 Feb 2022 11:34:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 775382
etag: W/"61fe60e2-8a4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=utcuI0UWQWTDtETR5aL1EHGdBTRLFNPsqxHo5WeEeVIVZJv%2BOWtoMG4q4%2FWkaF5e22zquc5LsMGwXehSx5xOJTveCfkcHaloH%2Bpj753DypQmXfMz%2FqHZKju7jTsn0%2FwwoqvEUv8jnJCp%2Bfz36RY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7c5a16aa1dbf2bcd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jun 2023 12:07:10 GMT

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 89ms
23ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A600%2C400%7CRoboto%3A300italic%2C400%2C500%2C700&ver=1.0.1

Requested by

Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

20b608e9acc2503aa48a61182c4ccac4b95be292e5df01776dc1b61012e30c8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 11 May 2023 11:30:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 11 May 2023 11:15:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 May 2023 11:30:12 GMT

GET
H2 200 font-awesome.min.css
cnvyl.katerionews.com/wp-content/themes/supermag/assets/library/Font-Awesome/css/ 30 KB
7 KB 25ms
22ms Stylesheet
text/css 2606:4700:3030::6815:46c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cnvyl.katerionews.com/wp-content/themes/supermag/assets/library/Font-Awesome/css/font-awesome.min.css?ver=4.7.0
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:46c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 05 Feb 2022 11:34:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 123233
etag: W/"61fe60e2-791c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2Btg2tpMFy%2BczHqkI90QeXSaZfIOstASl7xwkOfLqcl%2FbpegUqbcu%2F6I%2FWPPOpFkBMuxDbOZ2UQ7DTy%2BD8u8hRMnOX0A1r3W1Y2UKvt5h9FWNa8Tf3ISCD4qwKszd9BS4mEGSCzZapiYLxG0xpvzAoOH83A%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7c5a16aa0db02bcd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 09 Jun 2023 01:16:19 GMT

GET
H2 200 style.css
katerionews.com/wp-content/themes/supermag/ 48 KB
11 KB 29ms
20ms Stylesheet
text/css 2606:4700:3030::6815:46c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://katerionews.com/wp-content/themes/supermag/style.css?ver=1.4.9
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:46c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ffcaf1952587ab361109eaa43bfc5d1cb964cc5f639f5487eef6101daafaff4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 05 Feb 2022 11:34:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 775382
etag: W/"61fe60e2-c043"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uO1zwSX%2F4tRDiSOt4XGYqE9%2BWNx4xDj69SCSQJwi5X%2BHahBPemgHVdFSEmb9P8fuwT7UofDbp823PplNfvWdAGJ7JKt4Yc3bFEjC4uUlD3fS8PPNW0b0f1fJ%2BjiL43YuNkzGM8Mf3kds4dFJCKI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7c5a16aa1dc82bcd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jun 2023 12:07:10 GMT

GET
H2 200 gutenberg-front.css
katerionews.com/wp-content/themes/supermag/acmethemes/gutenberg/ 1 KB
694 B 30ms
21ms Stylesheet
text/css 2606:4700:3030::6815:46c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://katerionews.com/wp-content/themes/supermag/acmethemes/gutenberg/gutenberg-front.css?ver=1.0
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:46c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2f759732212e67ffa0b6e9b3a2107d4e4b37adfc249f02d5247013a1533283a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 05 Feb 2022 11:34:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 775382
etag: W/"61fe60e2-47f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NYyKWLHiTM2LWszKxiPy5f7RMZVqSeH5J14h%2Bw5Ykl7AOg5fS6PfUdUcuY1HBAiBlJ9uBk5lx5SpXCZw%2BFivxRzRdbHBIRtvp%2BPwGdL%2FtDGgZdp6vwSgsKonu6bgJP6PC1MQRb79oNibQpOBeWM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7c5a16aa1dc72bcd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jun 2023 12:07:10 GMT

GET
H2 200 jquery.min.js Show response
katerionews.com/wp-includes/js/jquery/ 88 KB
32 KB 37ms
28ms Script
application/javascript 2606:4700:3030::6815:46c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://katerionews.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:46c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Apr 2023 19:41:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 775545
etag: W/"644acfea-15ed7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C2bMdB8ouSomjhGZEoMJQ%2B5hssQYKwXpQKrrrwZDIptnt4%2FjxfcdZkHn09zSkhjn%2FZfikBilYpc6gPZOh2U1%2B0659d5Sx7snGOGJMhnu%2F6n9vll%2Fit70iDu%2Fuq9Rti%2FMy5%2B3TWAzSENwzj9OLoc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7c5a16aa1dca2bcd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jun 2023 12:04:27 GMT

GET
H2 200 jquery-migrate.min.js Show response
katerionews.com/wp-includes/js/jquery/ 13 KB
5 KB 44ms
35ms Script
application/javascript 2606:4700:3030::6815:46c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://katerionews.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:46c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Apr 2023 19:41:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 775462
etag: W/"644acfea-3470"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s4WwaDytTgI5xarXay%2F6IkC5x5qETs8F2CUyVLk1VX%2FZQElW3yVVzV2gdLojjHH%2BrjxBiLW89HPXTtTxlPhx98TKgja2b98hWL12YvKwG9J5LW6XCmwHMcxwFyuBP%2BD7LVil0%2F3PF5tGRtfeGX0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7c5a16aa2dd22bcd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jun 2023 12:05:50 GMT

GET
H2 200 regenerator-runtime.min.js Show response
katerionews.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 45ms
36ms Script
application/javascript 2606:4700:3030::6815:46c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://katerionews.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:46c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Apr 2023 19:41:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 775382
etag: W/"644acfea-19cf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ic6aB5hzERdTv2XL6Dgh9rLlkMGR%2F3PE0np4UKnec6P9KPEK2mKo6VVzOfEWwIM%2FoeE5oCIkOyxrS3%2BRx8f14hi6MPkO4n0umFLD3UVJ42UO92MZJUfv3PgdfnGpcXLp2%2BIjHo28FX6KLuwmQbY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7c5a16aa2dd02bcd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jun 2023 12:07:10 GMT

GET
H2 200 wp-polyfill.min.js Show response
katerionews.com/wp-includes/js/dist/vendor/ 17 KB
7 KB 35ms
26ms Script
application/javascript 2606:4700:3030::6815:46c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://katerionews.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:46c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 20 Sep 2022 15:43:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 775382
etag: W/"6329dfa1-459f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FJlXZGtcd%2Fwnx8xY6%2FKs7%2BBeiD0BawjuIVqeTZoDKMy3sjOMQOBFoQsXbslLWoRjx4JYYBsuZu5m03Sf5C6awUpFuSkT7K0fPf2P%2FKQimCh2nHBFd8WMj14uRN333D1RwXp0MOX75p6%2FD%2BSnhEk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7c5a16aa2dce2bcd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jun 2023 12:07:10 GMT

GET
H2 200 dom-ready.min.js Show response
katerionews.com/wp-includes/js/dist/ 498 B
626 B 29ms
20ms Script
application/javascript 2606:4700:3030::6815:46c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://katerionews.com/wp-includes/js/dist/dom-ready.min.js?ver=392bdd43726760d1f3ca
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:46c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 166c7c3bb5f76f977a9f2a5490589b3466374eb2b3f064802e56f08bad71fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 775382
etag: W/"6254194e-1f2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hwQ8E7uAInIzZ2wiLFiA8AP%2BMjeFdPrtIiV1ds%2B1PEJeqJp%2FRSe3wuuBTu2zZOj6%2FFnqduvjOPBhbfO7ey4Ze41I%2BCeAJ%2B6v1ZXietR3hVSqnaMGx6Ukkk0kmIZM5%2BXENUFubTZIXj1jhI5sK%2Bs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7c5a16aa2dcf2bcd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jun 2023 12:07:10 GMT

GET
H2 200 base.js Show response
katerionews.com/wp-content/plugins/auto-terms-of-service-and-privacy-policy/js/ 720 B
596 B 36ms
27ms Script
application/javascript 2606:4700:3030::6815:46c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://katerionews.com/wp-content/plugins/auto-terms-of-service-and-privacy-policy/js/base.js?ver=2.5.0
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:46c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f58e30ab562e4d580aa3af24b123c2c296906742de518a749215e13d6bd2f0db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 19 Jan 2023 11:35:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 775382
etag: W/"63c92b0f-2d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pQWkRPM19r9KksUd0kef1RAgvI82v0U564REe7uVjSQHBKzo9JWzzkeo3FLXSnKlxtCoxUPFy8r3sYLxe%2FK97uxg3FfluhiqD5M6ORg6b2pMbD3v6%2FEXAt11Q%2Fslh3uYB0PBxwKtt6RIZA%2F3eEA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7c5a16aa2dd32bcd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jun 2023 12:07:10 GMT

GET
H2 200 notbot.js Show response
katerionews.com/wp-content/plugins/wp-simple-firewall/resources/js/shield/ 5 KB
2 KB 34ms
25ms Script
application/javascript 2606:4700:3030::6815:46c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://katerionews.com/wp-content/plugins/wp-simple-firewall/resources/js/shield/notbot.js?ver=16.1.14&mtime=1674128137
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:46c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4865394c997ec6daa7530ce6d4e6c21e149a09d8d7058f0ffcc7a7771e36a6e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Apr 2023 19:41:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 775382
etag: W/"644acfd6-14cc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O7XRx2HJOIpmc1xMoUbstymkczdlkuO%2Fhc0qMQzVZsnRjXpu5vjXkDtvII0OEbfbCgJJ3QtBJwSwtCzZ6v7wfmpoLXq2nV298aQcuM3fyyL5C9LleEXmzWLnYQrIOLLq9ESUCWd5ZSmmHPatc2U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7c5a16aa2dcd2bcd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jun 2023 12:07:10 GMT

GET
H2 200 loginbot.js Show response
katerionews.com/wp-content/plugins/wp-simple-firewall/resources/js/shield/ 3 KB
1 KB 28ms
19ms Script
application/javascript 2606:4700:3030::6815:46c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://katerionews.com/wp-content/plugins/wp-simple-firewall/resources/js/shield/loginbot.js?ver=16.1.14&mtime=1674128137
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:46c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 474776eb17d0e4ca038f4994076ede6f4017ecdf91eff0d3d074c3b7bb6a5a97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Apr 2023 19:41:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 775382
etag: W/"644acfd6-c9f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FcDvBFgC%2BtiARDmyiabCU7YLL8fXu3CKN39BELBS6bDZVt1EFLGBIreNs56b8DUXIu0C1efL3isiaKYcCx5ziBPyRscGY3NW06UNi3aW%2FW5y0Ps7oB%2BNa6i3AfDki%2FemnYUMSo%2FeK3mD%2FScaHJU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7c5a16aa1dcb2bcd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jun 2023 12:07:10 GMT

GET
H2 200 katerionews.comhead.js Show response
jscdn.greeter.me/ 8 KB
8 KB 219ms
11ms Script
text/javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://jscdn.greeter.me/katerionews.comhead.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

226d63070977daaa2f82aad016a0207efaecfe2b818a4373b4675a0e1b5d0345

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:12 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Thu, 27 Apr 2023 08:24:42 GMT
x-amz-request-id: tx00000000000006bbb970d-00645ccc28-9655fbac-fra1b
etag: "aac2da2ccc3948c99a291016a946d45c"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1683804612.dop202.fr8.t,1683804612.cds149.fr8.hn,1683804612.cds257.fr8.c
content-type: text/javascript
cache-control: max-age=2164
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 8319

GET
H2 200 katerionews.comdynamic.js Show response
jscdn.greeter.me/ 8 KB
8 KB 220ms
12ms Script
text/javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://jscdn.greeter.me/katerionews.comdynamic.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

531278a3ace8dcd7e7c86086a174d4779bd1c1042e51798e6801aad0cb96f766

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:12 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Thu, 27 Apr 2023 08:24:37 GMT
x-amz-request-id: tx00000000000006bbbb49c-00645ccc34-9655fbac-fra1b
etag: "601d8420986f3b5983088b1cbf6643fe"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1683804612.dop202.fr8.t,1683804612.cds149.fr8.hn,1683804612.cds002.fr8.c
content-type: text/javascript
cache-control: max-age=2176
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 7915

GET
H2 200 tag_5f40f04e-17fa-49cf-ae12-28a8f5bc005c.js Show response
player.adipolosolutions.com/cdn/tags/ 37 KB
37 KB 63ms
17ms Script
text/javascript 34.107.214.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adipolosolutions.com/cdn/tags/tag_5f40f04e-17fa-49cf-ae12-28a8f5bc005c.js
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.214.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3c5eaeadeae2ed0bb83f2c5afa942cf6a48c5f6736e55bc85b65dfd99fe8e846

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 10:45:44 GMT
age: 2668
x-guploader-uploadid: ADPycdvh5wL-l-9mLtcm8PLwVjgQaiSvBxI1zF-TcTmRB-A2QBvTwT8nKrw3IRHEYxP-3AsdddOQO7Pphu4Vxi1E7CdHE1M2xojg
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37619
last-modified: Wed, 10 May 2023 19:02:57 GMT
server: UploadServer
etag: "70a49420ce464d0851f17c84ce6f7200"
x-goog-generation: 1683745377074533
x-goog-hash: crc32c=G97Etw==, md5=cKSUIM5GTQhR8XyEzm9yAA==
access-control-allow-origin: *
access-control-expose-headers: Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control: public,max-age=3600
x-goog-stored-content-length: 37619
accept-ranges: bytes
content-type: text/javascript;charset=UTF-8

GET
H2 200 katerionews_com_27f21a7 Show response
tags.smilewanted.com/formats/corner-video/ 14 KB
5 KB 81ms
19ms Script
application/javascript 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.smilewanted.com/formats/corner-video/katerionews_com_27f21a7
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 207578c5174cfaf4b8edbf49ce3e78e5f9f2bcb61b3d7f72235533b166a19de2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 11 May 2023 11:26:20 GMT
server: cloudflare
age: 232
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7c5a16aa7ced362b-FRA

GET
H3 200 cropped-kn-1.png
katerionews.com/wp-content/uploads/2023/01/ 10 KB
10 KB 18ms
16ms Image
image/png 2606:4700:3030::6815:46c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://katerionews.com/wp-content/uploads/2023/01/cropped-kn-1.png
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:46c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3278dc214a7ce0f416b7cdcf436537508aa95be0b953bf98c9272fdac2fc9d79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 775552
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10027
last-modified: Thu, 19 Jan 2023 11:37:44 GMT
server: cloudflare
etag: "63c92b88-272b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vvmc%2BUfKyQLDahXw3QiK88sfnroQlbLokZdVksW%2B9hH6XFbllQvALGCuQFNloHXo61%2FxIMK1QMAcd%2Fp4FG%2FwK4bnyD6NgG3Nge5POQPS4N%2ByHWjLxvc5TE0GCAFHnrrS%2BQ3LpfKHW%2Bjde%2FxStUs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7c5a16aabe553aa2-FRA
expires: Thu, 01 Jun 2023 12:04:20 GMT

GET
H3 200 style.css
katerionews.com/wp-content/plugins//automatic-video-posts/public/assets/css/ 2 KB
1 KB 17ms
16ms Stylesheet
text/css 2606:4700:3030::6815:46c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://katerionews.com/wp-content/plugins//automatic-video-posts/public/assets/css/style.css?ver=5.2.7
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:46c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f7bafa8c851ebd19002c6800701bad1729c46307ec72ef33ef8d6be928a8753

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 01 Oct 2021 12:36:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 775552
etag: W/"615700d5-620"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P6Z7yu5sYNqrnhVYT%2FTzXqhKmvdWjQQATVJDVd0yE07RdQp%2FEtg5tW1NH8eZyuw28JiQjBdQBYsqfdmLQt0xv3LkQZAu105M7qYEqyvsXGj9kcq80m1d4DmzoPNWkp4%2FYQnlP%2F3Q4%2BbiRqGe35U%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7c5a16aa9e0c3aa2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jun 2023 12:04:20 GMT

GET
H3 200 index.js Show response
katerionews.com/wp-content/plugins/contact-form-7/includes/swv/js/ 10 KB
3 KB 15ms
14ms Script
application/javascript 2606:4700:3030::6815:46c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://katerionews.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.2
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:46c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Apr 2023 19:41:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 775552
etag: W/"644acfcd-2801"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IOkucplBt1LnGRNjJb3iUb1uMxl6oYx6%2FOhYyrQ4LEC%2BbUSQlcVTcvkTk31pxXqJSm1Q7LZ1D5RziYIlNA%2BehWIz%2F27w87xzh0pATPgkjY0KyxMnpX4GujqUFcx2ccePRP3YZ9sEn2EGzQsTwHU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7c5a16aa9e123aa2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jun 2023 12:04:20 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.4/ 82 KB
30 KB 63ms
16ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 18:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62603
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29725
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 May 2024 18:06:49 GMT

GET
H3 200 index.js Show response
katerionews.com/wp-content/plugins/contact-form-7/includes/js/ 13 KB
5 KB 25ms
23ms Script
application/javascript 2606:4700:3030::6815:46c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://katerionews.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:46c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Apr 2023 19:41:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 775552
etag: W/"644acfcd-328f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bx6Mz5fM6sUnrM78QPjXEAVWISswSfaH1kFaT8wT1kseaFEHJO0VvtztJsP59U2tC95sXal5n6XCSNGNM7suCcJkJEvtBOnejPVtQ4V%2FpnM5WV4fDh7X%2FSpk1dLSi8D5eRd%2BGuwFm6%2FCz7wMdIk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7c5a16aabe503aa2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jun 2023 12:04:20 GMT

GET
H3 200 jquery.bxslider.js Show response
katerionews.com/wp-content/themes/supermag/assets/library/bxslider/js/ 66 KB
15 KB 24ms
22ms Script
application/javascript 2606:4700:3030::6815:46c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://katerionews.com/wp-content/themes/supermag/assets/library/bxslider/js/jquery.bxslider.js?ver=4.2.5.1.2
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:46c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5836e342b13c5e478c0587befc676af479166eefb14a1887f73783f2716cc31f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 05 Feb 2022 11:34:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 775552
etag: W/"61fe60e2-1061b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4haVxPT5xwrtVJE5v%2FK0L0PRNp6jgmkijlj8C7URIck%2F5k6zmvXtrKm1h%2F9HPyh7NXwJj7MqIIW0jWacCUgYO%2B3dqLUx2R7tTGsrsQj4dwPLAglB950ztwr0SRw9ffqs%2FcQFTqcGsowKvphghJY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7c5a16aabe513aa2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jun 2023 12:04:20 GMT

GET
H3 200 theia-sticky-sidebar.min.js Show response
katerionews.com/wp-content/themes/supermag/assets/library/theia-sticky-sidebar/ 5 KB
2 KB 18ms
16ms Script
application/javascript 2606:4700:3030::6815:46c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://katerionews.com/wp-content/themes/supermag/assets/library/theia-sticky-sidebar/theia-sticky-sidebar.min.js?ver=1.7.0
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:46c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb242b5f299cd08ee579ad1b46e13cb235bb595dd10b03fab7dfadfc61103be6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 05 Feb 2022 11:34:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 775552
etag: W/"61fe60e2-1537"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i7jLKfeEx15N8C2FJmaRtACKBYbd2jGzR0VyJPxsa1N%2FyVzAZh1Dn8FXQ3rsP9w3%2Bu1t39fQtAczOhYDUlvTSpjDS2Hgz5EV%2BgKdCC6XeFQVnVMHU8O6NFJvl57FyGq940u1KNyrJXvNINJVzJ0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7c5a16aabe523aa2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jun 2023 12:04:20 GMT

GET
H3 200 supermag-custom.js Show response
katerionews.com/wp-content/themes/supermag/assets/js/ 19 KB
5 KB 25ms
22ms Script
application/javascript 2606:4700:3030::6815:46c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://katerionews.com/wp-content/themes/supermag/assets/js/supermag-custom.js?ver=1.4.0
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:46c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7724e3d047bd094825f7e457996cb1f75a8fae6f99b38ae8a68baa65d667ed6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 05 Feb 2022 11:34:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 775552
etag: W/"61fe60e2-4a73"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eDWVpXkiQ76PxDHdhVJstwnTfqHOPKYrxItHd6rz3C46N6DIj3i77gTb8TaZp%2BB17F0b7uukNNRBEol7ANyxS7hco3GPH3xHCDyIS0Mdh%2Fa6LpsCrql0COYtXUJNxS6Oo5iOBVYwXaqDiafUUPU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7c5a16aabe533aa2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jun 2023 12:04:20 GMT

GET
H3 200 scripts.js Show response
katerionews.com/wp-content/plugins//automatic-video-posts/public/assets/js/ 2 KB
1 KB 30ms
27ms Script
application/javascript 2606:4700:3030::6815:46c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://katerionews.com/wp-content/plugins//automatic-video-posts/public/assets/js/scripts.js?ver=1.0
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:46c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3c474724239d651fa1cc6b85d69083ea4eb92237083e319ec4f29650bb94c13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 01 Oct 2021 12:36:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 775552
etag: W/"615700d5-6df"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o7l6xYXbQd7KARvmQEobqV2eWRSld7Ecv1MAgyENvqqs7qKB41drsQZikJ6lJDikQVjRIvKyQ5aFzNwXw3D8zNJEFEG%2BaUdoumk6N%2F7BCdlqkgKaxCZ8IIxjQ%2Bb9OGI7k8tA3JTShqo456xkVy0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7c5a16aabe543aa2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jun 2023 12:04:20 GMT

GET
H2 200 style.css
tags.smilewanted.com/formats/config_formats/corner-video/katerionews_com_27f21a7/ 5 KB
1 KB 43ms
40ms Stylesheet
text/css 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.smilewanted.com/formats/config_formats/corner-video/katerionews_com_27f21a7/style.css
Requested by: Host: tags.smilewanted.com
URL: https://tags.smilewanted.com/formats/corner-video/katerionews_com_27f21a7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc407b6b3fbd5020ef439472c3adb6aab02e76066e1aa040d2f47ea6a5c4e77a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 11 May 2023 11:26:20 GMT
server: cloudflare
age: 232
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: max-age=86400
cf-ray: 7c5a16aabd4b362b-FRA

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 360 KB
121 KB 103ms
53ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: tags.smilewanted.com
URL: https://tags.smilewanted.com/formats/corner-video/katerionews_com_27f21a7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f826765655e6a3e039bda8ec43370f2c9247a931e3e33129175e48ca0690b1e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122883
x-xss-protection: 0
expires: Thu, 11 May 2023 11:30:12 GMT

GET
H2 200 adx Show response
pubads.g.doubleclick.net/gampad/ Frame 26AD 0
579 B 123ms
44ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/adx?iu=/275831643/pixel_dar_test&sz=1x1&t=sw_domain_name%3Dkaterionews_com_27f21a7&1683804612271

Requested by

Host: tags.smilewanted.com
URL: https://tags.smilewanted.com/formats/corner-video/katerionews_com_27f21a7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cnvyl.katerionews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 May 2023 11:30:12 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
google-creative-id: -2
google-lineitem-id: -2
google-mediationgroup-id: -2
google-mediationtag-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST adcall.php
prebid.smilewanted.com/track/analytics/ 0
0

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
47 KB 56ms
17ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A600%2C400%7CRoboto%3A300italic%2C400%2C500%2C700&ver=1.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cnvyl.katerionews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 05:45:28 GMT
x-content-type-options: nosniff
age: 452684
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 05:45:28 GMT

GET
H2 200 VDFzNEluSU0wbzdEMmJhL0UrQ0svdz09 Show response
waaw.ac/e/ Frame 383F 141 KB
40 KB 1055ms
1054ms Document
text/html 190.115.19.71
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://waaw.ac/e/VDFzNEluSU0wbzdEMmJhL0UrQ0svdz09?http_referer=https%3A%2F%2Fwaaw.ac%2Ff%2F1eZisRF9BgAt&embed_from=embed_from

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

Software

Google Frontend /

Resource Hash

62a221ed70d6ece65e0561c661f579a7bc2a3e38f78bb268cd793ce831f5a4fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

Referer: https://cnvyl.katerionews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 11 May 2023 11:30:13 GMT
link: <//waaw.ac>; rel=preconnect; crossorigin, <//global.stun.twilio.com>; rel=dns-prefetch; crossorigin, <//counter.yadro.ru>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//stun2.l.google.com>; rel=dns-prefetch; crossorigin, <//unpkg.com>; rel=preconnect; crossorigin, <//mc.yandex.ru>; rel=preconnect; crossorigin, <//cdn.jsdelivr.net>; rel=preconnect; crossorigin, <//signal.netu.tv>; rel=dns-prefetch; crossorigin,<//wss.commentsmodule.com>; rel=dns-prefetch; crossorigin, <//www.gstatic.com>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin,<//a.labadena.com>; rel=preconnect; crossorigin, <//deliver.vkcdnservice.com>; rel=preconnect; crossorigin,<//vkcdnservice.appspot.com.storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin, <//www.recaptcha.net>; rel=preconnect; crossorigin, <//cdnjs.cloudflare.com>; rel=preconnect; crossorigin
p3p: policyref="http://www.example.com/w3c/p3p.xml", CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR"
pragma: no-cache
server: Google Frontend
vary: Accept-Encoding
x-cache-status-inferno: MISS
x-content-type-options: nosniff
x-inferno-limit-req: DELAYED
x-inferno-location: player
x-origin-location: player
x-robots-tag: 'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
x-xss-protection: 1; mode=block;

GET
H3 200 fontawesome-webfont.woff2
cnvyl.katerionews.com/wp-content/themes/supermag/assets/library/Font-Awesome/fonts/ 75 KB
76 KB 16ms
16ms Font
font/woff2 2606:4700:3030::6815:46c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cnvyl.katerionews.com/wp-content/themes/supermag/assets/library/Font-Awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/wp-content/themes/supermag/assets/library/Font-Awesome/css/font-awesome.min.css?ver=4.7.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:46c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://cnvyl.katerionews.com/wp-content/themes/supermag/assets/library/Font-Awesome/css/font-awesome.min.css?ver=4.7.0
Origin: https://cnvyl.katerionews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 119775
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
last-modified: Sat, 05 Feb 2022 11:34:58 GMT
server: cloudflare
etag: "61fe60e2-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N08v4UcmAdnODsTVwfadeuPAz8y%2B%2FeVL14FfntQGGBNHAFVEoJIgGYbzpNRpPEtbStlq7NA0OreKNbRNCU%2Bep4qBudCBoWgFsZDE1u8M7kYFP9UjUaMhutGPX6TvRKSFXXdyJ17Mx%2FeXeycMn034To6%2BeHw%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7c5a16aade753aa2-FRA
expires: Fri, 09 Jun 2023 02:13:57 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 44ms
14ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A600%2C400%7CRoboto%3A300italic%2C400%2C500%2C700&ver=1.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cnvyl.katerionews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 06:10:15 GMT
x-content-type-options: nosniff
age: 451197
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 06:10:15 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 67ms
36ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A600%2C400%7CRoboto%3A300italic%2C400%2C500%2C700&ver=1.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cnvyl.katerionews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 18:58:23 GMT
x-content-type-options: nosniff
age: 405109
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 18:58:23 GMT

GET
H3 200 u4L21JI5AqA-649x365.jpg
katerionews.com/wp-content/uploads/2023/01/ 24 KB
24 KB 21ms
21ms Image
image/jpeg 2606:4700:3030::6815:46c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://katerionews.com/wp-content/uploads/2023/01/u4L21JI5AqA-649x365.jpg
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:46c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d88a09aa109b7bac1e729cd73e9272423b7e43d3c5af2fa3716c512f2f51d91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 775551
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24574
last-modified: Tue, 24 Jan 2023 11:32:23 GMT
server: cloudflare
etag: "63cfc1c7-5ffe"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EGam8%2F18ypv2S2pP%2BlqHdPFkhYv0c%2FzEgz43tOc5goimF7Huuq%2B7xp%2F7ypV2Jipj3oEieSpmtsHR2F9aBEkmyChHW60n0s1tBG4bqwrIf5Z7L6%2F3UqMe5Ek9tAf9HnRsBFTu2w%2FF7d2EzviLlwE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7c5a16aaee8e3aa2-FRA
expires: Thu, 01 Jun 2023 12:04:21 GMT

GET
H3 200 sKAIdZf8A_g-649x365.jpg
katerionews.com/wp-content/uploads/2023/01/ 39 KB
39 KB 16ms
16ms Image
image/jpeg 2606:4700:3030::6815:46c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://katerionews.com/wp-content/uploads/2023/01/sKAIdZf8A_g-649x365.jpg
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:46c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc0db0297d1c3aebb37d57589a3a4173d57037d784a5e53435e6af47b226b3a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 775551
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39622
last-modified: Tue, 24 Jan 2023 11:32:22 GMT
server: cloudflare
etag: "63cfc1c6-9ac6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ceAhEk4Kjtv%2BtMpfd9BN%2FjNZt8vvqdsa5dTpG4Tv2Kn8AnAYujvX4X7uRzuE%2B0KiroFyy6iOIg2RqbwMVJT7Qaumfo375XOxyLuXut1Fs1phy%2BYOZCLYzYNVBOzAkAnAQEhafRFuICfeqasj23Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7c5a16aaee903aa2-FRA
expires: Thu, 01 Jun 2023 12:04:20 GMT

GET
H3 200 7q-j87W5XgA.jpg
katerionews.com/wp-content/uploads/2023/01/ 31 KB
31 KB 23ms
22ms Image
image/jpeg 2606:4700:3030::6815:46c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://katerionews.com/wp-content/uploads/2023/01/7q-j87W5XgA.jpg
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:46c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b3d371d468b3c78f4f75bb0395c0335eba859ecb6c9a66c0b4a6f8002f5a1c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 775551
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31242
last-modified: Tue, 24 Jan 2023 11:32:19 GMT
server: cloudflare
etag: "63cfc1c3-7a0a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NdeGW8cQF%2B8LSE%2Fo81nobhqbDgR2Jc8ts5KCNBOGTP4DAcPqcp56xxp21YpTY%2BGRg9wk4nWlfF01uLPnoRM1r3uTWTDTdaM8jrK84moI%2BP7ODi4olU%2FBhCoM4z2MQThllnuKdOuTBIIDk054RGk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7c5a16aaee913aa2-FRA
expires: Thu, 01 Jun 2023 12:04:21 GMT

GET
H3 200 B0Jiu7ujCpE.jpg
katerionews.com/wp-content/uploads/2023/01/ 36 KB
37 KB 25ms
24ms Image
image/jpeg 2606:4700:3030::6815:46c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://katerionews.com/wp-content/uploads/2023/01/B0Jiu7ujCpE.jpg
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:46c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5624a88713c68344740b801d8dab70d5daf32d5c1636fa151197dd69839b7be3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 775551
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36989
last-modified: Mon, 23 Jan 2023 23:32:17 GMT
server: cloudflare
etag: "63cf1901-907d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ek6Tm5Q3ewxc7fgsZC87z31eCV4%2Bw2R%2FexzuAySv0cWpTu%2FcKWMofyjHCXksafrZGZ%2BIYayjFR%2Fms4oF3ywapbS2y0CWv5JJItk6M64EYwVPMRX13axApT0mtwedZSbChl1oXc4tG6jT8MEHMdQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7c5a16aaee923aa2-FRA
expires: Thu, 01 Jun 2023 12:04:21 GMT

GET
H3 200 MYuX_kCy1Jk-649x365.jpg
katerionews.com/wp-content/uploads/2023/01/ 34 KB
35 KB 29ms
29ms Image
image/jpeg 2606:4700:3030::6815:46c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://katerionews.com/wp-content/uploads/2023/01/MYuX_kCy1Jk-649x365.jpg
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:46c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032f68a2c878b1ddcf04bc6aee774a8ea165de501cf2e37b2a701ff7e01f6870

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 775551
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34869
last-modified: Mon, 23 Jan 2023 23:32:19 GMT
server: cloudflare
etag: "63cf1903-8835"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eoTQia%2B%2F4AkBngQ%2BvMtldvuZwaCZSs5aCjhhBIZPClm3voQe92C01ZOxeR7r13uv9m4Cx3HlafrG9Mi3we4IvcekYtxnRRfgmnn2nm5AdnD2enQdO4Zn6u%2FqnLOU051SiL2aE9EvKcsN5yoKzMg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7c5a16aaee943aa2-FRA
expires: Thu, 01 Jun 2023 12:04:21 GMT

GET
H3 200 TRsDnG7NXDs-649x365.jpg
katerionews.com/wp-content/uploads/2023/01/ 33 KB
33 KB 31ms
31ms Image
image/jpeg 2606:4700:3030::6815:46c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://katerionews.com/wp-content/uploads/2023/01/TRsDnG7NXDs-649x365.jpg
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:46c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5c27d0d4f88d0ad490f3a92e9d7c387987952eb7e713d150208a4af31a45ac5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 775551
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33706
last-modified: Mon, 23 Jan 2023 23:32:20 GMT
server: cloudflare
etag: "63cf1904-83aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0JHhtEAo67WB%2FsXn7rUe00yRW5cReKwo4ibCffdCeAJcK6DFGRaEXiT2GTw5onzBmoCLbpIPVlDAYC8zD5HKg4cPm%2FY5fnNZP25MYjtKDL1pu8B88f5sv9DlZ9qSU4LZU2yn%2B5dq%2BIZk08XsaiU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7c5a16aaee963aa2-FRA
expires: Thu, 01 Jun 2023 12:04:21 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
643 B 29ms
27ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: tags.smilewanted.com
URL: https://tags.smilewanted.com/formats/config_formats/corner-video/katerionews_com_27f21a7/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tags.smilewanted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 11 May 2023 11:30:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 11 May 2023 10:37:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 May 2023 11:30:12 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
439 B 37ms
35ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: tags.smilewanted.com
URL: https://tags.smilewanted.com/formats/config_formats/corner-video/katerionews_com_27f21a7/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tags.smilewanted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 11 May 2023 11:30:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 11 May 2023 11:30:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 May 2023 11:30:12 GMT

GET
H2 204 /
track-selectmedia.com/trackv4/ 0
418 B 187ms
147ms Image
application/json 34.117.33.6
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track-selectmedia.com/trackv4/?&d5=cnvyl.katerionews.com&d3=413cb585-3a5f-47af-b38f-bfa872f9a666&d25=fee06c3e-0c86-4f3a-ae7d-b4a40c03835b&d23=tag_5f40f04e-17fa-49cf-ae12-28a8f5bc005c&d24=e1da33b2-5df6-46fc-a1b0-e9494976c808&d2=1683804612&e=0&cb=1683804612357
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 6.33.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:12 GMT
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin
allowedmethods: GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials: true
allowedheaders: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK xa2et.js Show response
geo.dailymotion.com/libs/player/ 35 KB
14 KB 91ms
34ms Script
application/javascript 188.65.124.90
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.dailymotion.com/libs/player/xa2et.js

Requested by

Host: tags.smilewanted.com
URL: https://tags.smilewanted.com/formats/corner-video/katerionews_com_27f21a7

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

188.65.124.90 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

Software

DMS/1.0.42 /

Resource Hash

c1891b2a3eb649b18024f66df2d5b15244f8364671caab95d9f66535f8b19888

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31708800; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Security-Policy: upgrade-insecure-requests
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
Date: Thu, 11 May 2023 11:30:12 GMT
Server: DMS/1.0.42
Strict-Transport-Security: max-age=31708800; includeSubDomains; preload
Expect-Ct: max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Content-Security-Policy-Report-Only: default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Vary: X-DM-SSL, Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache, no-store
Server-Timing: total;dur=16, dc;desc="dc3"
Timing-Allow-Origin: *
Content-Length: 13083

GET
H2 200 hb_741094_17335.js Show response
player.aplhb.adipolo.com/prebidlink/467723/ 915 B
759 B 157ms
9ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/467723/hb_741094_17335.js
Requested by: Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/katerionews.comhead.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 824b856ba4cfec276cdc77b2f33fb95a5fe9082b982b697f463f7b46ffbbbb23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:12 GMT
content-encoding: gzip
last-modified: Tue, 09 May 2023 22:55:44 GMT
server: nginx
etag: W/"645acf70-393"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Thu, 11 May 2023 12:30:12 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 74 KB
25 KB 123ms
85ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/katerionews.comhead.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba7029c40aeb87cea5f36c2019e64b7b220865254637e1757023b67e202480a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25300
x-xss-protection: 0
server: cafe
etag: 649 / 19488 / 31074489 / config-hash: 17381569355140242882
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 11 May 2023 11:30:12 GMT

GET
H2 200 wrapper_hb_741094_17335.js Show response
player.aplhb.adipolo.com/prebidlink/467723/ 2 KB
1 KB 157ms
10ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/467723/wrapper_hb_741094_17335.js
Requested by: Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/katerionews.comhead.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6d5f9ebd2914b0131567c5cd6b16f2c7cf21694e8d9be800c8436b6bad12db53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:12 GMT
content-encoding: gzip
last-modified: Tue, 09 May 2023 22:55:44 GMT
server: nginx
etag: W/"645acf70-6fa"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Thu, 11 May 2023 12:30:12 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 74 KB
25 KB 137ms
97ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/katerionews.comhead.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ed6ab3b4db2ea59f277253cb99b6926ad92361c9c5390b30fd42db8cbc285c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25238
x-xss-protection: 0
server: cafe
etag: 326 / 19488 / 31074442 / config-hash: 17381569355140242882
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 11 May 2023 11:30:12 GMT

GET
H2 200 infos_corner_video.php Show response
tags-videos.smilewanted.com/ 3 KB
1 KB 58ms
49ms Script
application/javascript 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags-videos.smilewanted.com/infos_corner_video.php?domaine=katerionews_com_27f21a7&device=desktop&url=https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b&path=/hot-news/&consent_string=undefined&is_fb=false
Requested by: Host: tags.smilewanted.com
URL: https://tags.smilewanted.com/formats/corner-video/katerionews_com_27f21a7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9d40dc9de3ceab8a1189a764ade0d5c7ed232898f1e4f0b7a490836b78ccaac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:12 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7c5a16aca859362b-FRA
content-type: application/javascript

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/ 402 KB
124 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js?cb=31074489

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4dc80fcaf6db01fa29ced797dbb0947bb3bb95b1a88f893f389cf17144166075

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 08:03:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12380
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127184
x-xss-protection: 0
server: cafe
etag: 3263738860219486170
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 10 May 2024 08:03:52 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 2 KB
559 B 83ms
52ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=cnvyl.katerionews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

627bac7ce5766e92d2ddda22a0c874a30e08e6b87a93c38f10f35fab54e3aa37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 534
x-xss-protection: 0
expires: Thu, 11 May 2023 11:30:12 GMT

GET
H2 200 script.js Show response
tags.smilewanted.com/formats/config_formats/corner-video-ima/katerionews_com_27f21a7/ 68 KB
11 KB 26ms
26ms Script
application/javascript 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.smilewanted.com/formats/config_formats/corner-video-ima/katerionews_com_27f21a7/script.js
Requested by: Host: tags.smilewanted.com
URL: https://tags.smilewanted.com/formats/corner-video/katerionews_com_27f21a7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 525fc0f0bbae2989ae5c6c462203965b22f0a6aab3805038c4050f6e0000201c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:12 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7c5a16ad08cc362b-FRA
content-type: application/javascript; charset=utf-8

GET
H2 200 hbp_master_741094_17335.js Show response
player.aplhb.adipolo.com/prebidlink/467723/ 294 KB
93 KB 11ms
11ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/467723/hbp_master_741094_17335.js
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467723/hb_741094_17335.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 788e83f577fb6cab6cbea678a8fa56ec24dcf960108971fa2f6d7f61bcd414c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:12 GMT
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 11:11:26 GMT
server: nginx
etag: W/"643d295e-498f9"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Thu, 11 May 2023 12:30:12 GMT

GET
H2 200 hbw_master_741094_17335.js Show response
player.aplhb.adipolo.com/prebidlink/x467723/ 93 KB
32 KB 25ms
24ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/x467723/hbw_master_741094_17335.js
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467723/wrapper_hb_741094_17335.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: aa9e9e00a0018666945c8cc3b65ccc9bbf747a0ba59a4f088119c1cb024ffe29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:12 GMT
content-encoding: gzip
last-modified: Tue, 09 May 2023 22:55:44 GMT
server: nginx
etag: W/"645acf70-17458"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Thu, 11 May 2023 12:30:12 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
126 KB 14ms
13ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cnvyl.katerionews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 17:29:28 GMT
x-content-type-options: nosniff
age: 410444
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 17:29:28 GMT

GET
H2 200 bridge3.572.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 7F56 707 KB
226 KB 14ms
13ms Document
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b144069da3f1709d073fdb3895992e36a79a45b9f8db3a8bc3f52b54bc86115a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cnvyl.katerionews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 497256
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 231061
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 17:22:36 GMT
expires: Sat, 04 May 2024 17:22:36 GMT
last-modified: Thu, 04 May 2023 18:03:20 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 125ms
74ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 11 May 2023 11:30:12 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 59ms
23ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cnvyl.katerionews.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 230 KB
57 KB 46ms
8ms Script
application/javascript 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/x467723/hbw_master_741094_17335.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bf5de2a37e1b850ca9cc3b1a55bccd36def2be3524d0c5acb67b61f26aac8a96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:00:57 GMT
content-encoding: gzip
via: 1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront), 1.1 e026b2802d48048e9935caadbecf124e.cloudfront.net (CloudFront)
last-modified: Wed, 10 May 2023 21:23:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P3
age: 1755
x-amz-server-side-encryption: AES256
etag: W/"e6af4658ab1a6fdde1f0066b27d5372e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: 7ZURqsiwm4K_aTwlZlcZ57RBuRceYkzFT2RzMZoRCdby1sMtH5gUuA==

GET
H/1.1 200
OK / Show response
ghb.aplhb.adipolo.com/geo/ 144 B
421 B 185ms
20ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.aplhb.adipolo.com/geo/
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/x467723/hbw_master_741094_17335.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: d781823c586af44179e59dfc7b4b3d0369ee70923e2314139bf7e85db9942bc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Thu, 11 May 2023 11:30:12 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://cnvyl.katerionews.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 144

GET
H/1.1 200
OK tracking Show response
ghb.aplhb.adipolo.com/adunit/ 43 B
440 B 184ms
19ms XHR
image/gif 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.aplhb.adipolo.com/adunit/tracking?event=11&type=0&client_id=741094&site_id=17335&full_page_url=https%3A%2F%2Fcnvyl.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b&adid=j1si9b.qx&features=81952&vpbv=N143&tte=290&lifecycle_tte=806
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/x467723/hbw_master_741094_17335.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Thu, 11 May 2023 11:30:12 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: https://cnvyl.katerionews.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/313490/ 11 KB
5 KB 40ms
7ms XHR
application/json 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/313490/config.json?cb=https%3A%2F%2Fcnvyl.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467723/hbp_master_741094_17335.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: adaa3f751bf8e422847ee2cd8bc12ed791cae51f5957a05f419e317ab5652819

Request headers

Referer: https://cnvyl.katerionews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

expires: Sat, 13 May 2023 11:30:12 GMT
date: Thu, 11 May 2023 11:30:12 GMT
content-encoding: gzip
last-modified: Tue, 09 May 2023 12:02:23 GMT
server: nginx
etag: W/"645a364f-2ab9"
content-type: application/json
access-control-allow-origin: https://cnvyl.katerionews.com
cache-control: max-age=172800
x-proxy-cache: HIT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
369 B 57ms
14ms XHR
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467723/hbp_master_741094_17335.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

server-52-222-253-136.fra60.r.cloudfront.net

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://cnvyl.katerionews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://cnvyl.katerionews.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
408 B 93ms
24ms XHR
application/json 216.52.2.6
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.37.0
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467723/hbp_master_741094_17335.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: 8b884d78d1f8f61a0395a75df33ec29e227fec7a9a2b9dd0f70c843abb9c3f63

Request headers

Referer: https://cnvyl.katerionews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 11 May 2023 11:30:12 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://cnvyl.katerionews.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H2 200 adreq Show response
ads.servenobid.com/ 405 B
559 B 98ms
31ms XHR
application/json 99.81.142.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=1696
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467723/hbp_master_741094_17335.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.142.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-142-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 80d3da84d93b3bca156a7a356f3a739edd4a6a15cdcfd60c8d058f4322d6e526

Request headers

Referer: https://cnvyl.katerionews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 May 2023 11:30:12 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://cnvyl.katerionews.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
318 B 360ms
34ms XHR
application/json 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.37.0&cb=59060931729&lsavail=0

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467723/hbp_master_741094_17335.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://cnvyl.katerionews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 May 2023 11:30:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cnvyl.katerionews.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
319 B 344ms
18ms XHR
application/json 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.37.0&cb=34714578491&lsavail=0

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467723/hbp_master_741094_17335.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://cnvyl.katerionews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 May 2023 11:30:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cnvyl.katerionews.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
279 B 50ms
15ms XHR
text/plain 147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467723/hbp_master_741094_17335.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cnvyl.katerionews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://cnvyl.katerionews.com
date: Thu, 11 May 2023 11:30:12 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
server: envoy
vary: origin, Accept-Encoding

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
312 B 9ms
9ms XHR
text/plain 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fcnvyl.katerionews.com&pubid=00ed17ab-4189-4639-9d5e-15acd40affde
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:28:04 GMT
via: 1.1 e026b2802d48048e9935caadbecf124e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
age: 127
x-cache: Hit from cloudfront
access-control-allow-origin: https://cnvyl.katerionews.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: p1-7kB44gyFO1hLYPIl6d4XLokLOWplhle-z4nLv78KRWHOpMjnB_g==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
466 B 121ms
46ms XHR
text/javascript 52.222.253.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fcnvyl.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b&pr=https%3A%2F%2Fwaaw.ac%2F&pid=HCNaUmmuFcHEY&cb=0&ws=1600x1200&v=23.505.1627&t=1900&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-8176806-4%22%2C%22s%22%3A%5B%22300x250%22%2C%22320x50%22%2C%22320x100%22%5D%2C%22sn%22%3A%22%2F21939239661%2C22893780809%2Fapl%2Faplmcm%2Frich%2Fadx22893379435%22%7D%5D&sg=%7B%22ortb2%22%3A%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22browsers%22%3A%5B%5D%7D%7D%7D%7D&schain=1.0%2C1!adipolo.com%2C22893780809%2C1%2C%2C%2C&pubid=00ed17ab-4189-4639-9d5e-15acd40affde&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.253.136 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:13 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P3
x-amz-rid: N21MQC6TY0JG01NQXJZZ
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://cnvyl.katerionews.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: iGFhJQMFl16Ml0lWe0j690raRRzxo2EgIzUyuot-aHoHm1bTvIwcpA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 23ms
7ms XHR
application/javascript 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: a.HbuOpmjkJB1GB8lMAKg2zkvv8bzRE7
content-encoding: gzip
via: 1.1 82514a5a8cf35fb3132b0b5ab9cb724c.cloudfront.net (CloudFront)
date: Thu, 11 May 2023 01:00:28 GMT
x-amz-cf-pop: FRA56-P3
age: 37785
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 04 May 2023 22:07:52 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: vcdzA9wR5LCh35w0uc_eB_r_VzhPhsQHGB7oIHRHEOJtz2kE6KYfPA==

GET
H/1.1 200
OK 271231 Show response
search.spotxchange.com/vast/2.00/ Frame 7F56 67 B
1 KB 155ms
77ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.00/271231?VPAID=JS&content_page_url=https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b&cb=1683804612715&VMaxd=120&custom_skin=1&player_width=640&player_height=480&custom[vd]=0&schain=1.0,1!smilewanted.com,4192,1,,purifydigital.com,purifydigital.com,
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Thu, 11 May 2023 11:30:13 GMT
X-SpotX-Timing-SpotMarket-Primary: 0.014219
X-SpotX-Timing-Transform: 0.000383
Content-Encoding: gzip
X-SpotX-Timing-SpotMarket: 0.055217
X-SpotX-Timing-Page-Require: 0.000292
X-fe: 083
Connection: keep-alive
X-SpotX-Timing-Page-Misc: 0.003921
X-SpotX-Timing-Page-Cookie: 0.000027
Content-Length: 79
X-SpotX-Timing-Page: 0.060894
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000237
Last-Modified: Thu, 11 May 2023 11:30:13 GMT
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://imasdk.googleapis.com
X-SpotX-Timing-Page-Exception: 0.000001
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-SpotX-Timing-Page-URI: 0.000007
X-SpotX-Timing-SpotMarket-Secondary: 0.040998
X-SpotX-Timing-Page-Mux: 0.000809
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 7F56 0
225 B 794ms
271ms Ping
image/gif 2404:6800:4005:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lhj1sida&c=4990421423842&slotId=2495210711921&eee=missing-element&bi=missing-id&vast_v=2.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:814::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:13 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 error.php
prebid.smilewanted.com/track/analytics/ 0
335 B 25ms
25ms Ping
text/html 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/track/analytics/error.php?id_site=22469&id_format=24&id_device=1&code_partner=smilewanted&error_json=%7B%22type%22%3A%22adLoadError%22%2C%22errorMessage%22%3A%22The%20VAST%20response%20document%20is%20empty.%22%2C%22errorCode%22%3A1009%7D&config_json=%7B%22site_id%22%3A22469%2C%22device_id%22%3A1%2C%22domaine%22%3A%22katerionews_com_27f21a7%22%2C%22format%22%3A%22corner-video%22%2C%22format_stats%22%3A%22corner_video%22%2C%22diff_jw%22%3Atrue%2C%22capping_type%22%3A%22jour%22%2C%22contenu%22%3Atrue%2C%22contenu_type%22%3A%22hosted_sw%22%2C%22close%22%3Atrue%2C%22close_type%22%3A%22percent%22%2C%22close_val%22%3A90%2C%22sound_hover%22%3Afalse%2C%22tags_vast%22%3A%5B%22https%3A%2F%2Fsearch.spotxchange.com%2Fvast%2F2.00%2F271231%3FVPAID%3DJS%26content_page_url%3Dhttps%3A%2F%2Fcnvyl.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b%26cb%3D__timestamp__%26VMaxd%3D120%26custom_skin%3D1%26player_width%3D640%26player_height%3D480%26custom%5Bvd%5D%3D0%26schain%3D1.0%2C1!smilewanted.com%2C4192%2C1%2C%2Cpurifydigital.com%2Cpurifydigital.com%2C%22%2C%22https%3A%2F%2Fvast.aniview.com%2Fapi%2Fadserver61%2Fvast%2F%3FAV_PUBLISHERID%3D5ef4bc022e79664d2b473869%26AV_CHANNELID%3D5fd512d6c22e4d461a608c85%26logo%3Dfalse%26vastretry%3D3%26AV_URL%3Dhttps%3A%2F%2Fcnvyl.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b%26cb%3D__timestamp__%26AV_GDPR%3D1%26AV_CONSENT%3Dundefined%26AV_CUSTOM1%3D594147%26AV_CUSTOM2%3D1819404%26AV_CUSTOM3%3D0%26AV_CUSTOM4%3D0%26AV_CUSTOM5%3D0%26AV_CUSTOM6%3D0%26AV_CUSTOM7%3D271231%26AV_CUSTOM8%3D0%26AV_CUSTOM9%3Dinstream_sans_algo%26AV_CUSTOM10%3D1.0%252C1%2521smilewanted.com%252C4192%252C1%252C%252Cpurifydigital.com%252Cpurifydigital.com%252C%22%5D%2C%22dm_nb_video%22%3A1%2C%22nb_dm_videos%22%3A3%2C%22passback%22%3A%22%22%2C%22capping_num%22%3A0%2C%22dm_videos_ids%22%3A%5B%22x81iuq0%22%2C%22x7yinbp%22%2C%22x7xly5v%22%2C%22x84026m%22%2C%22x86t4da%22%2C%22x7y4j2k%22%2C%22x7wj119%22%2C%22x85sfe6%22%2C%22x80idv5%22%2C%22x7zjhqt%22%5D%2C%22timeout_jw%22%3A10%2C%22timeout_dm%22%3A3000%2C%22timeout_pb%22%3A12000%2C%22contenu_src%22%3A%22https%3A%2F%2Fstatic.smilewanted.com%2Fvideo%2F2019%2F06%2F06%2F5118.mp4%22%2C%22r%22%3Atrue%2C%22nb_i_d%22%3A2%2C%22nb_m_c%22%3A3%2C%22c_c%22%3Afalse%2C%22config_hb%22%3A%5B%5D%7D
Requested by: Host: tags.smilewanted.com
URL: https://tags.smilewanted.com/formats/config_formats/corner-video-ima/katerionews_com_27f21a7/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cnvyl.katerionews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarynIu0owyqStKOrOU5

Response headers

date: Thu, 11 May 2023 11:30:13 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cnvyl.katerionews.com, https://cnvyl.katerionews.com
access-control-allow-credentials: true, true
cf-ray: 7c5a16b00ca3362b-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With, Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 23ms
22ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cnvyl.katerionews.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H/1.1 200
OK / Show response
vast.aniview.com/api/adserver61/vast/ Frame 7F56 2 KB
2 KB 463ms
417ms XHR
text/xml 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.aniview.com/api/adserver61/vast/?AV_PUBLISHERID=5ef4bc022e79664d2b473869&AV_CHANNELID=5fd512d6c22e4d461a608c85&logo=false&vastretry=3&AV_URL=https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b&cb=1683804613120&AV_GDPR=1&AV_CONSENT=undefined&AV_CUSTOM1=594147&AV_CUSTOM2=1819404&AV_CUSTOM3=0&AV_CUSTOM4=0&AV_CUSTOM5=0&AV_CUSTOM6=0&AV_CUSTOM7=271231&AV_CUSTOM8=0&AV_CUSTOM9=instream_sans_algo&AV_CUSTOM10=1.0%2C1%21smilewanted.com%2C4192%2C1%2C%2Cpurifydigital.com%2Cpurifydigital.com%2C
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: /
Resource Hash: e4dcff6244860bbf72d265a9b2a347e2eda20dd2506988d99bf396b12cda7c04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Thu, 11 May 2023 11:30:13 GMT
Content-Encoding: gzip
X-Bamboo-C-SkFe: 1
X-Bamboo-C-S: BYPASS
X-Bamboo-C-SkSt: 1
Transfer-Encoding: chunked
X-Bamboo-WL-Track: track1.aniview.com
Connection: Keep-Alive
X-Bamboo-WL-Player: https://player.aniview.com
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type: text/xml
Access-Control-Allow-Origin: https://imasdk.googleapis.com
X-Bamboo-WL-Serve: gov.aniview.com
Access-Control-Max-Age: 1728000
Access-Control-Allow-Credentials: true
X-HW: 1683804613.dop211.fr8.t,1683804613.cds016.fr8.shn,1683804613.dop211.fr8.t,1683804613.cds325.fr8.sc,1683804613.cds325.fr8.p
Access-Control-Allow-Headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 68ms
21ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=cnvyl.katerionews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js?cb=31074489

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 22ms
22ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cnvyl.katerionews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js?cb=31074489

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 23 KB
11 KB 630ms
629ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=556442471277437&correlator=971863790085597&eid=31072019%2C31072878%2C31074371%2C31074489%2C31068366&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fifs&iu_parts=21939239661%3A22893780809%2Capl%2Caplmcm%2Crich%2Cadx22893379435&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250%7C320x50%7C320x100&ifi=1&adks=778162663&didk=2675907386&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26amznbid%3D2%26amznp%3D2%26excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1683804613263&lmt=1683804613&dlt=1683804612163&idt=577&adxs=589&adys=25&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fcnvyl.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b&ref=https%3A%2F%2Fwaaw.ac%2F&frm=20&vis=1&psz=795x0&msz=795x0&fws=0&ohw=0&ga_vid=447977211.1683804613&ga_sid=1683804613&ga_hid=142297053&ga_fc=false&cbidsp=CuEDCAEyB3Y3LjM3LjASFAoGb25ldGFnUgZvbmV0YWcQUCACEhIKBXNvdnJuUgVzb3ZybhBfIAISEgoFc292cm5SBXNvdnJuEF8gAhISCgVzb3ZyblIFc292cm4QXyACEhIKBXNvdnJuUgVzb3ZybhBfIAISEgoFc292cm5SBXNvdnJuEF8gAhISCgVub2JpZFIFbm9iaWQQZCACEhUKBmNyaXRlb1IGY3JpdGVvEO0CIAISFQoGY3JpdGVvUgZjcml0ZW8Q7QIgAhIVCgZjcml0ZW9SBmNyaXRlbxDtAiACEhUKBmNyaXRlb1IGY3JpdGVvEO0CIAISFQoGY3JpdGVvUgZjcml0ZW8Q7QIgAhIVCgZjcml0ZW9SBmNyaXRlbxDtAiACEhUKBmNyaXRlb1IGY3JpdGVvEO0CIAISFQoGY3JpdGVvUgZjcml0ZW8Q7QIgAhI7ChVjcml0ZW9fbmF0aXZlX2FkaXBvbG9SBmNyaXRlb1IVY3JpdGVvX25hdGl2ZV9hZGlwb2xvENoCIAISDgoDYW14UgNhbXgQSSACEg4KA2FteFIDYW14EEkgAhgCIiRjZmEwYzFhOC0zMTA0LTQ3MTQtOWQ2Mi1hMWU2NWRkOTg0MTQqBAgDIABKAEDQDw..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js?cb=31074489

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

871f67281596dc5c83240bbb07dea07541d92591579dac13a7ef0eb2f7dbf3e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:13 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11137
x-xss-protection: 0
google-lineitem-id: 6288361622
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138430878251
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cnvyl.katerionews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
faca0b3a17e4d33ffb325cd56d379a86.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0D67 6 KB
3 KB 113ms
22ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://faca0b3a17e4d33ffb325cd56d379a86.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js?cb=31074489

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cnvyl.katerionews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 May 2023 11:30:13 GMT
expires: Fri, 10 May 2024 11:30:13 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 websocket_ip.min.js Show response
waaw.ac/js/ Frame 383F 5 KB
2 KB 15ms
15ms Script
application/javascript 190.115.19.71
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://waaw.ac/js/websocket_ip.min.js
Requested by: Host: waaw.ac
URL: https://waaw.ac/e/VDFzNEluSU0wbzdEMmJhL0UrQ0svdz09?http_referer=https%3A%2F%2Fwaaw.ac%2Ff%2F1eZisRF9BgAt&embed_from=embed_from
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: Google Frontend /
Resource Hash: 419b600e2a3d2523ed458633a946a9a07fcf046077f0ea79f3e435f154f04ee7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waaw.ac/e/VDFzNEluSU0wbzdEMmJhL0UrQ0svdz09?http_referer=https%3A%2F%2Fwaaw.ac%2Ff%2F1eZisRF9BgAt&embed_from=embed_from
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: cache
date: Thu, 11 May 2023 11:30:13 GMT
content-encoding: gzip
x-cache-status-inferno-s: HIT
last-modified: Fri, 20 Jan 2023 13:44:36 GMT
server: Google Frontend
etag: W/"63ca9ac4-121c"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials: true
x-inferno-location: static
accessing-static: 1

GET
H2 200 netu.php Show response
testingmetriksbre.ru/ Frame 383F 1 KB
1 KB 214ms
60ms Script
application/javascript 2606:4700:3037::ac43:aa2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://testingmetriksbre.ru/netu.php
Requested by: Host: waaw.ac
URL: https://waaw.ac/e/VDFzNEluSU0wbzdEMmJhL0UrQ0svdz09?http_referer=https%3A%2F%2Fwaaw.ac%2Ff%2F1eZisRF9BgAt&embed_from=embed_from
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:aa2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: fd45bb46808611318ab74c39100ef0aa9aa78e5ad508e6219d0ec8d4d52f2a46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waaw.ac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.1.33
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2FRxZtYc2LsPWN3k7vZzoCsmkJiuhxIJ1tukSQCv77s2UXM8RDZRkcvcc%2FCQlYEgtklGkqICjuNK6dyHr5PGoinODcPFTnt2iFfTclE0QwBGCKfZtPYj6%2FETl%2BKNFNfetYG1VFJeR7nQhmAVBJAys4SN%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 7c5a16b26e091c8b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 embed_player.3.css
waaw.ac/styles/global/ Frame 383F 6 KB
2 KB 18ms
15ms Stylesheet
text/css 190.115.19.71
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://waaw.ac/styles/global/embed_player.3.css?130
Requested by: Host: waaw.ac
URL: https://waaw.ac/e/VDFzNEluSU0wbzdEMmJhL0UrQ0svdz09?http_referer=https%3A%2F%2Fwaaw.ac%2Ff%2F1eZisRF9BgAt&embed_from=embed_from
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: Google Frontend /
Resource Hash: e2f1967bd0ff37182a4c0d4af0ae9cb04cdcbd189cec906bc2e2d9e0a36209e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waaw.ac/e/VDFzNEluSU0wbzdEMmJhL0UrQ0svdz09?http_referer=https%3A%2F%2Fwaaw.ac%2Ff%2F1eZisRF9BgAt&embed_from=embed_from
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: cache
date: Thu, 11 May 2023 11:30:13 GMT
content-encoding: gzip
x-cache-status-inferno-s: HIT
last-modified: Wed, 09 Dec 2020 22:16:37 GMT
server: Google Frontend
etag: W/"5fd14cc5-1701"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials: true
x-inferno-location: static
accessing-static: 1

GET
H2 200 modernizr.js Show response
waaw.ac/js/video.jquery_plugs/ Frame 383F 1 KB
980 B 16ms
16ms Script
application/javascript 190.115.19.71
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://waaw.ac/js/video.jquery_plugs/modernizr.js?12
Requested by: Host: waaw.ac
URL: https://waaw.ac/e/VDFzNEluSU0wbzdEMmJhL0UrQ0svdz09?http_referer=https%3A%2F%2Fwaaw.ac%2Ff%2F1eZisRF9BgAt&embed_from=embed_from
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: Google Frontend /
Resource Hash: 458cc3be215bef898d5e6a41e25f0c022e6d5d5e61add13f13c01898bb53b9bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waaw.ac/e/VDFzNEluSU0wbzdEMmJhL0UrQ0svdz09?http_referer=https%3A%2F%2Fwaaw.ac%2Ff%2F1eZisRF9BgAt&embed_from=embed_from
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: cache
date: Thu, 11 May 2023 11:30:13 GMT
content-encoding: gzip
x-cache-status-inferno-s: HIT
last-modified: Sun, 03 Jun 2018 17:19:35 GMT
server: Google Frontend
etag: W/"5b142327-4cb"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials: true
x-inferno-location: static
accessing-static: 1

GET
H2 200 progressbar.min.js Show response
unpkg.com/progressbar.js@1.1.0/dist/ Frame 383F 29 KB
9 KB 32ms
17ms Script
application/javascript 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/progressbar.js@1.1.0/dist/progressbar.min.js

Requested by

Host: waaw.ac
URL: https://waaw.ac/e/VDFzNEluSU0wbzdEMmJhL0UrQ0svdz09?http_referer=https%3A%2F%2Fwaaw.ac%2Ff%2F1eZisRF9BgAt&embed_from=embed_from

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73cdea3ea0691f9ac4150be0c937dc2ee7eaa10205168a84e41ef5c9e05784b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waaw.ac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:13 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 9164867
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01FT89TSF7EAAEFHYPFEQPCGQT
server: cloudflare
etag: W/"7315-VGu3QlAvqjb4wruVTC8CgYdmBAQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c5a16b289bb926e-FRA

GET
H2 200 jquery.min.js Show response
unpkg.com/jquery@2.2.4/dist/ Frame 383F 84 KB
30 KB 17ms
17ms Script
application/javascript 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/jquery@2.2.4/dist/jquery.min.js

Requested by

Host: waaw.ac
URL: https://waaw.ac/e/VDFzNEluSU0wbzdEMmJhL0UrQ0svdz09?http_referer=https%3A%2F%2Fwaaw.ac%2Ff%2F1eZisRF9BgAt&embed_from=embed_from

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waaw.ac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:13 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 9164868
last-modified: Fri, 20 May 2016 17:24:42 GMT
fly-request-id: 01FT89TTNC8AKX2H6P9GK9WKC5
server: cloudflare
etag: W/"14e4a-abtp4lyn1e8JNTF1hOYVPz/ZqIw"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c5a16b2a9d9926e-FRA

GET
H2 200 jquery.cookie.js Show response
unpkg.com/jquery.cookie@1.4.1/ Frame 383F 3 KB
1 KB 17ms
17ms Script
application/javascript 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/jquery.cookie@1.4.1/jquery.cookie.js

Requested by

Host: waaw.ac
URL: https://waaw.ac/e/VDFzNEluSU0wbzdEMmJhL0UrQ0svdz09?http_referer=https%3A%2F%2Fwaaw.ac%2Ff%2F1eZisRF9BgAt&embed_from=embed_from

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waaw.ac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:13 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 9164866
last-modified: Sun, 27 Apr 2014 20:04:54 GMT
fly-request-id: 01FT89TVE6JMN2352Z8BTPFPHD
server: cloudflare
etag: W/"c31-MeG8xM+AWiwv7iH0je0eWY9koqg"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c5a16b2d9fc926e-FRA

GET
H2 200 style.css
serv-selectmedia.com/cdn/player/ 1 KB
1 KB 112ms
15ms Stylesheet
text/css 34.107.214.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-selectmedia.com/cdn/player/style.css
Requested by: Host: player.adipolosolutions.com
URL: https://player.adipolosolutions.com/cdn/tags/tag_5f40f04e-17fa-49cf-ae12-28a8f5bc005c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.214.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 4672b37f99a355152ea5257ba3187597fb9a12fb33a06492131461f469f5dd09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 06:28:22 GMT
content-encoding: gzip
age: 18111
x-guploader-uploadid: ADPycducTk7n5VbTiVzxAwZgv-UyAdF3QVfiGU1x_KcgWaI3GxFgpJNgm-n2YpMkCIhL03FvgVGiYmDN5RExfy9VWD4M3JJrmhfL
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 571
last-modified: Mon, 15 Aug 2022 09:39:19 GMT
server: UploadServer
etag: "3a8d6c993f0a7e34ae07f8e86c31e632"
vary: Accept-Encoding
x-goog-generation: 1660556359399621
x-goog-hash: crc32c=GiK3YQ==, md5=Oo1smT8KfjSuB/jobDHmMg==
access-control-allow-origin: *
access-control-expose-headers: Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control: public,max-age=3600
x-goog-stored-content-length: 571
accept-ranges: bytes
content-type: text/css

GET
H2 200 selectmedia-player.umd.js Show response
serv-selectmedia.com/cdn/player/test/ 139 KB
42 KB 117ms
18ms Script
application/javascript 34.107.214.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Requested by: Host: player.adipolosolutions.com
URL: https://player.adipolosolutions.com/cdn/tags/tag_5f40f04e-17fa-49cf-ae12-28a8f5bc005c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.214.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 561eaf86d680d058d5d1b8795657d3ccd44b8dfeadc3bd29f5dcec6f91b597ad

Request headers

Referer: https://cnvyl.katerionews.com/
Origin: https://cnvyl.katerionews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 06:39:24 GMT
content-encoding: gzip
age: 17449
x-guploader-uploadid: ADPycdssOnb4frRS-VOZ9oaq1HrL6OnfZDxak5A-1PsFNaBwrbWYKseoG5B6bVPp0SpXcumFaChY7NiTPj3NqH0JKiBm
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42611
last-modified: Thu, 11 May 2023 06:36:19 GMT
server: UploadServer
etag: "ef969421f87dfb59dd22593194907b98"
vary: Accept-Encoding
x-goog-generation: 1683786979786819
x-goog-hash: crc32c=LNWeOw==, md5=75aUIfh9+1ndIlkxlJB7mA==
access-control-allow-origin: *
access-control-expose-headers: Accept, Authorization, Content-Length, Content-Range, Content-Type, Date, Origin, Range, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=3600
x-goog-stored-content-length: 42611
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 d_check.js Show response
waaw.ac/js/ Frame 383F 3 KB
1 KB 16ms
16ms Script
application/javascript 190.115.19.71
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://waaw.ac/js/d_check.js?34
Requested by: Host: waaw.ac
URL: https://waaw.ac/e/VDFzNEluSU0wbzdEMmJhL0UrQ0svdz09?http_referer=https%3A%2F%2Fwaaw.ac%2Ff%2F1eZisRF9BgAt&embed_from=embed_from
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: Google Frontend /
Resource Hash: 2a750a5c4cd53d770d99cfd648aab9587e12c2fe9e2f6d0a52b699d2e88e5615

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waaw.ac/e/VDFzNEluSU0wbzdEMmJhL0UrQ0svdz09?http_referer=https%3A%2F%2Fwaaw.ac%2Ff%2F1eZisRF9BgAt&embed_from=embed_from
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: cache
date: Thu, 11 May 2023 11:30:13 GMT
content-encoding: gzip
x-cache-status-inferno-s: HIT
last-modified: Thu, 27 Feb 2020 14:57:53 GMT
server: Google Frontend
etag: W/"5e57d8f1-d8a"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials: true
x-inferno-location: static
accessing-static: 1

POST
H2 204 csi
csi.gstatic.com/ Frame 7F56 0
54 B 288ms
271ms Ping
image/gif 2404:6800:4005:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lhj1sikd&c=4990421423842&slotId=2495210711921&ghmsh_eids=44752996%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&vmfc=1&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:814::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:13 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 403 js.load.1.js
commentsmodule.com/js/ Frame 383F 5 KB
0 50ms
21ms Fetch
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://commentsmodule.com/js/js.load.1.js?6867282586186083

Requested by

Host: waaw.ac
URL: https://waaw.ac/e/VDFzNEluSU0wbzdEMmJhL0UrQ0svdz09?http_referer=https%3A%2F%2Fwaaw.ac%2Ff%2F1eZisRF9BgAt&embed_from=embed_from

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waaw.ac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:13 GMT
content-encoding: br
referrer-policy: same-origin
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gfi0axKCGryrh8vcmV0A8GzSFtVXtyyYUIrN7gG5lo2U3Xelxa0tlg99MaCj4NqHaRFQq%2B2W%2FnU2o6nIq1nbk8fTJEKJIigRyKiRncKI63bocUS8TRY55NemUKI5duPuW1%2FP%2Fr2sprEeeW2FlU9Zq5M%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7c5a16b35fa592a5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 embed.211.js Show response
waaw.ac/js/ Frame 383F 167 KB
46 KB 15ms
15ms Script
application/javascript 190.115.19.71
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://waaw.ac/js/embed.211.js?736
Requested by: Host: waaw.ac
URL: https://waaw.ac/e/VDFzNEluSU0wbzdEMmJhL0UrQ0svdz09?http_referer=https%3A%2F%2Fwaaw.ac%2Ff%2F1eZisRF9BgAt&embed_from=embed_from
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: Google Frontend /
Resource Hash: 1d85956e60f098d0e36bd9c3e3457ea595d083561c95edf8ddffb37a577dcb55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waaw.ac/e/VDFzNEluSU0wbzdEMmJhL0UrQ0svdz09?http_referer=https%3A%2F%2Fwaaw.ac%2Ff%2F1eZisRF9BgAt&embed_from=embed_from
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: cache
date: Thu, 11 May 2023 11:30:13 GMT
content-encoding: gzip
x-cache-status-inferno-s: HIT
last-modified: Sat, 29 Apr 2023 15:48:32 GMT
server: Google Frontend
etag: W/"644d3c50-29c06"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials: true
x-inferno-location: static
accessing-static: 1

GET
H2 200 loader21.html Show response
tpc.googlesyndication.com/pagead/js/ Frame 7776 52 KB
18 KB 59ms
15ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/loader21.html?https://player.aniview.com/script/6.1/AVmanager.js%3fAV_PUBLISHERID=5ef4bc022e79664d2b473869

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

789c309db6cd9d6d31cbe19ae0adf1ceb07fc8b4f485f45bf3e444dd0de457ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 18928
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 18189
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 May 2023 06:14:45 GMT
etag: 7287664291636797308
expires: Fri, 12 May 2023 06:14:45 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET embed_player.php
waaw.ac/player/ Frame 383F 0
0

GET
H2 200 embed_player.php Show response
waaw.ac/player/ Frame 383F 50 KB
17 KB 653ms
653ms Document
text/html 190.115.19.71
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://waaw.ac/player/embed_player.php?vpn=1&vid=1

Requested by

Host: waaw.ac
URL: https://waaw.ac/e/VDFzNEluSU0wbzdEMmJhL0UrQ0svdz09?http_referer=https%3A%2F%2Fwaaw.ac%2Ff%2F1eZisRF9BgAt&embed_from=embed_from

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

Software

Google Frontend /

Resource Hash

30d8cb8b7ea510fcb583dc8b888a3a377e42697d9b14f2a08542f5092f93507d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

Referer: https://waaw.ac/e/VDFzNEluSU0wbzdEMmJhL0UrQ0svdz09?http_referer=https%3A%2F%2Fwaaw.ac%2Ff%2F1eZisRF9BgAt&embed_from=embed_from
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 11 May 2023 11:30:14 GMT
link: <//waaw.ac>; rel=preconnect; crossorigin, <//global.stun.twilio.com>; rel=dns-prefetch; crossorigin, <//counter.yadro.ru>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//stun2.l.google.com>; rel=dns-prefetch; crossorigin, <//unpkg.com>; rel=preconnect; crossorigin, <//mc.yandex.ru>; rel=preconnect; crossorigin, <//cdn.jsdelivr.net>; rel=preconnect; crossorigin, <//signal.netu.tv>; rel=dns-prefetch; crossorigin,<//wss.commentsmodule.com>; rel=dns-prefetch; crossorigin, <//www.gstatic.com>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin,<//a.labadena.com>; rel=preconnect; crossorigin, <//deliver.vkcdnservice.com>; rel=preconnect; crossorigin,<//vkcdnservice.appspot.com.storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin, <//www.recaptcha.net>; rel=preconnect; crossorigin, <//cdnjs.cloudflare.com>; rel=preconnect; crossorigin
p3p: policyref="http://www.example.com/w3c/p3p.xml", CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR"
pragma: no-cache
server: Google Frontend
vary: Accept-Encoding
x-cache-status-inferno: MISS
x-content-type-options: nosniff
x-inferno-limit-req: DELAYED
x-inferno-location: player
x-origin-location: player
x-robots-tag: 'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
x-xss-protection: 1; mode=block;

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame 7776 463 KB
124 KB 84ms
25ms Script
application/javascript 2a02:26f0:11a:398::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5ef4bc022e79664d2b473869
Requested by: Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/loader21.html?https://player.aniview.com/script/6.1/AVmanager.js%3fAV_PUBLISHERID=5ef4bc022e79664d2b473869
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:11a:398::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 74da632dd890df8c8938b55b66e7c1288cf879a08f06a01a193097d8a7715748

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:13 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdupl_PVhbkMJbEEcnZz9xUi8DT7eDfVeE6Ov51opoFHQobK6_hwC0znpBgy8eyQKflUZnpgLiYB_Gy90X8qoXpIlSHIlpXC
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 126544
last-modified: Sun, 07 May 2023 10:45:54 GMT
server: UploadServer
etag: "4df34a444db15e0baa48dd3d9a251c16"
vary: Accept-Encoding
x-goog-generation: 1683456354725412
x-goog-hash: crc32c=4AZwyw==, md5=TfNKRE2xXguqSN09miUcFg==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=600
x-goog-stored-content-length: 126544
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 11 May 2023 11:40:13 GMT

GET
H2 200 2539698496735950919
tpc.googlesyndication.com/simgad/ 23 KB
24 KB 15ms
15ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2539698496735950919

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eba8f958f96c2043d58e7ac7b785d69c2388905b6178f0382dcb5dc9c80dd98b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 05 May 2023 07:31:16 GMT
x-content-type-options: nosniff
age: 532737
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23825
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 11:07:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 04 May 2024 07:31:16 GMT

GET
H3 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 360 KB
120 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f826765655e6a3e039bda8ec43370f2c9247a931e3e33129175e48ca0690b1e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122883
x-xss-protection: 0
expires: Thu, 11 May 2023 11:30:13 GMT

GET
H2 204 /
track-selectmedia.com/trackv4/ 0
45 B 148ms
147ms Image
application/json 34.117.33.6
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track-selectmedia.com/trackv4/?&d3=413cb585-3a5f-47af-b38f-bfa872f9a666&d4=e1da33b2-5df6-46fc-a1b0-e9494976c808&d2=1683804613&d5=katerionews.com&d28=1325&d33=20&d34=-1&d35=1&d36=1&d37=1&d38=1&d40=20&d26=600x338&d27=-1&cb=1683804613767-aa737f75-4ed5-4f06-883e-e3e2f11bc32b&e=47
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 6.33.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:13 GMT
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin
allowedmethods: GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials: true
allowedheaders: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 / Show response
gov.aniview.com/api/adserver/tag/ Frame 7776 7 KB
3 KB 382ms
138ms XHR
application/json 52.207.162.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gov.aniview.com/api/adserver/tag/?AV_URL=https%3A%2F%2Fcnvyl.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa&AV_GDPR=1&AV_CONSENT=undefined&AV_CUSTOM1=594147&AV_CUSTOM2=1819404&AV_CUSTOM3=0&AV_CUSTOM4=0&AV_CUSTOM5=0&AV_CUSTOM6=0&AV_CUSTOM7=271231&AV_CUSTOM8=0&AV_CUSTOM9=instream_sans_algo&AV_CUSTOM10=1.0%2C1!smilewanted.com%2C4192%2C1%2C%2Cpurifydigital.com%2Cpurifydigital.com%2C&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=5ef4bc022e79664d2b473869&AV_CHANNELID=5fd512d6c22e4d461a608c85&tgt=1&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=[AVC_ABT]&pce=1&npx=1&AV_DETDOMAIN=cnvyl.katerionews.com&d36=6.2.97&responsive=1&sver=4&avtoken=613889&omv=1.0.1&clsid=86d4dd28-3873-4999-98b6-445861d39d63&rando=43&AV_WIDTH=480&AV_HEIGHT=270&AV_DNT=0&cb=1683804613891&wfc=1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5ef4bc022e79664d2b473869
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.207.162.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-162-143.compute-1.amazonaws.com
Software: /
Resource Hash: 977780c5686d902397797b6671833ef4e36c862c0122a12934ffc0b2a95da80a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:14 GMT
x-bamboo-c-skst: 1
content-encoding: gzip
x-bamboo-c-skfe: 1
x-bamboo-c-s: BYPASS
access-control-max-age: 1728000
vary: Accept-Encoding
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin: https://tpc.googlesyndication.com
content-type: application/json
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires: Sat, 29 Apr 2023 21:43:34 GMT

GET
H2 200 track
track1.aniview.com/ Frame 7776 0
98 B 367ms
111ms Image
text/plain 23.21.77.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=cnvyl.katerionews.com&sn=&ic=0&tgt=1&app=&wi=480&he=270&test=&d36=6.2.97&apppkg=&proto=https&clsid=86d4dd28-3873-4999-98b6-445861d39d63&rando=43&pid=5ef4bc022e79664d2b473869&cid=5fd512d6c22e4d461a608c85&stagid=&stplid=&e=inventory&vi=0&cb=1683804613890
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.77.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-77-250.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:14 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 resolve Show response
dns.google/ Frame 383F 327 B
522 B 61ms
23ms Fetch
application/json 2001:4860:4860::8844
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dns.google/resolve?name=136.209.162.178.in-addr.arpa&type=PTR&cd=true

Requested by

Host: waaw.ac
URL: https://waaw.ac/e/VDFzNEluSU0wbzdEMmJhL0UrQ0svdz09?http_referer=https%3A%2F%2Fwaaw.ac%2Ff%2F1eZisRF9BgAt&embed_from=embed_from

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4860::8844 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

de1a6fc6164b846d3cfec4880235ebb2e3e99ded12502f21ab381addde79268d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waaw.ac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 11 May 2023 11:30:13 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 227
x-xss-protection: 0
expires: Thu, 11 May 2023 11:30:13 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 60CA 0
0 51ms
51ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuOmltNguvd1MtrKQVdQgd3NZZ8hJM6CYTdYgF1Th7-7QU8QwkSLLDKVL1ppgb29lbXoYWf1abmSRUKiaa-QQ0aL7I7EoQCLKVv6fYThms9fMhRJ6G1gBo2QitOtot2SQCGHGdMjV1l7VqajVixjTlADjOK9zTUmivObbrSAUWuOz70EGkex7QduoQJEADUw_8-BK1c4q-Fc7igglNB1DFvA6DLMeLEExBJxx5G9TGqtVZwZYqgzRduI9VVqnscyev1o-rd99lQeRrKfGXjTVZeBu9ijpusSEVj4rMEts64tUr5jCr21BfWh8pg6IWYxqm7UQvldFtrPUymf50qwguf2dQ08Hnx-dkgTFi-dg&sai=AMfl-YReEF0Gg09r07UIYPVNEF-BqIkgQVFiUn6Lmbpps3RwjqfJLrGH6TJtfowRzL-XOKqu9J0SaDiJPoc9yMRlB_AD4lx7uqGTG8p4fhOYk7OWuR5ssS3qF-vM1r-NM6g&sig=Cg0ArKJSzOvxo4c07Ye3EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: waaw.ac
URL: https://waaw.ac/f/1eZisRF9BgAt

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 60CA 91 KB
32 KB 119ms
85ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js?cb=31074489

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cbb74a0080267e21711e7f78366cf33887926adc6798a639c5b443b0b690fec0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32497
x-xss-protection: 0
server: cafe
etag: 10999370088864326165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 11 May 2023 11:30:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 60CA 169 KB
53 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js?cb=31074489

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 May 2023 11:30:13 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305080101/ Frame 60CA 356 KB
120 KB 118ms
117ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3592985597631507&plah=cnvyl.katerionews.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

70576ee1c196cc54d5b4e86c3103249821fb3623f94fd4d44b8e961422a8f029

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122740
x-xss-protection: 0
server: cafe
etag: 5936508987333939754
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 11 May 2023 11:30:14 GMT

GET
DATA 200
OK truncated
/ Frame 60CA 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b6d24a9ed5c0f25191b7a4baec98958d547f458c950360abfdacbfabadc0c88

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 prebid.js Show response
serv-selectmedia.com/cdn/player/prebid/7_30_v2/ 434 KB
138 KB 18ms
18ms Fetch
application/javascript 34.107.214.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-selectmedia.com/cdn/player/prebid/7_30_v2/prebid.js
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.214.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 7b6f1dccfc0e8dda865993cb2078daea1d74b19c7d74b06155fc43a6481b1dc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 06:28:22 GMT
content-encoding: gzip
age: 18112
x-guploader-uploadid: ADPycdspMzPkGbBQKYwzCPRmFTyB_p9Re5hIdGpRdhb0bAl97f_k2-mPRWlUWmQrvbLOsjYcA1YwmVxreQJpD4LV6HfSj8_UrJkh
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141028
last-modified: Mon, 17 Apr 2023 13:18:18 GMT
server: UploadServer
etag: "5750ca4d2dd5455120ea44ea3f8ec887"
vary: Accept-Encoding
x-goog-generation: 1681737498441683
x-goog-hash: crc32c=Fc2c2w==, md5=V1DKTS3VRVEg6kTqP47Ihw==
access-control-allow-origin: *
access-control-expose-headers: Accept, Authorization, Content-Length, Content-Range, Content-Type, Date, Origin, Range, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=3600
x-goog-stored-content-length: 141028
accept-ranges: bytes
content-type: application/javascript

GET
H3 200 bridge3.572.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 06D3 707 KB
226 KB 14ms
13ms Document
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b144069da3f1709d073fdb3895992e36a79a45b9f8db3a8bc3f52b54bc86115a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 497258
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 231061
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 17:22:36 GMT
expires: Sat, 04 May 2024 17:22:36 GMT
last-modified: Thu, 04 May 2023 18:03:20 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame CD70 230 KB
57 KB 11ms
11ms Script
application/javascript 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bf5de2a37e1b850ca9cc3b1a55bccd36def2be3524d0c5acb67b61f26aac8a96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:00:57 GMT
content-encoding: gzip
via: 1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront), 1.1 e026b2802d48048e9935caadbecf124e.cloudfront.net (CloudFront)
last-modified: Wed, 10 May 2023 21:23:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P3
age: 1757
x-amz-server-side-encryption: AES256
etag: W/"e6af4658ab1a6fdde1f0066b27d5372e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: tQzI-BG1cegQMhW9KnkBKbeVUwbmTXHQN23J28luK1fa3jN3bkVN-A==

GET
H3 200 bridge3.572.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame FE98 707 KB
226 KB 19ms
18ms Document
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b144069da3f1709d073fdb3895992e36a79a45b9f8db3a8bc3f52b54bc86115a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 497258
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 231061
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 17:22:36 GMT
expires: Sat, 04 May 2024 17:22:36 GMT
last-modified: Thu, 04 May 2023 18:03:20 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 selectAmazon.js Show response
serv-selectmedia.com/cdn/player/amz/ Frame F444 177 KB
44 KB 20ms
19ms Script
application/javascript 34.107.214.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.214.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 6952d75a2aaa80c38068102af0b81541c127ce80a62b183f9a6d4197a4c2e31f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 06:28:23 GMT
content-encoding: gzip
age: 18111
x-guploader-uploadid: ADPycdtSbzelJZRw4gAsEKngslbEw1W7TVHIzymPkPr9nDJTyClXj360claPVSUGt6pUma-HAVeU2tFB4CbcjJUhMTZZFnSZoQ7q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44378
last-modified: Wed, 02 Nov 2022 06:57:53 GMT
server: UploadServer
etag: "5903e8ba730613f669c63fe70c11da79"
vary: Accept-Encoding
x-goog-generation: 1667372273714744
x-goog-hash: crc32c=QTZXcA==, md5=WQPounMGE/Zpxj/nDBHaeQ==
access-control-allow-origin: *
access-control-expose-headers: Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control: public,max-age=3600
x-goog-stored-content-length: 44378
accept-ranges: bytes
content-type: application/javascript

GET
H3 200 bridge3.572.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame E936 707 KB
226 KB 20ms
19ms Document
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b144069da3f1709d073fdb3895992e36a79a45b9f8db3a8bc3f52b54bc86115a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 497258
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 231061
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 17:22:36 GMT
expires: Sat, 04 May 2024 17:22:36 GMT
last-modified: Thu, 04 May 2023 18:03:20 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 selectAmazon.js Show response
serv-selectmedia.com/cdn/player/amz/ Frame A362 177 KB
43 KB 22ms
22ms Script
application/javascript 34.107.214.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.214.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 6952d75a2aaa80c38068102af0b81541c127ce80a62b183f9a6d4197a4c2e31f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 06:28:23 GMT
content-encoding: gzip
age: 18111
x-guploader-uploadid: ADPycdtSbzelJZRw4gAsEKngslbEw1W7TVHIzymPkPr9nDJTyClXj360claPVSUGt6pUma-HAVeU2tFB4CbcjJUhMTZZFnSZoQ7q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44378
last-modified: Wed, 02 Nov 2022 06:57:53 GMT
server: UploadServer
etag: "5903e8ba730613f669c63fe70c11da79"
vary: Accept-Encoding
x-goog-generation: 1667372273714744
x-goog-hash: crc32c=QTZXcA==, md5=WQPounMGE/Zpxj/nDBHaeQ==
access-control-allow-origin: *
access-control-expose-headers: Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control: public,max-age=3600
x-goog-stored-content-length: 44378
accept-ranges: bytes
content-type: application/javascript

GET
H3 200 bridge3.572.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 16DC 707 KB
226 KB 18ms
17ms Document
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b144069da3f1709d073fdb3895992e36a79a45b9f8db3a8bc3f52b54bc86115a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 497258
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 231061
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 17:22:36 GMT
expires: Sat, 04 May 2024 17:22:36 GMT
last-modified: Thu, 04 May 2023 18:03:20 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 selectAmazon.js Show response
serv-selectmedia.com/cdn/player/amz/ Frame 5289 177 KB
43 KB 19ms
15ms Script
application/javascript 34.107.214.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.214.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 6952d75a2aaa80c38068102af0b81541c127ce80a62b183f9a6d4197a4c2e31f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 06:28:23 GMT
content-encoding: gzip
age: 18111
x-guploader-uploadid: ADPycdtSbzelJZRw4gAsEKngslbEw1W7TVHIzymPkPr9nDJTyClXj360claPVSUGt6pUma-HAVeU2tFB4CbcjJUhMTZZFnSZoQ7q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44378
last-modified: Wed, 02 Nov 2022 06:57:53 GMT
server: UploadServer
etag: "5903e8ba730613f669c63fe70c11da79"
vary: Accept-Encoding
x-goog-generation: 1667372273714744
x-goog-hash: crc32c=QTZXcA==, md5=WQPounMGE/Zpxj/nDBHaeQ==
access-control-allow-origin: *
access-control-expose-headers: Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control: public,max-age=3600
x-goog-stored-content-length: 44378
accept-ranges: bytes
content-type: application/javascript

GET
H3 200 bridge3.572.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame DB49 707 KB
226 KB 21ms
20ms Document
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b144069da3f1709d073fdb3895992e36a79a45b9f8db3a8bc3f52b54bc86115a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 497258
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 231061
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 17:22:36 GMT
expires: Sat, 04 May 2024 17:22:36 GMT
last-modified: Thu, 04 May 2023 18:03:20 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bridge3.572.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 1648 707 KB
226 KB 49ms
48ms Document
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b144069da3f1709d073fdb3895992e36a79a45b9f8db3a8bc3f52b54bc86115a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 497258
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 231061
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 17:22:36 GMT
expires: Sat, 04 May 2024 17:22:36 GMT
last-modified: Thu, 04 May 2023 18:03:20 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bridge3.572.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 1F9B 707 KB
226 KB 31ms
31ms Document
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b144069da3f1709d073fdb3895992e36a79a45b9f8db3a8bc3f52b54bc86115a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 497258
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 231061
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 17:22:36 GMT
expires: Sat, 04 May 2024 17:22:36 GMT
last-modified: Thu, 04 May 2023 18:03:20 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bridge3.572.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 1B88 707 KB
226 KB 36ms
31ms Document
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b144069da3f1709d073fdb3895992e36a79a45b9f8db3a8bc3f52b54bc86115a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 497258
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 231061
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 17:22:36 GMT
expires: Sat, 04 May 2024 17:22:36 GMT
last-modified: Thu, 04 May 2023 18:03:20 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bridge3.572.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 3010 707 KB
226 KB 25ms
13ms Document
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b144069da3f1709d073fdb3895992e36a79a45b9f8db3a8bc3f52b54bc86115a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 497258
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 231061
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 17:22:36 GMT
expires: Sat, 04 May 2024 17:22:36 GMT
last-modified: Thu, 04 May 2023 18:03:20 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bridge3.572.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 2C97 707 KB
226 KB 13ms
13ms Document
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b144069da3f1709d073fdb3895992e36a79a45b9f8db3a8bc3f52b54bc86115a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 497258
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 231061
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 17:22:36 GMT
expires: Sat, 04 May 2024 17:22:36 GMT
last-modified: Thu, 04 May 2023 18:03:20 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bridge3.572.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame E488 707 KB
226 KB 17ms
14ms Document
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b144069da3f1709d073fdb3895992e36a79a45b9f8db3a8bc3f52b54bc86115a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 497258
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 231061
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 17:22:36 GMT
expires: Sat, 04 May 2024 17:22:36 GMT
last-modified: Thu, 04 May 2023 18:03:20 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bridge3.572.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 1E49 707 KB
226 KB 13ms
13ms Document
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b144069da3f1709d073fdb3895992e36a79a45b9f8db3a8bc3f52b54bc86115a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 497258
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 231061
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 17:22:36 GMT
expires: Sat, 04 May 2024 17:22:36 GMT
last-modified: Thu, 04 May 2023 18:03:20 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bridge3.572.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 6ABC 707 KB
226 KB 15ms
13ms Document
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b144069da3f1709d073fdb3895992e36a79a45b9f8db3a8bc3f52b54bc86115a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 497258
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 231061
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 17:22:36 GMT
expires: Sat, 04 May 2024 17:22:36 GMT
last-modified: Thu, 04 May 2023 18:03:20 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bridge3.572.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame B447 707 KB
226 KB 14ms
13ms Document
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b144069da3f1709d073fdb3895992e36a79a45b9f8db3a8bc3f52b54bc86115a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 497258
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 231061
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 17:22:36 GMT
expires: Sat, 04 May 2024 17:22:36 GMT
last-modified: Thu, 04 May 2023 18:03:20 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bridge3.572.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame E576 707 KB
226 KB 13ms
13ms Document
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b144069da3f1709d073fdb3895992e36a79a45b9f8db3a8bc3f52b54bc86115a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 497258
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 231061
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 17:22:36 GMT
expires: Sat, 04 May 2024 17:22:36 GMT
last-modified: Thu, 04 May 2023 18:03:20 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bridge3.572.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame F615 707 KB
226 KB 13ms
13ms Document
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b144069da3f1709d073fdb3895992e36a79a45b9f8db3a8bc3f52b54bc86115a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 497258
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 231061
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 17:22:36 GMT
expires: Sat, 04 May 2024 17:22:36 GMT
last-modified: Thu, 04 May 2023 18:03:20 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bridge3.572.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame B076 707 KB
226 KB 14ms
12ms Document
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b144069da3f1709d073fdb3895992e36a79a45b9f8db3a8bc3f52b54bc86115a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 497258
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 231061
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 17:22:36 GMT
expires: Sat, 04 May 2024 17:22:36 GMT
last-modified: Thu, 04 May 2023 18:03:20 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bridge3.572.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame B163 707 KB
226 KB 14ms
13ms Document
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b144069da3f1709d073fdb3895992e36a79a45b9f8db3a8bc3f52b54bc86115a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 497258
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 231061
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 17:22:36 GMT
expires: Sat, 04 May 2024 17:22:36 GMT
last-modified: Thu, 04 May 2023 18:03:20 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bridge3.572.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 492D 707 KB
226 KB 15ms
13ms Document
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b144069da3f1709d073fdb3895992e36a79a45b9f8db3a8bc3f52b54bc86115a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 497258
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 231061
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 17:22:36 GMT
expires: Sat, 04 May 2024 17:22:36 GMT
last-modified: Thu, 04 May 2023 18:03:20 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bridge3.572.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 321C 707 KB
226 KB 17ms
16ms Document
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b144069da3f1709d073fdb3895992e36a79a45b9f8db3a8bc3f52b54bc86115a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 497258
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 231061
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 17:22:36 GMT
expires: Sat, 04 May 2024 17:22:36 GMT
last-modified: Thu, 04 May 2023 18:03:20 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
serv-selectmedia.com/serving_v3/ 63 KB
6 KB 156ms
156ms Fetch
application/json 34.107.214.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-selectmedia.com/serving_v3/?channelid=e1da33b2-5df6-46fc-a1b0-e9494976c808&height=338&publisherid=413cb585-3a5f-47af-b38f-bfa872f9a666&tagid=tag_5f40f04e-17fa-49cf-ae12-28a8f5bc005c&templateid=fee06c3e-0c86-4f3a-ae7d-b4a40c03835b&width=600&domain=cnvyl.katerionews.com&hostname=katerionews.com&url=katerionews.com&cb=1683804614570-3a948589-15cb-406e-84db-3953352b97e7&is_desktop=1
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.214.107.34.bc.googleusercontent.com
Software: /
Resource Hash: 6f4d3c9996b1094a83c7defa6307d608ab2a76d830fb88eae093a7a9593e0ee7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:14 GMT
content-encoding: gzip
via: 1.1 google
allowedmethods: GET , POST , PUT , DELETE , OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma: no-cache
x-accel-expires: 0
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials: true
allowedheaders: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H/1.1 204
No Content multitracking Show response
ghb.aplhb.adipolo.com/adunit/ 0
232 B 22ms
20ms XHR
text/plain 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.aplhb.adipolo.com/adunit/multitracking
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/x467723/hbw_master_741094_17335.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cnvyl.katerionews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://cnvyl.katerionews.com
Date: Thu, 11 May 2023 11:30:14 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58543/ Frame 1989 0
0 92ms
12ms Document
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=undefined

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5ef4bc022e79664d2b473869

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://tpc.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
date: Thu, 11 May 2023 11:30:14 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.10.57
strict-transport-security: max-age=31536000

GET
H2 200 cm Show response
u.openx.net/w/1.0/ Frame 14DF 43 B
304 B 78ms
25ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/cm?id=ec4c2ec9-18b8-454e-98be-3ee1e6bfea65&gdpr=1&gdpr_consent=undefined&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1683804614185-951996230838-001201-002-003896%26biddername%3D23%26key%3D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5ef4bc022e79664d2b473869
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda

Request headers

Referer: https://tpc.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-length: 56
content-type: text/html
date: Thu, 11 May 2023 11:30:14 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame 9B52
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1683804614185-951996230838-001201-002-003896%26biddername%3D10%2...
https://sync.aniview.com/cookiesyncendpoint?auid=1683804614185-951996230838-001201-002-003896&biddername=10&pid=59c9148628a0612da3689288&key=MsrZK4wmEfES&ev=1&us_privacy=1---&pid=562704

0
207 B

97ms
97ms

Document
text/plain

52.2.228.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1683804614185-951996230838-001201-002-003896&biddername=10&pid=59c9148628a0612da3689288&key=MsrZK4wmEfES&ev=1&us_privacy=1---&pid=562704
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5ef4bc022e79664d2b473869
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.2.228.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-2-228-97.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tpc.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Thu, 11 May 2023 11:30:14 GMT

Redirect headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control: private, max-age=0, no-cache, no-store
content-language: de-DE
cw-server: bh-deployment-stage-0
expires: -1
location: https://sync.aniview.com/cookiesyncendpoint?auid=1683804614185-951996230838-001201-002-003896&biddername=10&pid=59c9148628a0612da3689288&key=MsrZK4wmEfES&ev=1&us_privacy=1---&pid=562704
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server: Jetty(10.0.14)
strict-transport-security: max-age=15768000

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame 898C
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3655&_fw_gdpr=1&_fw_gdpr_consent=undefined
https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=692e3d37c25f57d0a8a3db45d3b95&_fw_gdpr=1&_fw_gdpr_consent=undefined

0
228 B

237ms
98ms

Document
text/plain

52.2.228.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=692e3d37c25f57d0a8a3db45d3b95&_fw_gdpr=1&_fw_gdpr_consent=undefined
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5ef4bc022e79664d2b473869
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.2.228.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-2-228-97.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tpc.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Thu, 11 May 2023 11:30:14 GMT

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Thu, 11 May 2023 11:30:14 GMT
Expires: Thu, 11 May 2023 11:30:14 GMT
Location: https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=692e3d37c25f57d0a8a3db45d3b95&_fw_gdpr=1&_fw_gdpr_consent=undefined
Pragma: no-cache
Server: nginx
x-sticky-vk: 1683804614724022-338

GET
H/1.1 200
OK auto-user-sync Show response
ads.stickyadstv.com/ Frame 5B0D 43 B
621 B 134ms
17ms Document
image/gif 2.16.202.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=1&_fw_gdpr_consent=undefined
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5ef4bc022e79664d2b473869
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.75 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-75.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://tpc.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Thu, 11 May 2023 11:30:14 GMT
Expires: Thu, 11 May 2023 11:30:14 GMT
Pragma: no-cache
Server: nginx
x-sticky-vk: 1683804614720023-427

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame A5C1
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=undefined&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1683804614185-951996230838-001201-002-003...
https://sync.aniview.com/cookiesyncendpoint?auid=1683804614185-951996230838-001201-002-003896&biddername=200&key=OPTOUT

0
199 B

315ms
97ms

Document
text/plain

52.2.228.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1683804614185-951996230838-001201-002-003896&biddername=200&key=OPTOUT
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5ef4bc022e79664d2b473869
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.2.228.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-2-228-97.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tpc.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Thu, 11 May 2023 11:30:14 GMT

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html
date: Thu, 11 May 2023 11:30:14 GMT
etag: OPTOUT
expires: 0
location: https://sync.aniview.com/cookiesyncendpoint?auid=1683804614185-951996230838-001201-002-003896&biddername=200&key=OPTOUT
pragma: no-cache

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 3F13 0
0 22ms
22ms Document
text/plain 216.52.2.6
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=undefined&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1683804614185-951996230838-001201-002-003896%26biddername%3D18%26key%3D%24UID
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5ef4bc022e79664d2b473869
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://tpc.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Date: Thu, 11 May 2023 11:30:14 GMT
X-Sovrn-Pod: ad_ap2ams1

GET
H2 204 /
onetag-sys.com/usync/ Frame 0876 0
0 15ms
15ms Document
text/plain 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=undefined&us_privacy=1---

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5ef4bc022e79664d2b473869

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://tpc.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 03B6 16 KB
6 KB 37ms
8ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=undefined&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1683804614185-951996230838-001201-002-003896%26biddername%3D1%26key%3D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5ef4bc022e79664d2b473869
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://tpc.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=45799
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Thu, 11 May 2023 11:30:14 GMT
expires: Fri, 12 May 2023 00:13:33 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 sync Show response
vid.vidoomy.com/ Frame 0717 49 KB
18 KB 135ms
38ms Document
text/html 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.vidoomy.com/sync?gdpr=1&gdpr_consent=undefined&us_privacy=1---&redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1683804614185-951996230838-001201-002-003896%26biddername%3D133%26pid%3D59c9148628a0612da3689288%26key%3D%7B%7BVID%7D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5ef4bc022e79664d2b473869
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ce33815b4c0f7c15686c773ff8b0e5092b36696a6c758ef499dc32e5a8f01e9a

Request headers

Referer: https://tpc.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html
date: Thu, 11 May 2023 11:30:14 GMT
etag: W/"64243ed7-c28e"
last-modified: Wed, 29 Mar 2023 13:36:23 GMT
server: CDN77-Turbo
vary: Accept-Encoding
x-77-cache: MISS
x-77-nzt: AZySIYjT3DKh
x-77-nzt-ray: f6587a1d6612d338c6d15c643c98ac2a
x-77-pop: frankfurtDE
x-cache: MISS

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame F7D6
Redirect Chain

https://csync.loopme.me/?pubid=11455&gdpr=1&gdpr_consent=undefined&redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1683804614185-951996230838-001201-002-003896%26biddername%3D...
https://sync.aniview.com/cookiesyncendpoint?auid=1683804614185-951996230838-001201-002-003896&biddername=56&pid=59c9148628a0612da3689288&key=91d46104-5636-45c5-8ab8-aa3bcdfcb072&gdpr_consent=undefi...

0
240 B

285ms
97ms

Document
text/plain

52.2.228.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1683804614185-951996230838-001201-002-003896&biddername=56&pid=59c9148628a0612da3689288&key=91d46104-5636-45c5-8ab8-aa3bcdfcb072&gdpr_consent=undefined&gdpr=1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5ef4bc022e79664d2b473869
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.2.228.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-2-228-97.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tpc.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Thu, 11 May 2023 11:30:14 GMT

Redirect headers

content-length: 0
date: Thu, 11 May 2023 11:30:14 GMT
location: https://sync.aniview.com/cookiesyncendpoint?auid=1683804614185-951996230838-001201-002-003896&biddername=56&pid=59c9148628a0612da3689288&key=91d46104-5636-45c5-8ab8-aa3bcdfcb072&gdpr_consent=undefined&gdpr=1
server: _

GET
H/1.1 200
OK ptv Show response
secure.adnxs.com/ Frame 7776 85 B
1 KB 40ms
9ms Fetch
application/xml 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/ptv?id=20752114&cb=3804614617&schain=1.0%2C1!smilewanted.com%2C4192%2C1%2C%2Cpurifydigital.com%2Cpurifydigital.com%2C&vplaybackmethod=0&referrer=cnvyl.katerionews.com&kw_channel=instream_sans_algo

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5ef4bc022e79664d2b473869

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 May 2023 11:30:14 GMT
AN-X-Request-Uuid: 21be1742-4b38-46d7-bcf8-cdb123b87742
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/xml; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://tpc.googlesyndication.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 178.162.209.136; 178.162.209.136; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ptv Show response
secure.adnxs.com/ Frame 7776 85 B
1 KB 37ms
7ms Fetch
application/xml 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/ptv?id=20889945&cb=3804614620&schain=1.0%2C1!smilewanted.com%2C4192%2C1%2C%2Cpurifydigital.com%2Cpurifydigital.com%2C&vplaybackmethod=0&referrer=cnvyl.katerionews.com&kw_channel=instream_sans_algo

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5ef4bc022e79664d2b473869

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 May 2023 11:30:14 GMT
AN-X-Request-Uuid: 24b5e517-3734-45c0-9a2c-7b20d147b4fb
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/xml; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://tpc.googlesyndication.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 178.162.209.136; 178.162.209.136; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 7776 43 B
146 B 38ms
8ms Image
image/gif 52.58.79.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=&user_id=1683804614185-951996230838-001201-002-003896&gdpr=1&gdpr_consent=undefined&us_privacy=1---
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.79.217 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-79-217.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1683804614185-951996230838-001201-002-003896%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D
x.bidswitch.net/check_uuid/ Frame 7776 43 B
145 B 39ms
9ms Image
image/gif 52.58.79.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1683804614185-951996230838-001201-002-003896%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D?gdpr=1&gdpr_consent=undefined&us_privacy=1---
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.79.217 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-79-217.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 track
track1.aniview.com/ Frame 7776 0
97 B 111ms
111ms Image
text/plain 23.21.77.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=cnvyl.katerionews.com&rs=cnvyl.katerionews.com&sid=88613&t=1683804614&cip=178.162.209.136&sn=&tgt=1&osv=10&bv=113.0&brn=Chrome&wi=480&he=270&app=&AV_PUBLISHERID=5ef4bc022e79664d2b473869&test=&d64=d62636dc20c2f3ae7365d93f8f76d8f0&d63=d62636dc20c2f3ae7365d93f8f76d8f0&aafaid=&proto=https&uid=1683804614185-951996230838-001201-002-003896&cha=0.7&stagid=&stplid=&d35=&d36=6.2.97&cb=18724448505&d39=&d65=&d66=&d73=&apppkg=&d9=0000&d37=realtime&AV_WIDTH=480&AV_HEIGHT=270&nid=5ef4bc022e79664d2b473869&ncid=5fd512d6c22e4d461a608c85&e=request&cb=1683804614622&asid=5fd51ab848217056e368a756%2C600063541f5b0f2fbc637ad9&ofpr=%2C&fpo=%2C&ri=1%2C1
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.77.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-77-250.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:14 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 websocket_ip.min.js Show response
waaw.ac/js/ Frame 383F 5 KB
2 KB 15ms
15ms Script
application/javascript 190.115.19.71
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://waaw.ac/js/websocket_ip.min.js
Requested by: Host: waaw.ac
URL: https://waaw.ac/player/embed_player.php?vpn=1&vid=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: Google Frontend /
Resource Hash: 419b600e2a3d2523ed458633a946a9a07fcf046077f0ea79f3e435f154f04ee7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waaw.ac/player/embed_player.php?vpn=1&vid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: cache
date: Thu, 11 May 2023 11:30:15 GMT
content-encoding: gzip
x-cache-status-inferno-s: HIT
last-modified: Fri, 20 Jan 2023 13:44:36 GMT
server: Google Frontend
etag: W/"63ca9ac4-121c"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials: true
x-inferno-location: static
accessing-static: 1

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 60CA 219 B
554 B 56ms
21ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=cnvyl.katerionews.com&callback=_gfp_s_&client=ca-pub-3592985597631507&cookie=ID%3Db679b9b9d5fda808%3AT%3D1683804613%3AS%3DALNI_MZeYjxUh9DdCdGSGhdSLjb-mdcs-Q&gpic=UID%3D00000bf97ea5ad88%3AT%3D1683804613%3ART%3D1683804613%3AS%3DALNI_MZWK5e_uYbhC-dT_U-D2_xkjB9wTA

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3592985597631507&plah=cnvyl.katerionews.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

069c96687f482674c845a94016b5bbbe4110a148c1be67caf7d7c379d4bece33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 203
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 60CA 107 B
165 B 22ms
21ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=cnvyl.katerionews.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 60CA 107 B
122 B 27ms
27ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cnvyl.katerionews.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EC68 61 KB
20 KB 726ms
690ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3592985597631507&output=html&h=250&slotname=300x250&adk=1453749305&adf=272530284&pi=t.ma~as.300x250&w=300&lmt=1683804615&url=https%3A%2F%2Fcnvyl.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683804614077&bpp=106&bdt=146&idt=1253&shv=r20230509&mjsv=m202305080101&ptt=5&saldr=sa&cookie=ID%3Db679b9b9d5fda808%3AT%3D1683804613%3AS%3DALNI_MZeYjxUh9DdCdGSGhdSLjb-mdcs-Q&gpic=UID%3D00000bf97ea5ad88%3AT%3D1683804613%3ART%3D1683804613%3AS%3DALNI_MZWK5e_uYbhC-dT_U-D2_xkjB9wTA&correlator=4990421423842&frm=23&ife=4&pv=2&ga_vid=8385485.1683804615&ga_sid=1683804615&ga_hid=2041429385&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1085&ady=393&biw=1600&bih=1200&isw=300&ish=250&ifk=2523646545&scr_x=0&scr_y=0&eid=44759927%2C44773809%2C44759842%2C44759876%2C31074431%2C42531706%2C44788442%2C44789923&oid=2&pvsid=2436963586929940&uas=0&nvt=1&ref=https%3A%2F%2Fwaaw.ac%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.89jh8p6xvey1&fsb=1&dtd=1272

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d40c5d4f4a96387ad3bfe00d86ac8f8678e84a160eebb031f62408e0e08e97ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cnvyl.katerionews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 20436
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 May 2023 11:30:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 publishertag.prebid.134.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 61ms
28ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.134.js

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467723/hbp_master_741094_17335.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:15:33 GMT
server: nginx
etag: W/"642e8db5-162ff"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 12 May 2023 11:30:15 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame CD70 6 KB
3 KB 8ms
7ms XHR
application/javascript 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: a.HbuOpmjkJB1GB8lMAKg2zkvv8bzRE7
content-encoding: gzip
via: 1.1 82514a5a8cf35fb3132b0b5ab9cb724c.cloudfront.net (CloudFront)
date: Thu, 11 May 2023 01:00:28 GMT
x-amz-cf-pop: FRA56-P3
age: 37788
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 04 May 2023 22:07:52 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: PLFqn6WYfV6E4fWKbcj5r8n7Rn-O-g4EOFytJH2ZkEK4Ro-9TkNKUA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame F444 6 KB
3 KB 8ms
7ms XHR
application/javascript 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: a.HbuOpmjkJB1GB8lMAKg2zkvv8bzRE7
content-encoding: gzip
via: 1.1 82514a5a8cf35fb3132b0b5ab9cb724c.cloudfront.net (CloudFront)
date: Thu, 11 May 2023 01:00:28 GMT
x-amz-cf-pop: FRA56-P3
age: 37789
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 04 May 2023 22:07:52 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: uMrioE389hf0EMlFq-m2THistYIu2zfJLnBN8hZRBnisY4_-jp8bxQ==

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 03B6 0
42 B 175ms
18ms Script
text/plain 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=80938942&p=160993&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=undefined&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=undefined&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1683804614185-951996230838-001201-002-003896%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:15 GMT
content-length: 0

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame A362 6 KB
3 KB 8ms
7ms XHR
application/javascript 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: a.HbuOpmjkJB1GB8lMAKg2zkvv8bzRE7
content-encoding: gzip
via: 1.1 82514a5a8cf35fb3132b0b5ab9cb724c.cloudfront.net (CloudFront)
date: Thu, 11 May 2023 01:00:28 GMT
x-amz-cf-pop: FRA56-P3
age: 37789
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 04 May 2023 22:07:52 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: O0FHsqz3xDmLo6t_CIeTGPBAXNUCnjIxSD-XWD1xHLocgYaEILC1Wg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 5289 6 KB
3 KB 11ms
10ms XHR
application/javascript 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: a.HbuOpmjkJB1GB8lMAKg2zkvv8bzRE7
content-encoding: gzip
via: 1.1 82514a5a8cf35fb3132b0b5ab9cb724c.cloudfront.net (CloudFront)
date: Thu, 11 May 2023 01:00:28 GMT
x-amz-cf-pop: FRA56-P3
age: 37789
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 04 May 2023 22:07:52 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: fknRKzaPGq88kpk5teMJgYyr9EnvmEKpqIQ85aQNvXG33EmqWsJaiA==

GET
H2 200 pes.playerInterface.57ed8da7.js Show response
static1.dmcdn.net/playerv5/ 5 KB
2 KB 112ms
16ms Script
application/x-javascript 178.79.242.181
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/pes.playerInterface.57ed8da7.js
Requested by: Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/libs/player/xa2et.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-181.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: 36f94bb3b6ec671c552607da23527c6a08e2453f00e7b6c2941fd6b278ddd00b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:16 GMT
content-encoding: gzip
age: 83911
server-timing: total;dur=0, dc;desc="dc3"
content-length: 1726
last-modified: Wed, 10 May 2023 12:08:52 GMT
server: DMS/1.0.42
etag: "645b8954-1315"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-llid: 6ee43263d73260cfa23674633f57a5ab
expires: Fri, 09 Jun 2023 12:11:45 GMT

GET
H/1.1 200
OK cookie.js Show response
geo.dailymotion.com/ 38 B
976 B 25ms
25ms Script
application/javascript 188.65.124.90
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.dailymotion.com/cookie.js

Requested by

Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/libs/player/xa2et.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

188.65.124.90 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

DMS/1.0.42 /

Resource Hash

407c0ea74212ba3a966ae1d7cf3c8ecf68e6071c8b6194fa830e4560ec13635b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31708800; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Security-Policy: upgrade-insecure-requests
Date: Thu, 11 May 2023 11:30:16 GMT
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31708800; includeSubDomains; preload
Server: DMS/1.0.42
Expect-Ct: max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Content-Security-Policy-Report-Only: default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Vary: X-DM-SSL
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache, no-store
Server-Timing: total;dur=9, dc;desc="dc3"
Timing-Allow-Origin: *
Content-Length: 38

GET
H3 204 /
track-selectmedia.com/trackv4/ 0
17 B 147ms
147ms Image
application/json 34.117.33.6
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track-selectmedia.com/trackv4/?d10=HU&d12=Chrome&d14=338X600&d19=10&d2=1683804300&d20=112.0.0&d23=tag_5f40f04e-17fa-49cf-ae12-28a8f5bc005c&d24=e1da33b2-5df6-46fc-a1b0-e9494976c808&d25=fee06c3e-0c86-4f3a-ae7d-b4a40c03835b&d3=413cb585-3a5f-47af-b38f-bfa872f9a666&d4=5cc8935c-b8e7-4e62-97fc-d3dc58e709bd&d5=cnvyl.katerionews.com&d8=1&d9=Windows&channelkey=dHMxPTVjYzg5MzVjLWI4ZTctNGU2Mi05N2ZjLWQzZGM1OGU3MDliZCZ0czI9MSZ0czM9MiZ0czQ9MQ==&d28=1325&d33=20&d34=-1&d35=1&d36=1&d37=1&d38=1&d40=20&d26=600x338&d27=1&cb=1683804616471-5500c649-ae16-4b9a-a498-74f98fb6dde7&e=1
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 6.33.117.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:16 GMT
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin
allowedmethods: GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials: true
allowedheaders: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 204 /
track-selectmedia.com/trackv4/ 0
17 B 148ms
148ms Image
application/json 34.117.33.6
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track-selectmedia.com/trackv4/?d10=HU&d12=Chrome&d14=338X600&d19=10&d2=1683804300&d20=112.0.0&d23=tag_5f40f04e-17fa-49cf-ae12-28a8f5bc005c&d24=e1da33b2-5df6-46fc-a1b0-e9494976c808&d25=fee06c3e-0c86-4f3a-ae7d-b4a40c03835b&d3=413cb585-3a5f-47af-b38f-bfa872f9a666&d4=5cc8935c-b8e7-4e62-97fc-d3dc58e709bd&d5=cnvyl.katerionews.com&d8=1&d9=Windows&channelkey=dHMxPTVjYzg5MzVjLWI4ZTctNGU2Mi05N2ZjLWQzZGM1OGU3MDliZCZ0czI9MSZ0czM9MiZ0czQ9MQ==&d28=1325&d33=20&d34=-1&d35=1&d36=1&d37=1&d38=1&d40=20&cb=1683804616471-26058ea8-ba05-46f5-8820-58969acfca40&e=36
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 6.33.117.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:16 GMT
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin
allowedmethods: GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials: true
allowedheaders: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 24ms
23ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=cnvyl.katerionews.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 23ms
23ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cnvyl.katerionews.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame EC68 8 KB
745 B 23ms
22ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3592985597631507&output=html&h=250&slotname=300x250&adk=1453749305&adf=272530284&pi=t.ma~as.300x250&w=300&lmt=1683804615&url=https%3A%2F%2Fcnvyl.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683804614077&bpp=106&bdt=146&idt=1253&shv=r20230509&mjsv=m202305080101&ptt=5&saldr=sa&cookie=ID%3Db679b9b9d5fda808%3AT%3D1683804613%3AS%3DALNI_MZeYjxUh9DdCdGSGhdSLjb-mdcs-Q&gpic=UID%3D00000bf97ea5ad88%3AT%3D1683804613%3ART%3D1683804613%3AS%3DALNI_MZWK5e_uYbhC-dT_U-D2_xkjB9wTA&correlator=4990421423842&frm=23&ife=4&pv=2&ga_vid=8385485.1683804615&ga_sid=1683804615&ga_hid=2041429385&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1085&ady=393&biw=1600&bih=1200&isw=300&ish=250&ifk=2523646545&scr_x=0&scr_y=0&eid=44759927%2C44773809%2C44759842%2C44759876%2C31074431%2C42531706%2C44788442%2C44789923&oid=2&pvsid=2436963586929940&uas=0&nvt=1&ref=https%3A%2F%2Fwaaw.ac%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.89jh8p6xvey1&fsb=1&dtd=1272

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5cea5f5a79817996385a96e5a5337e95db241f0a33a9e46c26b24cde34ac1b9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 11 May 2023 11:30:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 11 May 2023 10:34:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 May 2023 11:30:16 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230509/r20110914/client/ Frame EC68 2 KB
765 B 14ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230509/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 13:46:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78218
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 May 2023 13:46:38 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230509/r20110914/ Frame EC68 22 KB
9 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230509/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 13:45:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78284
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8754
x-xss-protection: 0
server: cafe
etag: 1905752258753453817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 May 2023 13:45:32 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230509/r20110914/client/ Frame EC68 3 KB
1 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230509/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 13:43:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78427
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 May 2023 13:43:09 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230509/r20110914/client/ Frame EC68 19 KB
8 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230509/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 13:45:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78296
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 May 2023 13:45:20 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame EC68 0
0 82ms
24ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTSJNK7huuupDfg39t22z9w67kclxwu_P1kful2w_ynP2Y-f3riXK8OWwiZTTwLCiXTCeRLyZCRXEBoFNKGOnpYI_KCXA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3592985597631507&output=html&h=250&slotname=300x250&adk=1453749305&adf=272530284&pi=t.ma~as.300x250&w=300&lmt=1683804615&url=https%3A%2F%2Fcnvyl.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683804614077&bpp=106&bdt=146&idt=1253&shv=r20230509&mjsv=m202305080101&ptt=5&saldr=sa&cookie=ID%3Db679b9b9d5fda808%3AT%3D1683804613%3AS%3DALNI_MZeYjxUh9DdCdGSGhdSLjb-mdcs-Q&gpic=UID%3D00000bf97ea5ad88%3AT%3D1683804613%3ART%3D1683804613%3AS%3DALNI_MZWK5e_uYbhC-dT_U-D2_xkjB9wTA&correlator=4990421423842&frm=23&ife=4&pv=2&ga_vid=8385485.1683804615&ga_sid=1683804615&ga_hid=2041429385&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1085&ady=393&biw=1600&bih=1200&isw=300&ish=250&ifk=2523646545&scr_x=0&scr_y=0&eid=44759927%2C44773809%2C44759842%2C44759876%2C31074431%2C42531706%2C44788442%2C44789923&oid=2&pvsid=2436963586929940&uas=0&nvt=1&ref=https%3A%2F%2Fwaaw.ac%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.89jh8p6xvey1&fsb=1&dtd=1272
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EC68 169 KB
52 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 May 2023 11:30:16 GMT

GET
H2 200 fe5bb951bcb64b0813d5b031a6a87c6d.js Show response
www.gstatic.com/mysidia/ Frame EC68 32 KB
14 KB 51ms
15ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fe5bb951bcb64b0813d5b031a6a87c6d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f15cc4cd8b473731e005ce00c1dcbda3d2bc464bb05f8838eb9c0a5991323fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 16:08:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69711
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13644
x-xss-protection: 0
last-modified: Mon, 08 May 2023 06:22:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 08 Aug 2023 16:08:25 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 46ms
14ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcnvyl.katerionews.com%2F&domain=cnvyl.katerionews.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://cnvyl.katerionews.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://cnvyl.katerionews.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 11 May 2023 11:30:15 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 258615
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
380 B 41ms
14ms XHR
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcnvyl.katerionews.com%2F&domain=cnvyl.katerionews.com&cw=1&lsw=1

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467723/hbp_master_741094_17335.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://cnvyl.katerionews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:15 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cnvyl.katerionews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 235110
expires: 0

POST
H/1.1 200 prebid Show response
id5-sync.com/api/config/ 135 B
550 B 61ms
17ms XHR
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467723/hbp_master_741094_17335.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://cnvyl.katerionews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://cnvyl.katerionews.com
date: Thu, 11 May 2023 11:30:15 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 204 /
onetag-sys.com/usync/ Frame 7E87 0
0 15ms
14ms Document
text/plain 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1683804612952

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467723/hbp_master_741094_17335.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://cnvyl.katerionews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 sync.html Show response
public.servenobid.com/ Frame FA91 9 KB
4 KB 35ms
7ms Document
text/html 13.32.121.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467723/hbp_master_741094_17335.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b24b19152e92ee2240cdf53444b33a1b8ec286e9a44072890c5490c9d8ddfa3d

Request headers

Referer: https://cnvyl.katerionews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 62156
cache-control: max-age=86400
content-encoding: gzip
content-type: text/html
date: Wed, 10 May 2023 18:14:21 GMT
etag: W/"fd0102e5847015626666169917857ba8"
last-modified: Wed, 12 Apr 2023 16:16:50 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront)
x-amz-cf-id: 7FvLhxi3CIB5j6-3pXXW0Ppgm4T9WUBBcVzU8QltS4wwT0ofe1jqEQ==
x-amz-cf-pop: FRA60-P1
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:b4af218c-2bc9-4531-9210-521693d9d5d7
x-amz-meta-codebuild-content-md5: 9cec9a15b660da7393081e2fc6c34731
x-amz-meta-codebuild-content-sha256: 8e6d48a695640d90e0623cd4e573f94721be8c1becd249758c7df42fcffde7be
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 jquery.min.js Show response
unpkg.com/jquery@2.2.4/dist/ Frame 383F 84 KB
30 KB 18ms
18ms Script
application/javascript 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/jquery@2.2.4/dist/jquery.min.js

Requested by

Host: waaw.ac
URL: https://waaw.ac/player/embed_player.php?vpn=1&vid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waaw.ac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:16 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 9164871
last-modified: Fri, 20 May 2016 17:24:42 GMT
fly-request-id: 01FT89TTNC8AKX2H6P9GK9WKC5
server: cloudflare
etag: W/"14e4a-abtp4lyn1e8JNTF1hOYVPz/ZqIw"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c5a16c6aa77926e-FRA

GET
DATA 200
OK truncated
/ Frame EC68 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aaaf0b2c3bd11afe20e1902624db617c2131b3272fabebd1160cb2f53dfb3750

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
408 B 55ms
16ms XHR
application/json 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467723/hbp_master_741094_17335.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

617e319312a0ef06f4bdaa089dfec33f5ed372697f6c4c7b34742b5b70977c1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://cnvyl.katerionews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://cnvyl.katerionews.com
date: Thu, 11 May 2023 11:30:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

POST
H3 204 trackv4 Show response
track-selectmedia.com/ 0
17 B 160ms
159ms XHR
application/json 34.117.33.6
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://track-selectmedia.com/trackv4?bulkV3=true&version=1325&uuid=2e2bc7e8-8be3-40aa-a10e-f57ce63e0793
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 6.33.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cnvyl.katerionews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: https://cnvyl.katerionews.com
allowedmethods: GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials: true
allowedheaders: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H3 204 trackv4
track-selectmedia.com/ Frame 0
0 178ms
147ms Preflight
application/json 34.117.33.6
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://track-selectmedia.com/trackv4?bulkV3=true&version=1325&uuid=2e2bc7e8-8be3-40aa-a10e-f57ce63e0793
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 6.33.117.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://cnvyl.katerionews.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://cnvyl.katerionews.com
allowedheaders: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
allowedmethods: GET , POST , PUT , DELETE , OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json
date: Thu, 11 May 2023 11:30:16 GMT
referrer-policy: no-referrer-when-downgrade
via: 1.1 google

GET
H2 200 publishertag.prebid.134.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 53ms
26ms XHR
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.134.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.134.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:15:33 GMT
server: nginx
etag: W/"642e8db5-162ff"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 12 May 2023 11:30:16 GMT

GET
H2 200 13926 Show response
g2.gumgum.com/usync/ Frame 6CF0 4 KB
2 KB 110ms
33ms Document
text/html 54.170.204.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.170.204.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-170-204-14.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5d24eed8a897868cf5d14efa1afa4c8208044fcc26b93620448194e2a9fd0b34

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Thu, 11 May 2023 11:30:16 GMT
etag: W/"0d6b2af6a308651008daec0e344bb330d"
server: nginx
timing-allow-origin: *

GET
H2 204 /
onetag-sys.com/usync/ Frame 5F04 0
0 15ms
14ms Document
text/plain 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 sync Show response
ssbsync.smartadserver.com/api/ Frame 4831 943 B
1 KB 131ms
20ms Document
text/html 185.86.139.94
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 747114efb70eb48bc82e7bd94ff14c724718eaade17631590991167d0c342736

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 943
content-type: text/html
date: Thu, 11 May 2023 11:30:15 GMT

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame DBAF
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

2 KB
3 KB

9ms
9ms

Document
text/html

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: 4470a93774323d323bd97589288ea23d9c1888b86f7c8299b428a1d02ed03fab

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 1937
Content-Type: text/html
Date: Thu, 11 May 2023 11:30:16 GMT
Expires: 0
Keep-Alive: timeout=1, max=499
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

Redirect headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 0
Date: Thu, 11 May 2023 11:30:16 GMT
Expires: 0
Keep-Alive: timeout=1, max=500
Location: /usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
H2

200

usync.html Show response
eus.rubiconproject.com/ Frame 3919
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

281 B
410 B

30ms
15ms

Document
text/html

23.2.229.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.2.229.193 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-2-229-193.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 233
content-type: text/html; charset=UTF-8
date: Thu, 11 May 2023 11:30:16 GMT
etag: "403b9-119-5ec73a0a33d00"
last-modified: Wed, 02 Nov 2022 02:30:44 GMT
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 11 May 2023 11:30:16 GMT
location: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server: AkamaiGHost

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 017C 16 KB
6 KB 10ms
6ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=45797
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Thu, 11 May 2023 11:30:16 GMT
expires: Fri, 12 May 2023 00:13:33 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 sync-iframe Show response
cs-rtb.minutemedia-prebid.com/ Frame 9974 0
486 B 164ms
99ms Document
text/html 2600:9000:223f:4e00:1f:4c18:bd40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4e00:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://public.servenobid.com/
content-length: 0
content-type: text/html
date: Thu, 11 May 2023 11:30:16 GMT
via: 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
x-amz-cf-id: X4PhdVuaDXEYW9-46vqV-qAoKpHCUA_Q97ZfhRqD4NMn_popkwH1RA==
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
x-reason: could not perform CS due to GDPR policy: gdpr is not applied

GET
H/1.1 200
OK user-sync Show response
sync.adkernel.com/ Frame C9A4 0
160 B 72ms
25ms Document
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 0
Cache-Control: no-store
Connection: close
Content-Length: 0
Date: Thu, 11 May 2023 11:30:16 GMT
Pragma: no-cache
Server: nginx

GET
H2 200 sync-iframe Show response
cs-server-s2s.yellowblue.io/ Frame 7BB5 0
329 B 342ms
109ms Document
text/html 34.193.83.119
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.83.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-83-119.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://public.servenobid.com/
content-length: 0
content-type: text/html
date: Thu, 11 May 2023 11:30:17 GMT
x-reason: could not perform CS due to GDPR policy: gdpr is not applied

GET
H2

200

sync
ads.servenobid.com/ Frame FA91
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
https://ads.servenobid.com/sync?pid=312&uid=4201403600601124566

0
344 B

36ms
34ms

Image
image/avif

99.81.142.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=312&uid=4201403600601124566
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 99.81.142.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-142-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Date: Thu, 11 May 2023 11:30:16 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.136; 178.162.209.136; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: c4c24378-fbc8-43ed-9490-55b7976248f9
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://ads.servenobid.com/sync?pid=312&uid=4201403600601124566
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame FA91
Redirect Chain

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
https://ads.servenobid.com/sync?pid=310&uid=GoJyARZH6Xn4BzGtRpyo-naX

0
350 B

28ms
28ms

Image
image/avif

99.81.142.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=310&uid=GoJyARZH6Xn4BzGtRpyo-naX
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 99.81.142.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-142-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:17 GMT
server: envoy
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://ads.servenobid.com/sync?pid=310&uid=GoJyARZH6Xn4BzGtRpyo-naX
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
x-envoy-upstream-service-time: 19
content-length: 0
expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame FA91 0
277 B 25ms
21ms Image
text/plain 216.52.2.6
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 11 May 2023 11:30:16 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2

200

sync
ads.servenobid.com/ Frame FA91
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1683804616906
https://ad.turn.com/r/cs?pid=45&rndcb=8155331897
https://sync.1rx.io/usersync/turn/7739819000531172984?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-feca3cfb-0f10-4144-b02e-938a1d1b0c94-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-feca3cfb-0f10-4144-b02e-938a1d1b0c94-003
https://ads.servenobid.com/sync?pid=321&uid=RX-feca3cfb-0f10-4144-b02e-938a1d1b0c94-003

0
361 B

29ms
28ms

Image
image/avif

99.81.142.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=321&uid=RX-feca3cfb-0f10-4144-b02e-938a1d1b0c94-003
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 99.81.142.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-142-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=321&uid=RX-feca3cfb-0f10-4144-b02e-938a1d1b0c94-003
date: Thu, 11 May 2023 11:30:17 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXfeca3cfb0f104144b02e938a1d1b0c94003
content-type: text/html

GET
H2

200

sync
ads.servenobid.com/ Frame FA91
Redirect Chain

https://p.rfihub.com/cm?pub=44007&in=1
https://ads.servenobid.com/sync?pid=324&uid=5109685627561611451

0
344 B

32ms
30ms

Image
image/avif

99.81.142.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=324&uid=5109685627561611451
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 99.81.142.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-142-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Location: https://ads.servenobid.com/sync?pid=324&uid=5109685627561611451
Date: Thu, 11 May 2023 11:30:16 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK usa
sync.go.sonobi.com/ Frame FA91 0
500 B 414ms
105ms Image
text/plain 69.166.1.10
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 May 2023 11:30:17 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-191
Content-Type: text/plain; charset=utf8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame FA91
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
https://ads.servenobid.com/sync?pid=327&uid=1c17496e-d55e-45d8-8ec0-bbefa5fc7ad6&gdpr=0&gdpr_consent=&us_privacy=1YN-

0
356 B

39ms
38ms

Image
image/avif

99.81.142.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=327&uid=1c17496e-d55e-45d8-8ec0-bbefa5fc7ad6&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 99.81.142.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-142-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=327&uid=1c17496e-d55e-45d8-8ec0-bbefa5fc7ad6&gdpr=0&gdpr_consent=&us_privacy=1YN-
date: Thu, 11 May 2023 11:30:16 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy
content-length: 0

GET
H2

200

sync
ads.servenobid.com/ Frame FA91
Redirect Chain

https://ups.analytics.yahoo.com/ups/58559/occ
https://ups.analytics.yahoo.com/ups/58559/occ?verify=true
https://ads.servenobid.com/sync?pid=337&uid=y-ANR.1zJE2uHLOnJADwS7PNix_vIlk73ZHhflGGc-~A

0
367 B

29ms
29ms

Image
image/avif

99.81.142.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=337&uid=y-ANR.1zJE2uHLOnJADwS7PNix_vIlk73ZHhflGGc-~A
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 99.81.142.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-142-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=337&uid=y-ANR.1zJE2uHLOnJADwS7PNix_vIlk73ZHhflGGc-~A
date: Thu, 11 May 2023 11:30:16 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

sync
ads.servenobid.com/ Frame FA91
Redirect Chain

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
https://ads.servenobid.com/sync?pid=346&uid=ua-e73015e6-19e9-3fd2-ab45-fc3f57282943

0
359 B

34ms
28ms

Image
image/avif

99.81.142.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=346&uid=ua-e73015e6-19e9-3fd2-ab45-fc3f57282943
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 99.81.142.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-142-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=346&uid=ua-e73015e6-19e9-3fd2-ab45-fc3f57282943
pragma: no-cache
date: Thu, 11 May 2023 11:30:17 GMT
cache-control: no-store
content-length: 0
expires: 0

GET
H2

200

sync
ads.servenobid.com/ Frame FA91
Redirect Chain

https://ups.analytics.yahoo.com/ups/58632/occ
https://ups.analytics.yahoo.com/ups/58632/occ?verify=true
https://ads.servenobid.com/sync?pid=339&uid=y-ANR.1zJE2uHLOnJADwS7PNix_vIlk73ZHhflGGc-~A

0
367 B

29ms
29ms

Image
image/avif

99.81.142.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=339&uid=y-ANR.1zJE2uHLOnJADwS7PNix_vIlk73ZHhflGGc-~A
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 99.81.142.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-142-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=339&uid=y-ANR.1zJE2uHLOnJADwS7PNix_vIlk73ZHhflGGc-~A
date: Thu, 11 May 2023 11:30:16 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 v1
match.sharethrough.com/universal/ Frame FA91 0
360 B 59ms
8ms Image
text/plain 3.125.250.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.125.250.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-250-234.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:16 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame FA91
Redirect Chain

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
https://ads.servenobid.com/sync?pid=353&uid=0000EEA

0
336 B

36ms
35ms

Image
image/avif

99.81.142.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 99.81.142.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-142-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Thu, 11 May 2023 11:30:16 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location: https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type: text/html
cache-control: max-age=0, no-cache, no-store
content-length: 154
x-mnet-hl2: E
expires: Thu, 11 May 2023 11:30:16 GMT

GET
H/1.1 200
OK ptv Show response
secure.adnxs.com/ Frame 7776 85 B
1 KB 7ms
7ms Fetch
application/xml 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/ptv?id=20752114&cb=3804616879&schain=1.0%2C1!smilewanted.com%2C4192%2C1%2C%2Cpurifydigital.com%2Cpurifydigital.com%2C&vplaybackmethod=0&referrer=cnvyl.katerionews.com&kw_channel=instream_sans_algo

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5ef4bc022e79664d2b473869

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 May 2023 11:30:16 GMT
AN-X-Request-Uuid: 4f641807-58a5-42ec-9ba7-ab89b46b711a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/xml; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://tpc.googlesyndication.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 178.162.209.136; 178.162.209.136; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ptv Show response
secure.adnxs.com/ Frame 7776 85 B
1 KB 8ms
7ms Fetch
application/xml 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/ptv?id=20889945&cb=3804616879&schain=1.0%2C1!smilewanted.com%2C4192%2C1%2C%2Cpurifydigital.com%2Cpurifydigital.com%2C&vplaybackmethod=0&referrer=cnvyl.katerionews.com&kw_channel=instream_sans_algo

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5ef4bc022e79664d2b473869

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

nginx/1.21.3 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 May 2023 11:30:16 GMT
AN-X-Request-Uuid: 4e56b333-ef78-4c6d-ab6e-defe0f947d71
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/xml; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://tpc.googlesyndication.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 178.162.209.136; 178.162.209.136; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 track
track1.aniview.com/ Frame 7776 0
97 B 111ms
111ms Image
text/plain 23.21.77.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=cnvyl.katerionews.com&rs=cnvyl.katerionews.com&sid=88613&t=1683804614&cip=178.162.209.136&sn=&tgt=1&osv=10&bv=113.0&brn=Chrome&wi=480&he=270&app=&AV_PUBLISHERID=5ef4bc022e79664d2b473869&test=&d64=d62636dc20c2f3ae7365d93f8f76d8f0&d63=d62636dc20c2f3ae7365d93f8f76d8f0&aafaid=&proto=https&uid=1683804614185-951996230838-001201-002-003896&cha=0.7&stagid=&stplid=&d35=&d36=6.2.97&cb=18724448505&d39=&d65=&d66=&d73=&apppkg=&d9=0000&d37=realtime&AV_WIDTH=480&AV_HEIGHT=270&nid=5ef4bc022e79664d2b473869&ncid=5fd512d6c22e4d461a608c85&e=request&cb=1683804616879&asid=5fd51ab848217056e368a756%2C600063541f5b0f2fbc637ad9&ofpr=%2C&fpo=%2C&ri=%2C
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.77.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-77-250.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:16 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 06D3 156 B
185 B 231ms
230ms XHR
text/xml 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7047%2C22893780809%2Fapl%2Faniplay%2Faniplay_200&description_url=cnvyl.katerionews.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1875662522041201&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=2800172156&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=B67A24A8-C7B1-4242-9D49-8C12E702485D&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&ref=https%3A%2F%2Fwaaw.ac%2F&url=https%3A%2F%2Fcnvyl.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b&dlt=1683804612163&idt=3835&dt=1683804616883&cookie=ID%3Db679b9b9d5fda808%3AT%3D1683804613%3AS%3DALNI_MZeYjxUh9DdCdGSGhdSLjb-mdcs-Q&gpic=UID%3D00000bf97ea5ad88%3AT%3D1683804613%3ART%3D1683804613%3AS%3DALNI_MZWK5e_uYbhC-dT_U-D2_xkjB9wTA&scor=4231627180643146&ged=ve4_td5_tt4_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame FE98 156 B
185 B 242ms
241ms XHR
text/xml 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21939239661%2C22893780809%2Fapl%2Faniplay%2Faniplay_650&description_url=cnvyl.katerionews.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3652591942532647&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=1471510095&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=B67A24A8-C7B1-4242-9D49-8C12E702485D&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&ref=https%3A%2F%2Fwaaw.ac%2F&url=https%3A%2F%2Fcnvyl.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b&dlt=1683804612163&idt=3848&dt=1683804616889&cookie=ID%3Db679b9b9d5fda808%3AT%3D1683804613%3AS%3DALNI_MZeYjxUh9DdCdGSGhdSLjb-mdcs-Q&gpic=UID%3D00000bf97ea5ad88%3AT%3D1683804613%3ART%3D1683804613%3AS%3DALNI_MZWK5e_uYbhC-dT_U-D2_xkjB9wTA&scor=1556229471278325&ged=ve4_td5_tt4_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame E936 156 B
185 B 265ms
265ms XHR
text/xml 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22703897216%2C22893780809%2FSMG_Adipolo%2Fpreroll%2Fsyndication_4&description_url=cnvyl.katerionews.com&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=314474040409761&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=2056672941&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=B67A24A8-C7B1-4242-9D49-8C12E702485D&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&ref=https%3A%2F%2Fwaaw.ac%2F&url=https%3A%2F%2Fcnvyl.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b&dlt=1683804612163&idt=3878&dt=1683804616892&cookie=ID%3Db679b9b9d5fda808%3AT%3D1683804613%3AS%3DALNI_MZeYjxUh9DdCdGSGhdSLjb-mdcs-Q&gpic=UID%3D00000bf97ea5ad88%3AT%3D1683804613%3ART%3D1683804613%3AS%3DALNI_MZWK5e_uYbhC-dT_U-D2_xkjB9wTA&scor=3175781785782770&ged=ve4_td5_tt4_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 16DC 156 B
185 B 200ms
200ms XHR
text/xml 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F136431902%2C22893780809%2Fapl%2Faniplay%2Faniplay_300&description_url=cnvyl.katerionews.com&tfcd=0&npa=0&sz=400x300&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2513395304913391&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4141724494&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=B67A24A8-C7B1-4242-9D49-8C12E702485D&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&ref=https%3A%2F%2Fwaaw.ac%2F&url=https%3A%2F%2Fcnvyl.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b&dlt=1683804612163&idt=3900&dt=1683804616897&cookie=ID%3Db679b9b9d5fda808%3AT%3D1683804613%3AS%3DALNI_MZeYjxUh9DdCdGSGhdSLjb-mdcs-Q&gpic=UID%3D00000bf97ea5ad88%3AT%3D1683804613%3ART%3D1683804613%3AS%3DALNI_MZWK5e_uYbhC-dT_U-D2_xkjB9wTA&scor=2527283533157561&ged=ve4_td5_tt4_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame DB49 156 B
185 B 117ms
117ms XHR
text/xml 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 1648 156 B
259 B 82ms
80ms XHR
text/xml 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F127641337%2C22652786701%2C22893780809%2FAdipoloshFloor2&description_url=cnvyl.katerionews.com&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4378251301247582&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=B67A24A8-C7B1-4242-9D49-8C12E702485D&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=null&dt=1683804616911&scor=320374182816703&ged=ve4_td5_tt4_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 1F9B 156 B
185 B 93ms
93ms XHR
text/xml 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7047%2C22893780809%2Fapl%2Faniplay%2Faniplay_650&description_url=cnvyl.katerionews.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2150610007315771&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=B67A24A8-C7B1-4242-9D49-8C12E702485D&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=null&dt=1683804616916&scor=2026063898480989&ged=ve4_td5_tt4_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 1B88 156 B
185 B 102ms
101ms XHR
text/xml 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21939239661%2C22893780809%2Fapl%2Faniplay%2Faniplay_300&description_url=cnvyl.katerionews.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1457366724484874&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=B67A24A8-C7B1-4242-9D49-8C12E702485D&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=null&dt=1683804616921&scor=3773756404031505&ged=ve4_td5_tt4_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 3010 156 B
185 B 141ms
141ms XHR
text/xml 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22703897216%2C22893780809%2FSMG_Adipolo%2Fpreroll%2Fsyndication_1&description_url=cnvyl.katerionews.com&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3703771328706666&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=B67A24A8-C7B1-4242-9D49-8C12E702485D&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=null&dt=1683804616926&scor=1233082038223025&ged=ve4_td5_tt4_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 2C97 156 B
185 B 92ms
92ms XHR
text/xml 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F136431902%2C22893780809%2Fapl%2Faniplay%2Faniplay_400&description_url=cnvyl.katerionews.com&tfcd=0&npa=0&sz=400x300&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=917400876838653&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=B67A24A8-C7B1-4242-9D49-8C12E702485D&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=null&dt=1683804616930&scor=1334398662558551&ged=ve4_td5_tt4_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame E488 156 B
185 B 89ms
88ms XHR
text/xml 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 1E49 156 B
142 B 90ms
90ms XHR
text/xml 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F127641337%2C22652786701%2C22893780809%2FAdipoloshFloor1.5&description_url=cnvyl.katerionews.com&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=782771621707021&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=B67A24A8-C7B1-4242-9D49-8C12E702485D&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=null&dt=1683804616939&scor=3689769937495856&ged=ve4_td5_tt4_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 6ABC 156 B
142 B 90ms
89ms XHR
text/xml 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7047%2C22893780809%2Fapl%2Faniplay%2Faniplay_170&description_url=cnvyl.katerionews.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=335076061704278&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=B67A24A8-C7B1-4242-9D49-8C12E702485D&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=null&dt=1683804616948&scor=1054920578886716&ged=ve4_td5_tt4_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame B447 156 B
142 B 102ms
101ms XHR
text/xml 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21939239661%2C22893780809%2Fapl%2Faniplay%2Faniplay_200&description_url=cnvyl.katerionews.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=207422622077996&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=B67A24A8-C7B1-4242-9D49-8C12E702485D&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=null&dt=1683804616952&scor=1843915249630599&ged=ve4_td5_tt4_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame E576 156 B
142 B 152ms
152ms XHR
text/xml 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22703897216%2C22893780809%2FSMG_Adipolo%2Fpreroll%2Fsyndication_6&description_url=cnvyl.katerionews.com&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1788705690844983&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=B67A24A8-C7B1-4242-9D49-8C12E702485D&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=null&dt=1683804616956&scor=4064416137025804&ged=ve4_td5_tt4_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200 692.json Show response
id5-sync.com/g/v2/ 240 B
655 B 60ms
25ms XHR
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/692.json

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467723/hbp_master_741094_17335.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

766a07906ccde956568d8c0aaf770f9ccc6ff51c45227b40635d12bd065629d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://cnvyl.katerionews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://cnvyl.katerionews.com
date: Thu, 11 May 2023 11:30:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK xa2et.html Show response
geo.dailymotion.com/player/ Frame 9A03 59 KB
18 KB 58ms
58ms Document
text/html 188.65.124.90
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.dailymotion.com/player/xa2et.html?video=x81iuq0&syndicationKey=273773&mute=true&ads_params=main

Requested by

Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/libs/player/xa2et.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

188.65.124.90 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

Software

DMS/1.0.42 /

Resource Hash

d374c2ab7ee388aa477944d6823b38d2c36d59892c2b3c4bdfa625cda730518c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31708800; includeSubDomains; preload

Request headers

Referer: https://cnvyl.katerionews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store
Content-Encoding: gzip
Content-Length: 17402
Content-Security-Policy: upgrade-insecure-requests
Content-Security-Policy-Report-Only: default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Content-Type: text/html; charset=utf-8
Date: Thu, 11 May 2023 11:30:16 GMT
Expect-Ct: max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Referrer-Policy: strict-origin-when-cross-origin
Server: DMS/1.0.42
Server-Timing: total;dur=41, dc;desc="dc3"
Strict-Transport-Security: max-age=31708800; includeSubDomains; preload
Timing-Allow-Origin: *
Vary: X-DM-SSL,Accept-Encoding

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame DBAF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZFzRyI9ru5Ldq7LfjkJipgAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAkPn2SQX_j6Lb9dawYiuZ4&google_cver=1

43 B
632 B

7ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAkPn2SQX_j6Lb9dawYiuZ4&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 May 2023 11:30:17 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAkPn2SQX_j6Lb9dawYiuZ4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame DBAF
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZFzRyI9ru5Ldq7LfjkJipgAACF8AAAAB&gpp=&gpp_sid=
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZFzRyI9ru5Ldq7LfjkJipgAACF8AAAAB&gpp=&gpp_sid=&dcc=t

43 B
855 B

143ms
143ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZFzRyI9ru5Ldq7LfjkJipgAACF8AAAAB&gpp=&gpp_sid=&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 May 2023 11:30:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 14TJDCB6E41N7WXXJ81F
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 11 May 2023 11:30:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: TMQ6PKA50Y2M37C3003E
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZFzRyI9ru5Ldq7LfjkJipgAACF8AAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame DBAF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZFzRyI9ru5Ldq7LfjkJipgAACF8AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFmiLphDgyKwi5Tp4TYnG9g&google_cver=1

43 B
766 B

6ms
6ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFmiLphDgyKwi5Tp4TYnG9g&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 May 2023 11:30:17 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFmiLphDgyKwi5Tp4TYnG9g&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame DBAF 70 B
265 B 111ms
35ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 11 May 2023 11:30:17 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 ZFzRyI9ru5Ldq7LfjkJipgAACF8AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame DBAF 43 B
603 B 115ms
33ms Image
image/gif 2a05:d018:d29:3605:c16d:3d42:19c0:e699
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/ZFzRyI9ru5Ldq7LfjkJipgAACF8AAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:c16d:3d42:19c0:e699 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1

200
OK

crum
dsum.casalemedia.com/ Frame DBAF
Redirect Chain

https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4201403600601124566

43 B
632 B

47ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4201403600601124566
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 May 2023 11:30:17 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Date: Thu, 11 May 2023 11:30:17 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.136; 178.162.209.136; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 459fb554-54b0-4bce-8aac-7baff2aed5e3
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4201403600601124566
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame DBAF
Redirect Chain

https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=91d46104-5636-45c5-8ab8-aa3bcdfcb072&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null

43 B
271 B

6ms
6ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=91d46104-5636-45c5-8ab8-aa3bcdfcb072&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 May 2023 11:30:17 GMT
Server: Apache
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=91d46104-5636-45c5-8ab8-aa3bcdfcb072&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date: Thu, 11 May 2023 11:30:17 GMT
server: _
content-length: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame DBAF
Redirect Chain

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=

43 B
632 B

7ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 May 2023 11:30:17 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Pragma: no-cache
Date: Thu, 11 May 2023 11:30:17 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H2 200 sync
ads.servenobid.com/ Frame DBAF 0
357 B 29ms
28ms Image
image/avif 99.81.142.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=333&uid=ZFzRyI9ru5Ldq7LfjkJipgAACF8AAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.142.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-142-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H2 200 usync.js Show response
eus.rubiconproject.com/ Frame 3919 34 KB
10 KB 31ms
28ms Script
text/html 23.2.229.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.2.229.193 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-2-229-193.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: a3acaa293726b86e502e1c4aeb6b506f7d3a0e95d96d3750236e0b4e9e4cdf5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
content-encoding: gzip
last-modified: Wed, 10 May 2023 22:29:52 GMT
server: Apache/2.2.15 (CentOS)
x-powered-by: PHP/5.3.3
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control: max-age=39580
content-length: 10019
expires: Thu, 11 May 2023 22:29:57 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 6CF0
Redirect Chain

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
https://usersync.gumgum.com/usersync?b=apn&i=4201403600601124566

35 B
250 B

145ms
32ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=apn&i=4201403600601124566
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 11 May 2023 11:30:17 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Date: Thu, 11 May 2023 11:30:17 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.136; 178.162.209.136; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: bacd2062-286b-4f99-84c4-1d7e2eba437c
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://usersync.gumgum.com/usersync?b=apn&i=4201403600601124566
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 6CF0
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_85505070-4616-4c38-813f-8c64a36256f5&gdpr=0&gdpr_consent=&us_privacy=1---
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_85505070-4616-4c38-813f-8c64a36256f5&gdpr=0&gdpr_consent=&us_privacy=1---
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2
https://x.bidswitch.net/sync?dsp_id=59&user_id=0b30b107-303d-46e1-acdd-60b81b6630a7&ssp=gumgum2
https://usersync.gumgum.com/usersync?b=bsw&i=21b83d42-9e35-4995-a546-914ee588db19&gdpr=&gdpr_consent=&us_privacy=

35 B
250 B

29ms
29ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=bsw&i=21b83d42-9e35-4995-a546-914ee588db19&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 11 May 2023 11:30:17 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

location: //usersync.gumgum.com/usersync?b=bsw&i=21b83d42-9e35-4995-a546-914ee588db19&gdpr=&gdpr_consent=&us_privacy=
date: Thu, 11 May 2023 11:30:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 6CF0
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sta&i=0-6ba00f39-46d7-51bb-6830-19a07e155b29$ip$178.162.209.136

35 B
250 B

33ms
32ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sta&i=0-6ba00f39-46d7-51bb-6830-19a07e155b29$ip$178.162.209.136
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 11 May 2023 11:30:17 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=sta&i=0-6ba00f39-46d7-51bb-6830-19a07e155b29$ip$178.162.209.136
Date: Thu, 11 May 2023 11:30:17 GMT
Connection: keep-alive
Content-Length: 129
Content-Type: text/html; charset=utf-8

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 6CF0
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_85505070-4616-4c38-813f-8c64a36256f5&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
https://stags.bluekai.com/site/23178?id=tWiDGT3hlmuFa6J7iKzU&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT25CXNFCEOVBTNBWG25KGME3EUN3JJN5FK...
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=tWiDGT3hlmuFa6J7iKzU&us_privacy=1---

35 B
250 B

33ms
32ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=tWiDGT3hlmuFa6J7iKzU&us_privacy=1---
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 11 May 2023 11:30:17 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 11 May 2023 11:30:17 GMT
Content-Type: text/html; charset=utf-8
Location: https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=tWiDGT3hlmuFa6J7iKzU&us_privacy=1---
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 123
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 6CF0
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://usersync.gumgum.com/usersync?b=pln&i=THEvlCqarLK0&ev=1&pid=558355

35 B
250 B

45ms
45ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=pln&i=THEvlCqarLK0&ev=1&pid=558355
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 11 May 2023 11:30:17 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: de-DE
location: https://usersync.gumgum.com/usersync?b=pln&i=THEvlCqarLK0&ev=1&pid=558355
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-stage-0
expires: -1

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 6CF0
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
https://usersync.gumgum.com/usersync?b=obn&i=ENC%28pW-MOWezLb817qJGAISN4SAFDk9qmQpLbHe1Kpp2sbvlFmuBrbr7DnHwTroCzzLp%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_85505070-4616-4c38-813f-8c64a36256f5&obuid=ENC(pW-MOWezLb817qJGAISN4SAFDk9qmQpLbHe1Kpp2sbvlFmuBrbr7DnHwTroCzzLp)
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
https://rtb.mfadsrvr.com/sync?ssp=outbrain&ssp_user_id=$D&initiator=platform
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=outbrain&ssp_user_id=$D&initiator=platform
https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=d14525fd-5910-4da6-8614-83b355d8823b&gdpr=&gdpr_consent=&us_privacy=

0
145 B

96ms
95ms

Image
text/plain

70.42.32.223
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=d14525fd-5910-4da6-8614-83b355d8823b&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 70.42.32.223 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Thu, 11 May 2023 11:30:18 GMT
Cache-Control: no-cache
X-TraceId: c958663fda0fa399f1ea786db8d175f2
Content-Length: 0

Redirect headers

Location: //sync.outbrain.com/cookie-sync?p=mediaforce&uid=d14525fd-5910-4da6-8614-83b355d8823b&gdpr=&gdpr_consent=&us_privacy=
Date: Thu, 11 May 2023 11:30:18 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 6CF0
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://usersync.gumgum.com/usersync?b=opx&i=fcdaab1a-8e9e-496e-8988-41f561cc1d2a

35 B
250 B

32ms
32ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=opx&i=fcdaab1a-8e9e-496e-8988-41f561cc1d2a
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 11 May 2023 11:30:17 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

date: Thu, 11 May 2023 11:30:17 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://usersync.gumgum.com/usersync?b=opx&i=fcdaab1a-8e9e-496e-8988-41f561cc1d2a
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 6CF0
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=oth&i=y-yR2GyVhE2pc4T6ZrOlFlZhZBo96IhVEXOvZn~A

35 B
250 B

31ms
31ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=oth&i=y-yR2GyVhE2pc4T6ZrOlFlZhZBo96IhVEXOvZn~A
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 11 May 2023 11:30:17 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

date: Thu, 11 May 2023 11:30:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://usersync.gumgum.com/usersync?b=oth&i=y-yR2GyVhE2pc4T6ZrOlFlZhZBo96IhVEXOvZn~A
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 6CF0
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
https://usersync.gumgum.com/usersync?b=vnt&i=ee959771-0b34-4f65-b6b4-f96b75170fb1

35 B
250 B

33ms
33ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=vnt&i=ee959771-0b34-4f65-b6b4-f96b75170fb1
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 11 May 2023 11:30:17 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=vnt&i=ee959771-0b34-4f65-b6b4-f96b75170fb1
Date: Thu, 11 May 2023 11:30:17 GMT
Connection: keep-alive
X-CI-RTID: cdb05839-5fe7-4a7c-aaf1-41b5c3d79f3f
Content-Length: 108
Content-Type: text/html; charset=utf-8

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 6CF0
Redirect Chain

https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
https://usersync.gumgum.com/usersync?b=snc&i=GDPR

35 B
250 B

33ms
33ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=snc&i=GDPR
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 11 May 2023 11:30:17 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

date: Thu, 11 May 2023 11:30:17 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 138681490
location: https://usersync.gumgum.com/usersync?b=snc&i=GDPR
access-control-allow-origin: https://g2.gumgum.com/
access-control-allow-credentials: true
content-length: 0

GET
H2 200 142
match.deepintent.com/usersync/ Frame 6CF0 0
44 B 336ms
96ms Image
text/plain 169.197.150.8
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: b /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:16 GMT
content-length: 0
server: b

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 6CF0
Redirect Chain

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://usersync.gumgum.com/usersync?b=idi&i=8e91fa3c-fec9-41d3-89dd-f62498c9dc94

35 B
250 B

34ms
33ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=idi&i=8e91fa3c-fec9-41d3-89dd-f62498c9dc94
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 11 May 2023 11:30:17 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=idi&i=8e91fa3c-fec9-41d3-89dd-f62498c9dc94
access-control-allow-origin: *
date: Thu, 11 May 2023 11:30:17 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 6CF0
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sad&i=6177750915998741045

35 B
250 B

97ms
33ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sad&i=6177750915998741045
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 11 May 2023 11:30:17 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=sad&i=6177750915998741045
date: Thu, 11 May 2023 11:30:16 GMT
content-length: 0

GET
H2 200 sync
ads.servenobid.com/ Frame 6CF0 0
358 B 30ms
28ms Image
image/avif 99.81.142.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=309&uid=e_85505070-4616-4c38-813f-8c64a36256f5
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.142.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-142-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H2 200 jquery.cookie.js Show response
unpkg.com/jquery.cookie@1.4.1/ Frame 383F 3 KB
1 KB 27ms
27ms Script
application/javascript 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/jquery.cookie@1.4.1/jquery.cookie.js

Requested by

Host: waaw.ac
URL: https://waaw.ac/player/embed_player.php?vpn=1&vid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waaw.ac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 9164870
last-modified: Sun, 27 Apr 2014 20:04:54 GMT
fly-request-id: 01FT89TVE6JMN2352Z8BTPFPHD
server: cloudflare
etag: W/"c31-MeG8xM+AWiwv7iH0je0eWY9koqg"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c5a16c84bf7926e-FRA

POST
H2 204 csi
csi.gstatic.com/ Frame 1648 0
54 B 271ms
270ms Ping
image/gif 2404:6800:4005:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lhj1sk9j&c=4990421423842&slotId=2495210711921&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:814::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:17 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame ED30 143 B
228 B 15ms
14ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3592985597631507&output=html&h=250&slotname=300x250&adk=1453749305&adf=272530284&pi=t.ma~as.300x250&w=300&lmt=1683804615&url=https%3A%2F%2Fcnvyl.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683804614077&bpp=106&bdt=146&idt=1253&shv=r20230509&mjsv=m202305080101&ptt=5&saldr=sa&cookie=ID%3Db679b9b9d5fda808%3AT%3D1683804613%3AS%3DALNI_MZeYjxUh9DdCdGSGhdSLjb-mdcs-Q&gpic=UID%3D00000bf97ea5ad88%3AT%3D1683804613%3ART%3D1683804613%3AS%3DALNI_MZWK5e_uYbhC-dT_U-D2_xkjB9wTA&correlator=4990421423842&frm=23&ife=4&pv=2&ga_vid=8385485.1683804615&ga_sid=1683804615&ga_hid=2041429385&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1085&ady=393&biw=1600&bih=1200&isw=300&ish=250&ifk=2523646545&scr_x=0&scr_y=0&eid=44759927%2C44773809%2C44759842%2C44759876%2C31074431%2C42531706%2C44788442%2C44789923&oid=2&pvsid=2436963586929940&uas=0&nvt=1&ref=https%3A%2F%2Fwaaw.ac%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.89jh8p6xvey1&fsb=1&dtd=1272
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1236
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 May 2023 11:09:41 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4B49 1 KB
643 B 16ms
16ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15091
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 May 2023 07:18:46 GMT
etag: 48472445140208031
expires: Fri, 12 May 2023 07:18:46 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sync
ads.servenobid.com/ Frame 4831 0
344 B 29ms
28ms Image
image/avif 99.81.142.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=317&uid=6177750915998741045&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.142.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-142-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H2 451 711890.gif
id.rlcdn.com/ Frame 4831 0
98 B 61ms
21ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 genericusersync.ashx
sync.tidaltv.com/ Frame 4831 42 B
197 B 185ms
35ms Image
image/gif 2a05:d018:24:b002:8e7a:96cb:a997:d606
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=

Requested by

Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:24:b002:8e7a:96cb:a997:d606 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 11 May 2023 11:30:17 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 bsync
visitor.omnitagjs.com/visitor/ Frame 4831 0
0 59ms
21ms Image
text/html 185.255.84.152
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partneruserid%3DPARTNER_USER_ID%26gdpr%3DGDPR%26gdpr_consent%3DGDPR_CONSENT&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.255.84.152 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H2

204

v1
match.sharethrough.com/sync/ Frame 4831
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DS...
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=6177750915998741045&gdpr=0&gdpr_consent=

0
361 B

9ms
8ms

Image
text/plain

3.125.250.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=6177750915998741045&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Server: 3.125.250.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-250-234.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT

Redirect headers

location: https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=6177750915998741045&gdpr=0&gdpr_consent=
pragma: no-cache
date: Thu, 11 May 2023 11:30:16 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 200
OK user-sync Show response
sync.adkernel.com/ Frame BB06 0
160 B 47ms
15ms Document
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 0
Cache-Control: no-store
Connection: close
Content-Length: 0
Date: Thu, 11 May 2023 11:30:17 GMT
Pragma: no-cache
Server: nginx

GET
H/1.1 204
No Content e9d4ff858b5e32317e843f5ed11b2659.gif
cs.iqzone.com/ Frame C948 0
0 5215ms
924ms Document
text/plain 8.2.111.13
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.iqzone.com/e9d4ff858b5e32317e843f5ed11b2659.gif?puid=e_85505070-4616-4c38-813f-8c64a36256f5&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diqz
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.2.111.13 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Date: Thu, 11 May 2023 11:30:22 GMT
Server: nginx

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 24B2 16 KB
6 KB 7ms
7ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=45796
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Thu, 11 May 2023 11:30:17 GMT
expires: Fri, 12 May 2023 00:13:33 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame 7B0E 70 B
264 B 94ms
35ms Document
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Thu, 11 May 2023 11:30:17 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame C111
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://usersync.gumgum.com/usersync?b=mmh&i=44c9645c-d1c9-4400-9be2-bf913998f9a9&gdpr=0&gdpr_consent=

35 B
250 B

83ms
32ms

Document
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=mmh&i=44c9645c-d1c9-4400-9be2-bf913998f9a9&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Thu, 11 May 2023 11:30:17 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Thu, 11 May 2023 11:30:17 GMT
Expires: Thu, 11 May 2023 11:30:16 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 851 9bd98ae master cdg-pixel-x25 config_version:"unknown"
location: https://usersync.gumgum.com/usersync?b=mmh&i=44c9645c-d1c9-4400-9be2-bf913998f9a9&gdpr=0&gdpr_consent=

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 8DC2
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZFzRyQAJOUKy_gBL
https://usersync.gumgum.com/usersync?b=atm&i=ZFzRyQAJOUKy_gBL&gdpr=0&gdpr_consent=&_test=ZFzRyQAJOUKy_gBL

35 B
250 B

40ms
35ms

Document
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=atm&i=ZFzRyQAJOUKy_gBL&gdpr=0&gdpr_consent=&_test=ZFzRyQAJOUKy_gBL
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Thu, 11 May 2023 11:30:17 GMT
Expires: 0
Pragma: no-cache

Redirect headers

accept-ranges: bytes
cache-control: no-cache
content-length: 0
date: Thu, 11 May 2023 11:30:17 GMT
location: https://usersync.gumgum.com/usersync?b=atm&i=ZFzRyQAJOUKy_gBL&gdpr=0&gdpr_consent=&_test=ZFzRyQAJOUKy_gBL
pragma: no-cache
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-fra-eddf8230124-FRA
x-timer: S1683804617.187324,VS0,VE0

GET
H2 200 pixel Show response
cm.g.doubleclick.net/ Frame 7503 170 B
243 B 61ms
30ms Document
image/png 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV84NTUwNTA3MC00NjE2LTRjMzgtODEzZi04YzY0YTM2MjU2ZjU=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv

Requested by

Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 170
content-type: image/png
cross-origin-resource-policy: cross-origin
date: Thu, 11 May 2023 11:30:17 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame C385
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://usersync.gumgum.com/usersync?b=sus&i=ZFzRycCo8XUAAHzuVAEAAAAA

35 B
250 B

32ms
32ms

Document
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=sus&i=ZFzRycCo8XUAAHzuVAEAAAAA
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Thu, 11 May 2023 11:30:18 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Cache-Control: private
Connection: keep-alive
Content-Length: 0
Date: Thu, 11 May 2023 11:30:17 GMT
Location: https://usersync.gumgum.com/usersync?b=sus&i=ZFzRycCo8XUAAHzuVAEAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
Server: nginx
X-SO-Ads-Time: 2
X-SO-Cluster-ID: 0
X-SO-HostName: a-ad40183.dc2p.scaleout.jp
X-SO-IP: 178.162.209.136
X-SO-Key: ZFzRycCo8XUAAHzuVAEAAAAA
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZFzRycCo8XUAAHzuVAEAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40183"}
X-SO-LB-Hostname: m-tgng17.dc4p.scaleout.jp
X-SO-Upstream-ID: a-ad40183

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 5128
Redirect Chain

https://cs.admanmedia.com/sync/gumgum?puid=e_85505070-4616-4c38-813f-8c64a36256f5&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
https://usersync.gumgum.com/usersync?b=aad&i=cfa1c989-c1c4-4293-93d5-41ee6b9de28c

35 B
250 B

30ms
29ms

Document
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=aad&i=cfa1c989-c1c4-4293-93d5-41ee6b9de28c
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Thu, 11 May 2023 11:30:17 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Date: Thu, 11 May 2023 11:30:17 GMT
Expires: 0
Location: https://usersync.gumgum.com/usersync?b=aad&i=cfa1c989-c1c4-4293-93d5-41ee6b9de28c
Pragma: no-cache
Server: nginx
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Transfer-Encoding: chunked
X-Frame-Options: DENY

GET
H/1.1 200
OK usermatchredir Show response
ssum-sec.casalemedia.com/ Frame 53F9 43 B
766 B 8ms
7ms Document
image/gif 185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif
Date: Thu, 11 May 2023 11:30:17 GMT
Expires: 0
Keep-Alive: timeout=1, max=498
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 3019
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://creativecdn.com/cm-notify?pi=gumgum&tc=1
https://usersync.gumgum.com/usersync?b=rth&i=B712TKm6GeB0l8YSZZ6K&pi=gumgum&tc=1

35 B
250 B

78ms
32ms

Document
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=rth&i=B712TKm6GeB0l8YSZZ6K&pi=gumgum&tc=1
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Thu, 11 May 2023 11:30:17 GMT
Expires: 0
Pragma: no-cache

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Thu, 11 May 2023 11:30:17 GMT Thu, 11 May 2023 11:30:17 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://usersync.gumgum.com/usersync?b=rth&i=B712TKm6GeB0l8YSZZ6K&pi=gumgum&tc=1
pragma: no-cache

GET
H2

200

usync.html Show response
eus.rubiconproject.com/ Frame ED46
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
https://eus.rubiconproject.com/usync.html?p=gumgum

281 B
410 B

14ms
14ms

Document
text/html

23.2.229.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.2.229.193 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-2-229-193.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 233
content-type: text/html; charset=UTF-8
date: Thu, 11 May 2023 11:30:17 GMT
etag: "403b9-119-5ec73a0a33d00"
last-modified: Wed, 02 Nov 2022 02:30:44 GMT
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 11 May 2023 11:30:17 GMT
location: https://eus.rubiconproject.com/usync.html?p=gumgum
server: AkamaiGHost

POST
H2 204 csi
csi.gstatic.com/ Frame 1F9B 0
54 B 270ms
270ms Ping
image/gif 2404:6800:4005:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lhj1sk85&c=4990421423842&slotId=2495210711921&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:814::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:17 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 2C97 0
54 B 270ms
269ms Ping
image/gif 2404:6800:4005:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lhj1skep&c=4990421423842&slotId=2495210711921&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:814::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:17 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 1B88 0
54 B 272ms
271ms Ping
image/gif 2404:6800:4005:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lhj1skbq&c=4990421423842&slotId=2495210711921&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:814::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:17 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame DB49 0
54 B 271ms
270ms Ping
image/gif 2404:6800:4005:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lhj1sk6w&c=4990421423842&slotId=2495210711921&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:814::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:17 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame E488 0
54 B 270ms
270ms Ping
image/gif 2404:6800:4005:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lhj1skg2&c=4990421423842&slotId=2495210711921&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:814::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:17 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 1E49 0
45 B 271ms
270ms Ping
image/gif 2404:6800:4005:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lhj1skhf&c=4990421423842&slotId=2495210711921&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:814::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:17 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 6ABC 0
54 B 270ms
269ms Ping
image/gif 2404:6800:4005:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lhj1skij&c=4990421423842&slotId=2495210711921&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:814::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:17 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame EC68 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 59009a09122e643cd6faacdb2c5a4882808c282ea3f8debb688ef9890ab498ed

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dmp.infopack.ca37c0ce5289aa663899.js Show response
static1.dmcdn.net/playerv5/ Frame 9A03 54 KB
13 KB 17ms
16ms Script
application/x-javascript 178.79.242.181
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/dmp.infopack.ca37c0ce5289aa663899.js
Requested by: Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xa2et.html?video=x81iuq0&syndicationKey=273773&mute=true&ads_params=main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-181.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: da44646f2878b555f954e40049ebe013b17358c48caa69dc0cb5292e9e1e595e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
content-encoding: gzip
age: 2088425
server-timing: total;dur=0, dc;desc="dc3"
content-length: 13357
last-modified: Fri, 14 Apr 2023 08:16:55 GMT
server: DMS/1.0.42
etag: "64390bf7-d78d"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-llid: 67d8f9467494a60e996ab2889c34327e
expires: Wed, 17 May 2023 07:23:12 GMT

GET
H2 200 dmp.jq_flight.1d9782312a093aadb89f.js Show response
static1.dmcdn.net/playerv5/ Frame 9A03 41 KB
15 KB 33ms
32ms Script
application/x-javascript 178.79.242.181
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/dmp.jq_flight.1d9782312a093aadb89f.js
Requested by: Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xa2et.html?video=x81iuq0&syndicationKey=273773&mute=true&ads_params=main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-181.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: 5e24b61f7ae7a4e552208ab7eb54601da5fd5af5a24a5cf542839398a33a9630

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
content-encoding: gzip
age: 1482896
server-timing: total;dur=0, dc;desc="dc3"
content-length: 14946
last-modified: Fri, 21 Apr 2023 15:43:47 GMT
server: DMS/1.0.42
etag: "6442af33-a5e2"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-llid: 43741e4d79a714cb6049e65f936c86bb
expires: Wed, 24 May 2023 07:35:21 GMT

GET
H2 200 dmp.photon_manifest.529fd40cb9ac7b46995a.js Show response
static1.dmcdn.net/playerv5/ Frame 9A03 4 KB
2 KB 18ms
17ms Script
application/x-javascript 178.79.242.181
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/dmp.photon_manifest.529fd40cb9ac7b46995a.js
Requested by: Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xa2et.html?video=x81iuq0&syndicationKey=273773&mute=true&ads_params=main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-181.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: 28b061905058b158a72cd1956f0ab8f9fefd5769031efa7e9e179f5df75502c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
content-encoding: gzip
age: 83912
server-timing: total;dur=0, dc;desc="dc3"
content-length: 1912
last-modified: Wed, 10 May 2023 12:08:46 GMT
server: DMS/1.0.42
etag: "645b894e-100f"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-llid: 76b0924ebfd25823e0254d508fe37e97
expires: Fri, 09 Jun 2023 12:11:45 GMT

GET
H2 200 dmp.photon_vendor.4581297c3e0fb53a3eb4.js Show response
static1.dmcdn.net/playerv5/ Frame 9A03 336 KB
101 KB 48ms
48ms Script
application/x-javascript 178.79.242.181
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/dmp.photon_vendor.4581297c3e0fb53a3eb4.js
Requested by: Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xa2et.html?video=x81iuq0&syndicationKey=273773&mute=true&ads_params=main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-181.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: dfd8bf00cc57b6f60e742c4465d8f7c2099c71dc9e33d424fc23dc307e491006

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
content-encoding: gzip
age: 2426965
server-timing: total;dur=0, dc;desc="dc3"
content-length: 103454
last-modified: Thu, 13 Apr 2023 09:18:01 GMT
server: DMS/1.0.42
etag: "6437c8c9-53fa4"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-llid: 9c39d11d2a83f63427422fe976afabb6
expires: Sat, 13 May 2023 09:20:52 GMT

GET
H2 200 dmp.photon_boot.624ef8cca1099e095a73.js Show response
static1.dmcdn.net/playerv5/ Frame 9A03 149 KB
35 KB 18ms
17ms Script
application/x-javascript 178.79.242.181
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/dmp.photon_boot.624ef8cca1099e095a73.js
Requested by: Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xa2et.html?video=x81iuq0&syndicationKey=273773&mute=true&ads_params=main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-181.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: f88aa464ecf3027497dace126754601cdf7c47db2779106d4dadff0a47463cd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
content-encoding: gzip
age: 787537
server-timing: total;dur=0, dc;desc="dc3"
content-length: 35615
last-modified: Tue, 02 May 2023 08:23:04 GMT
server: DMS/1.0.42
etag: "6450c868-252f3"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-llid: 1728716dfda25580c5b17eb96b258345
expires: Thu, 01 Jun 2023 08:44:40 GMT

GET
H2 200 dmp.photon_app.983d7cf72c576cd73b9c.js Show response
static1.dmcdn.net/playerv5/ Frame 9A03 475 KB
134 KB 34ms
33ms Script
application/x-javascript 178.79.242.181
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/dmp.photon_app.983d7cf72c576cd73b9c.js
Requested by: Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xa2et.html?video=x81iuq0&syndicationKey=273773&mute=true&ads_params=main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-181.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: 472c6cbba96888170546c60275bbbdc10ce7ce297489deb283d1d4db8a7e5d75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
content-encoding: gzip
age: 100421
server-timing: total;dur=0, dc;desc="dc3"
content-length: 137200
last-modified: Wed, 10 May 2023 07:35:37 GMT
server: DMS/1.0.42
etag: "645b4949-76b37"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-llid: 1eef822b758208967195e8c02b1dfab2
expires: Fri, 09 Jun 2023 07:36:36 GMT

GET
H2 200 dmp.photon_player.10ae2b2d193ea2ccd438.js Show response
static1.dmcdn.net/playerv5/ Frame 9A03 94 KB
28 KB 48ms
48ms Script
application/x-javascript 178.79.242.181
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/dmp.photon_player.10ae2b2d193ea2ccd438.js
Requested by: Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xa2et.html?video=x81iuq0&syndicationKey=273773&mute=true&ads_params=main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-181.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: 4a196b3f9f8d9b123d9f7e1d35a5dd11a4912f2638316916e5bb2a0d43f6ef9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
content-encoding: gzip
age: 787537
server-timing: total;dur=1, dc;desc="dc3"
content-length: 28701
last-modified: Tue, 02 May 2023 08:23:04 GMT
server: DMS/1.0.42
etag: "6450c868-178e1"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-llid: bea11a3c4b02974056317e1ea7972ab3
expires: Thu, 01 Jun 2023 08:44:40 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame B447 0
45 B 270ms
270ms Ping
image/gif 2404:6800:4005:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lhj1skjr&c=4990421423842&slotId=2495210711921&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:814::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:17 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3010 0
45 B 272ms
271ms Ping
image/gif 2404:6800:4005:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lhj1skd5&c=4990421423842&slotId=2495210711921&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:814::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:17 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 3919 284 B
536 B 42ms
9ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 usync.js Show response
eus.rubiconproject.com/ Frame ED46 34 KB
10 KB 14ms
14ms Script
text/html 23.2.229.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.2.229.193 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-2-229-193.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: a3acaa293726b86e502e1c4aeb6b506f7d3a0e95d96d3750236e0b4e9e4cdf5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
content-encoding: gzip
last-modified: Wed, 10 May 2023 22:29:52 GMT
server: Apache/2.2.15 (CentOS)
x-powered-by: PHP/5.3.3
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control: max-age=39580
content-length: 10019
expires: Thu, 11 May 2023 22:29:57 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 16DC 0
54 B 407ms
407ms Ping
image/gif 2404:6800:4005:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lhj1sk5l&c=4990421423842&slotId=2495210711921&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:814::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:17 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ Frame EC68 47 KB
47 KB 14ms
14ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 05:45:28 GMT
x-content-type-options: nosniff
age: 452689
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 05:45:28 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame E576 0
54 B 387ms
386ms Ping
image/gif 2404:6800:4005:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lhj1skl5&c=4990421423842&slotId=2495210711921&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:814::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:17 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 06D3 0
54 B 367ms
367ms Ping
image/gif 2404:6800:4005:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lhj1sk1w&c=4990421423842&slotId=2495210711921&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:814::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:17 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame FE98 0
54 B 345ms
345ms Ping
image/gif 2404:6800:4005:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lhj1sk37&c=4990421423842&slotId=2495210711921&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:814::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:17 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 d_check.js Show response
waaw.ac/js/ Frame 383F 3 KB
1 KB 15ms
15ms Script
application/javascript 190.115.19.71
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://waaw.ac/js/d_check.js?34
Requested by: Host: waaw.ac
URL: https://waaw.ac/player/embed_player.php?vpn=1&vid=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: Google Frontend /
Resource Hash: 2a750a5c4cd53d770d99cfd648aab9587e12c2fe9e2f6d0a52b699d2e88e5615

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waaw.ac/player/embed_player.php?vpn=1&vid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: cache
date: Thu, 11 May 2023 11:30:17 GMT
content-encoding: gzip
x-cache-status-inferno-s: HIT
last-modified: Thu, 27 Feb 2020 14:57:53 GMT
server: Google Frontend
etag: W/"5e57d8f1-d8a"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials: true
x-inferno-location: static
accessing-static: 1

POST
H2 204 csi
csi.gstatic.com/ Frame 16DC 0
54 B 317ms
317ms Ping
image/gif 2404:6800:4005:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lhj1sloj&c=4990421423842&slotId=2495210711921&ghmsh_eids=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:814::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:17 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame E936 0
54 B 316ms
315ms Ping
image/gif 2404:6800:4005:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lhj1sk4e&c=4990421423842&slotId=2495210711921&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:814::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:17 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame DB49 0
54 B 308ms
308ms Ping
image/gif 2404:6800:4005:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lhj1slmr&c=4990421423842&slotId=2495210711921&ghmsh_eids=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:814::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:17 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dmp.locale-en-US.392361d874e0355190a5.json Show response
static1.dmcdn.net/playerv5/ Frame 9A03 2 KB
941 B 37ms
12ms XHR
application/json 178.79.242.181
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/dmp.locale-en-US.392361d874e0355190a5.json
Requested by: Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xa2et.html?video=x81iuq0&syndicationKey=273773&mute=true&ads_params=main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-181.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: c8d7ace64894d227e9a65ae13f7fffa8feac2de602f7271e2b6b5c0c0f1e4823

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
content-encoding: gzip
age: 600747
server-timing: total;dur=0, dc;desc="dc3"
content-length: 613
last-modified: Thu, 04 May 2023 12:28:29 GMT
server: DMS/1.0.42
etag: "6453a4ed-822"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-llid: 573c0169dc5d460085231084e9c763b6
expires: Sat, 03 Jun 2023 12:37:50 GMT

POST
H/1.1 200
OK / Show response
pebed.dm-event.net/ Frame 9A03 15 B
363 B 82ms
20ms XHR
application/json 188.65.124.59
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL: https://pebed.dm-event.net/
Requested by: Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xa2et.html?video=x81iuq0&syndicationKey=273773&mute=true&ads_params=main
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.65.124.59 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS: ebed2.dm.gg
Software: edward-ed/2.2.1 /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer: https://geo.dailymotion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

Date: Thu, 11 May 2023 11:30:17 GMT
Server: edward-ed/2.2.1
Access-Control-Max-Age: 604800
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length: 15

POST
H2 204 csi
csi.gstatic.com/ Frame 1F9B 0
54 B 300ms
300ms Ping
image/gif 2404:6800:4005:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lhj1slmi&c=4990421423842&slotId=2495210711921&ghmsh_eids=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:814::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:17 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 4B49 35 B
463 B 30ms
8ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMyb9Kq0D_2IupyyMfG0eBU&google_cver=1&google_push=ATf1kGN-CM-I3R00-E_dercclHxo80MN8uF8S0OR_UuopQ0CQ5rDR5Qbd1nKrYACoirNYa19ojUcLUO8VMs2ubjvoni6vAirBVmpGNuWiDEY66mdLDj0l7Sfyy9Fxj5htCgm-i7SLo9bDQtFjTwRUDk7EBNK

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:17 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 4B49 43 B
363 B 67ms
15ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEAu5WQozWoht2WtJNZ82BIk&google_cver=1&google_push=ATf1kGOZs9udUseUAzRt8AFKUa0FheV1tkwi3AKYNlHdNaK1Rg8-EreUQgxSkmgWwBkBiIM_ClwASs7GrPTfQ9MC-wssShhuMCjDJfFhkyC4FEw_RkoK24xKwhHG-3xPjdyppFhMyGYkQ1V2RyT4wDwxEZM

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:16 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 221333
expires: Thu, 11 May 2023 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 4B49 43 B
350 B 73ms
21ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEAXmBMdC5a7KBFstWiIQFxI&google_cver=1&google_push=ATf1kGNWadjvEZ26MniHGu63rKh0KzJ9MuhkWUUElMnD82pGhnw_rNRrM37xcFvLfQA9ve1VJtNVc5ekhD1c6p7Z3hWFb3vSG-fsW8L0K1sWxuAc0u7Nxs6y8pQIqAjc2fDlpy0aMjwpcBuA2pV-GwV5CsH0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3592985597631507&output=html&h=250&slotname=300x250&adk=1453749305&adf=272530284&pi=t.ma~as.300x250&w=300&lmt=1683804615&url=https%3A%2F%2Fcnvyl.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683804614077&bpp=106&bdt=146&idt=1253&shv=r20230509&mjsv=m202305080101&ptt=5&saldr=sa&cookie=ID%3Db679b9b9d5fda808%3AT%3D1683804613%3AS%3DALNI_MZeYjxUh9DdCdGSGhdSLjb-mdcs-Q&gpic=UID%3D00000bf97ea5ad88%3AT%3D1683804613%3ART%3D1683804613%3AS%3DALNI_MZWK5e_uYbhC-dT_U-D2_xkjB9wTA&correlator=4990421423842&frm=23&ife=4&pv=2&ga_vid=8385485.1683804615&ga_sid=1683804615&ga_hid=2041429385&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1085&ady=393&biw=1600&bih=1200&isw=300&ish=250&ifk=2523646545&scr_x=0&scr_y=0&eid=44759927%2C44773809%2C44759842%2C44759876%2C31074431%2C42531706%2C44788442%2C44789923&oid=2&pvsid=2436963586929940&uas=0&nvt=1&ref=https%3A%2F%2Fwaaw.ac%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.89jh8p6xvey1&fsb=1&dtd=1272
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:16 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: fmk42ntka7penm45121ki3p5pt7is057

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4B49
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDZzjQr7dzgM-Jei_gBZFOA&google_cver=1&google_push=ATf1kGOIaWr0KUV43C9CVSH6Nexrk73owavPtFj1ov2CYmKVZ_Aurywe1NkO00oY_850fefWf9S...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhKMVNMU04tMy1FN05N&google_push=ATf1kGOIaWr0KUV43C9CVSH6Nexrk73owavPtFj1ov2CYmKVZ_Aurywe1NkO00oY_850fefWf9SwzffYjy7Qmn_y-wGWS7Y9zK97nk8iX...

170 B
188 B

27ms
26ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhKMVNMU04tMy1FN05N&google_push=ATf1kGOIaWr0KUV43C9CVSH6Nexrk73owavPtFj1ov2CYmKVZ_Aurywe1NkO00oY_850fefWf9SwzffYjy7Qmn_y-wGWS7Y9zK97nk8iXixYdm40AStqcP-E7iyKFEzu3u8fe5kPA12wI1e0dTERyRlN9kVA

Requested by

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhKMVNMU04tMy1FN05N&google_push=ATf1kGOIaWr0KUV43C9CVSH6Nexrk73owavPtFj1ov2CYmKVZ_Aurywe1NkO00oY_850fefWf9SwzffYjy7Qmn_y-wGWS7Y9zK97nk8iXixYdm40AStqcP-E7iyKFEzu3u8fe5kPA12wI1e0dTERyRlN9kVA
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4B49
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOxTxwpHyyqyFhgqXN--YQs&google_cver=1&google_push=ATf1kGPHFwe_L-tOyw3a3aGUmUEAz_3Gc04bM1XVHPaKFLFphGYdlAtpRNUdEe0J32xznhQXNXejylqgndy0pHVUX...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPHFwe_L-tOyw3a3aGUmUEAz_3Gc04bM1XVHPaKFLFphGYdlAtpRNUdEe0J32xznhQXNXejylqgndy0pHVUXDYKv5MmVp1MV-vkGsFj1CalUpugC7d9w4ILCmdHG3zg8...

170 B
188 B

25ms
25ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPHFwe_L-tOyw3a3aGUmUEAz_3Gc04bM1XVHPaKFLFphGYdlAtpRNUdEe0J32xznhQXNXejylqgndy0pHVUXDYKv5MmVp1MV-vkGsFj1CalUpugC7d9w4ILCmdHG3zg802WyPC0FPuQehmp7yADpBG3&google_hm=GoJyARZH6Xn4BzGtRpyo-naX

Requested by

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 11 May 2023 11:30:17 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPHFwe_L-tOyw3a3aGUmUEAz_3Gc04bM1XVHPaKFLFphGYdlAtpRNUdEe0J32xznhQXNXejylqgndy0pHVUXDYKv5MmVp1MV-vkGsFj1CalUpugC7d9w4ILCmdHG3zg802WyPC0FPuQehmp7yADpBG3&google_hm=GoJyARZH6Xn4BzGtRpyo-naX
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 4B49
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEFC9HfWVyiC4KBIBm-R8_RE&google_cver=1&google_push=ATf1kGMA3bk1rYPSEtf4HX5AGEoJmRcX5VuxpTM723DbwTpD0qnvEG03Zof6a0R08XhzCZTYRI7GAlIPCnt...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGMA3bk1rYPSEtf4HX5AGEoJmRcX5VuxpTM723DbwTpD0qnvEG03Zof6a0R08XhzCZTYRI7GAlIPCntU1NlICcQw_3IrZJgWUus4BAaSOX7nUmDhRyH-...
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

17ms
17ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Protocol

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 4B49 0
50 B 22ms
21ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KHnMpK47fskoajiCJffAmWnXb4a8gdwCNL-UOWRgnZAiMpoPBP-VZBUfMu383FHgU

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 60CA 0
0 51ms
50ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss1nGM_RAX7sECvC0qv9Reu08_l2rZhmRw9HNsFlplDH36CzTyC4qh_ELoWZITGMJ8STjS3sPiDtZpoj1nie3rWjsm52jYB_khMNJjHi2ybROQA0FsJro9oO1mA4CTQmaApB-5hboZN4DmFe5E0VPhLbnDYnh2ChEuvUNCBtjR6HF1IWWdkorWwt_5CNwQ92i56GykIae1gRb5bjeXDP2l6nq2YpeMvVIMhua_TgeauuNwtAmlpFxk4G5F375RSuEJCGBBFIh2en6UQ23brOx1sL0wC7Z5qnV_nkXK6SyXV1PqKtKq7Qeq3mnlwslX5Po2VlpZAOukLMWzRTheQ3qtES6Mk_KEmQCr0XdZ_kZko&sai=AMfl-YSjOD6pLg7Nsdh1Q1cLuHyUap9SwDU39hhfHzmvsd_AKoIRmT9pEGs_a07NUzwaBbmjq9rummGvnQl-UuMghZQ96aQgSmUiASz_uQ96PW63qzaHNUBW0EI91YwiLcg&sig=Cg0ArKJSzMJJFQcK8k3VEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 11 May 2023 11:30:17 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 60CA 14 KB
11 KB 94ms
65ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230509&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

139b68f0b594ef509d745f252439b9a7ad32b08246aae0407be8d5c263a4a9b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11169
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 1648 0
54 B 285ms
285ms Ping
image/gif 2404:6800:4005:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lhj1sllj&c=4990421423842&slotId=2495210711921&ghmsh_eids=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:814::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:17 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vendor-list.json Show response
vendorlist.dmcdn.net/v2/ Frame 9A03 411 KB
55 KB 20ms
12ms XHR
application/json 178.79.242.181
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://vendorlist.dmcdn.net/v2/vendor-list.json
Requested by: Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.infopack.ca37c0ce5289aa663899.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-181.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 2f3f92b898007fa184091343a98862313143266c57a0ba8448eccc46c5ca767d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: dquVE7.7dEVbiep_nAQjjLdyPja.PEBn
content-encoding: gzip
via: 1.1 d6ca02594f64feaa0041e70bddff61ee.cloudfront.net (CloudFront)
date: Thu, 11 May 2023 11:30:17 GMT
x-amz-cf-pop: CDG53-C1
age: 588007
x-amz-server-side-encryption: AES256
content-length: 55459
last-modified: Thu, 04 May 2023 16:05:26 GMT
server: AmazonS3
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
x-ip-address: 178.79.244.132
x-amz-cf-id: 7aVkmeNYoPf4XDgYt17jnrMz_uu2RUlgB30GKvQsAAUh-Xl2UeNTRA==
x-llid: 74b7ceb452aa12e0ee235604d7a5cd70
expires: Thu, 11 May 2023 16:10:10 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 1B88 0
54 B 308ms
306ms Ping
image/gif 2404:6800:4005:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lhj1slmo&c=4990421423842&slotId=2495210711921&ghmsh_eids=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:814::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:17 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3010 0
54 B 298ms
297ms Ping
image/gif 2404:6800:4005:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lhj1slnt&c=4990421423842&slotId=2495210711921&ghmsh_eids=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:814::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:17 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 resolve Show response
dns.google/ Frame 383F 286 B
308 B 19ms
18ms Fetch
application/json 2001:4860:4860::8844
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dns.google/resolve?name=136.209.162.178.in-addr.arpa&type=PTR&cd=true

Requested by

Host: waaw.ac
URL: https://waaw.ac/player/embed_player.php?vpn=1&vid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4860::8844 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

375cdb329d0ab2549c3d3d8bb534ce664e2cb59f71a59a7d9a1c004549b2593e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waaw.ac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 11 May 2023 11:30:17 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=1347
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 199
x-xss-protection: 0
expires: Thu, 11 May 2023 11:30:17 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame ED46 284 B
536 B 11ms
11ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

POST
H2 204 csi
csi.gstatic.com/ Frame 2C97 0
54 B 284ms
284ms Ping
image/gif 2404:6800:4005:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lhj1slml&c=4990421423842&slotId=2495210711921&ghmsh_eids=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:814::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:17 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 3919 0
239 B 425ms
97ms Image
image/gif 8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e1bf03b8e0c0366715a8d9abd31b9f35
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

POST
H2 204 csi
csi.gstatic.com/ Frame E488 0
54 B 277ms
276ms Ping
image/gif 2404:6800:4005:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lhj1slmu&c=4990421423842&slotId=2495210711921&ghmsh_eids=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:814::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:17 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame ED30
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

30ms
30ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 May 2023 11:30:17 GMT
expires: Thu, 11 May 2023 11:30:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 May 2023 11:30:17 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 1E49 0
45 B 273ms
273ms Ping
image/gif 2404:6800:4005:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lhj1slmz&c=4990421423842&slotId=2495210711921&ghmsh_eids=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:814::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:17 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK x81iuq0 Show response
www.dailymotion.com/player/metadata/video/ Frame 9A03 11 KB
7 KB 209ms
174ms XHR
application/json 188.65.124.90
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dailymotion.com/player/metadata/video/x81iuq0?embedder=https%3A%2F%2Fcnvyl.katerionews.com%2F&geo=1&player-id=xa2et&syndicationKey=273773&locale=en-US&dmV1st=65005734-b7b9-4444-b65f-ead7bd6c8989&dmTs=740572&is_native_app=0&dmSharingUrlLocation=https%3A%2F%2Fcnvyl.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b

Requested by

Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xa2et.html?video=x81iuq0&syndicationKey=273773&mute=true&ads_params=main

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

188.65.124.90 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

Software

DMS/1.0.42 /

Resource Hash

358a00367adbfbe1898fca5abfe8c160039a63cd00d9e7fccc7354f88e1d9301

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31708800; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Security-Policy: upgrade-insecure-requests
Content-Encoding: gzip
Date: Thu, 11 May 2023 11:30:17 GMT
Strict-Transport-Security: max-age=31708800; includeSubDomains; preload
Content-Security-Policy-Report-Only: default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Server-Timing: total;dur=156, dc;desc="dc3"
Content-Length: 5938
Referrer-Policy: strict-origin-when-cross-origin
Server: DMS/1.0.42
Expect-Ct: max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Vary: X-DM-SSL,Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://geo.dailymotion.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Authorization

GET
H3 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 9A03 360 KB
120 KB 65ms
65ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xa2et.html?video=x81iuq0&syndicationKey=273773&mute=true&ads_params=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f826765655e6a3e039bda8ec43370f2c9247a931e3e33129175e48ca0690b1e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122883
x-xss-protection: 0
expires: Thu, 11 May 2023 11:30:17 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 6ABC 0
54 B 270ms
269ms Ping
image/gif 2404:6800:4005:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lhj1sln5&c=4990421423842&slotId=2495210711921&ghmsh_eids=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:814::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:17 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame B447 0
54 B 271ms
269ms Ping
image/gif 2404:6800:4005:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lhj1slnl&c=4990421423842&slotId=2495210711921&ghmsh_eids=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:814::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:17 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame E576 0
54 B 271ms
270ms Ping
image/gif 2404:6800:4005:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lhj1slp3&c=4990421423842&slotId=2495210711921&ghmsh_eids=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:814::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:17 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 embed.211.js Show response
waaw.ac/js/ Frame 383F 167 KB
46 KB 17ms
16ms Script
application/javascript 190.115.19.71
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://waaw.ac/js/embed.211.js?736
Requested by: Host: waaw.ac
URL: https://waaw.ac/player/embed_player.php?vpn=1&vid=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: Google Frontend /
Resource Hash: 1d85956e60f098d0e36bd9c3e3457ea595d083561c95edf8ddffb37a577dcb55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waaw.ac/player/embed_player.php?vpn=1&vid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: cache
date: Thu, 11 May 2023 11:30:17 GMT
content-encoding: gzip
x-cache-status-inferno-s: HIT
last-modified: Sat, 29 Apr 2023 15:48:32 GMT
server: Google Frontend
etag: W/"644d3c50-29c06"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials: true
x-inferno-location: static
accessing-static: 1

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 60CA 17 KB
6 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 May 2023 11:30:17 GMT

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 3919
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=WDRYQABuRxG0t_AwlXuqxw&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=WDRYQABuRxG0t_AwlXuqxw

43 B
479 B

37ms
37ms

Image
image/gif

52.95.126.160
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=WDRYQABuRxG0t_AwlXuqxw

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

Protocol

HTTP/1.1

Server

52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 May 2023 11:30:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: BJMDYC6Z33DRCJ2PC04H
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=WDRYQABuRxG0t_AwlXuqxw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3919
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=

170 B
188 B

26ms
26ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ingress-03-pub-prod-ix7.vip.dailymotion.com

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 3919 70 B
264 B 36ms
34ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 11 May 2023 11:30:17 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 3919
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAf4RUTHAif-UeETTOV-9rs&google_cver=1

0
239 B

15ms
9ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAf4RUTHAif-UeETTOV-9rs&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAf4RUTHAif-UeETTOV-9rs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

current
rubicon-match.dotomi.com/match/bounce/ Frame 3919
Redirect Chain

https://token.rubiconproject.com/token?pid=2046&pt=n&a=1
https://rubicon-match.dotomi.com/match/bounce/current?networkId=12783&version=1&nuid=KbmSfgou5Moi5HBA2CTzJYXsnMZhMiGdLdsvN9R-tmQ

0
104 B

80ms
23ms

Image
text/plain

2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rubicon-match.dotomi.com/match/bounce/current?networkId=12783&version=1&nuid=KbmSfgou5Moi5HBA2CTzJYXsnMZhMiGdLdsvN9R-tmQ
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol: H2
Server: 2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:17 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

Redirect headers

Location: https://rubicon-match.dotomi.com/match/bounce/current?networkId=12783&version=1&nuid=KbmSfgou5Moi5HBA2CTzJYXsnMZhMiGdLdsvN9R-tmQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 3919 0
187 B 52ms
11ms Image
text/plain 98.98.134.243
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Thu, 11 May 2023 11:30:16 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 3919
Redirect Chain

https://secure.adnxs.com/getuidnb?https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4894%26nid%3D1986%26put%3D$UID%26expires%3D30
https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=4201403600601124566&expires=30

0
239 B

8ms
8ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=4201403600601124566&expires=30
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Date: Thu, 11 May 2023 11:30:17 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.136; 178.162.209.136; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: cf673694-60e5-468d-8d70-54cd460ef31e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=4201403600601124566&expires=30
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 451 709414.gif
id.rlcdn.com/ Frame 3919 0
42 B 22ms
21ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST track
track1.aniview.com/ Frame 7776 0
0

GET
H2 200 popunder.js Show response
waaw.ac/ad/api/ Frame 383F 21 B
366 B 15ms
15ms Script
application/javascript 190.115.19.71
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://waaw.ac/ad/api/popunder.js
Requested by: Host: waaw.ac
URL: https://waaw.ac/player/embed_player.php?vpn=1&vid=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: Google Frontend /
Resource Hash: a499068cf858aa2cd9b077e2e354b6bf8435eaa8e44c2047f403c7283031977f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waaw.ac/player/embed_player.php?vpn=1&vid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: cache
date: Thu, 11 May 2023 11:30:17 GMT
x-cache-status-inferno-s: HIT
last-modified: Wed, 15 Sep 2021 14:06:22 GMT
server: Google Frontend
etag: "6141fdde-15"
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 21
x-inferno-location: static
accessing-static: 1

POST
H2 200 error.php
prebid.smilewanted.com/track/analytics/ 0
109 B 28ms
28ms Ping
text/html 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/track/analytics/error.php?id_site=22469&id_format=24&id_device=1&code_partner=smilewanted&error_json=%7B%22type%22%3A%22adPlayError%22%2C%22errorCode%22%3A901%2C%22errorMessage%22%3A%22An%20unexpected%20error%20occurred%20within%20the%20VPAID%20creative.%20Refer%20to%20the%20inner%20error%20for%20more%20info.%22%2C%22innerError%22%3A%22Error%3A%20No%20Ad%22%7D&config_json=%7B%22site_id%22%3A22469%2C%22device_id%22%3A1%2C%22domaine%22%3A%22katerionews_com_27f21a7%22%2C%22format%22%3A%22corner-video%22%2C%22format_stats%22%3A%22corner_video%22%2C%22diff_jw%22%3Atrue%2C%22capping_type%22%3A%22jour%22%2C%22contenu%22%3Atrue%2C%22contenu_type%22%3A%22hosted_sw%22%2C%22close%22%3Atrue%2C%22close_type%22%3A%22percent%22%2C%22close_val%22%3A90%2C%22sound_hover%22%3Afalse%2C%22tags_vast%22%3A%5B%22https%3A%2F%2Fsearch.spotxchange.com%2Fvast%2F2.00%2F271231%3FVPAID%3DJS%26content_page_url%3Dhttps%3A%2F%2Fcnvyl.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b%26cb%3D__timestamp__%26VMaxd%3D120%26custom_skin%3D1%26player_width%3D640%26player_height%3D480%26custom%5Bvd%5D%3D0%26schain%3D1.0%2C1!smilewanted.com%2C4192%2C1%2C%2Cpurifydigital.com%2Cpurifydigital.com%2C%22%2C%22https%3A%2F%2Fvast.aniview.com%2Fapi%2Fadserver61%2Fvast%2F%3FAV_PUBLISHERID%3D5ef4bc022e79664d2b473869%26AV_CHANNELID%3D5fd512d6c22e4d461a608c85%26logo%3Dfalse%26vastretry%3D3%26AV_URL%3Dhttps%3A%2F%2Fcnvyl.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b%26cb%3D__timestamp__%26AV_GDPR%3D1%26AV_CONSENT%3Dundefined%26AV_CUSTOM1%3D594147%26AV_CUSTOM2%3D1819404%26AV_CUSTOM3%3D0%26AV_CUSTOM4%3D0%26AV_CUSTOM5%3D0%26AV_CUSTOM6%3D0%26AV_CUSTOM7%3D271231%26AV_CUSTOM8%3D0%26AV_CUSTOM9%3Dinstream_sans_algo%26AV_CUSTOM10%3D1.0%252C1%2521smilewanted.com%252C4192%252C1%252C%252Cpurifydigital.com%252Cpurifydigital.com%252C%22%5D%2C%22dm_nb_video%22%3A1%2C%22nb_dm_videos%22%3A3%2C%22passback%22%3A%22%22%2C%22capping_num%22%3A0%2C%22dm_videos_ids%22%3A%5B%22x81iuq0%22%2C%22x7yinbp%22%2C%22x7xly5v%22%2C%22x84026m%22%2C%22x86t4da%22%2C%22x7y4j2k%22%2C%22x7wj119%22%2C%22x85sfe6%22%2C%22x80idv5%22%2C%22x7zjhqt%22%5D%2C%22timeout_jw%22%3A10%2C%22timeout_dm%22%3A3000%2C%22timeout_pb%22%3A12000%2C%22contenu_src%22%3A%22https%3A%2F%2Fstatic.smilewanted.com%2Fvideo%2F2019%2F06%2F06%2F5118.mp4%22%2C%22r%22%3Atrue%2C%22nb_i_d%22%3A2%2C%22nb_m_c%22%3A3%2C%22c_c%22%3Afalse%2C%22config_hb%22%3A%5B%5D%7D
Requested by: Host: tags.smilewanted.com
URL: https://tags.smilewanted.com/formats/config_formats/corner-video-ima/katerionews_com_27f21a7/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cnvyl.katerionews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryxSwCfOAzCiTtXW9w

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cnvyl.katerionews.com, https://cnvyl.katerionews.com
access-control-allow-credentials: true, true
cf-ray: 7c5a16cb9f8c362b-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With, Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6728 13 KB
5 KB 14ms
13ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cnvyl.katerionews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5170
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 May 2023 10:04:07 GMT
expires: Fri, 10 May 2024 10:04:07 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B1D0 783 B
536 B 24ms
23ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2ecf629bde9604467fb462e396412a6a571066e13d003d1c8f776854dc94db3c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GKfuSy67W65_FfoKKDon3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cnvyl.katerionews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-GKfuSy67W65_FfoKKDon3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 11 May 2023 11:30:17 GMT
expires: Thu, 11 May 2023 11:30:17 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 embed_player.3.css
waaw.ac/styles/global/ Frame 383F 6 KB
2 KB 18ms
17ms Stylesheet
text/css 190.115.19.71
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://waaw.ac/styles/global/embed_player.3.css?130
Requested by: Host: waaw.ac
URL: https://waaw.ac/player/embed_player.php?vpn=1&vid=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: Google Frontend /
Resource Hash: e2f1967bd0ff37182a4c0d4af0ae9cb04cdcbd189cec906bc2e2d9e0a36209e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waaw.ac/player/embed_player.php?vpn=1&vid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: cache
date: Thu, 11 May 2023 11:30:17 GMT
content-encoding: gzip
x-cache-status-inferno-s: HIT
last-modified: Wed, 09 Dec 2020 22:16:37 GMT
server: Google Frontend
etag: W/"5fd14cc5-1701"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials: true
x-inferno-location: static
accessing-static: 1

GET
H2 200 dmp.omweb.cdfef7829ffd9944e2f5.js Show response
static1.dmcdn.net/playerv5/ Frame 9A03 38 KB
13 KB 17ms
16ms Script
application/x-javascript 178.79.242.181
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/dmp.omweb.cdfef7829ffd9944e2f5.js
Requested by: Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.photon_manifest.529fd40cb9ac7b46995a.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-181.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: cf9975742e815c4d3f5c33d9c18f09681b2ed299025ed022973ff91a18e9fec6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
content-encoding: gzip
age: 1805111
server-timing: total;dur=1, dc;desc="dc3"
content-length: 13218
last-modified: Wed, 19 Apr 2023 13:40:00 GMT
server: DMS/1.0.42
etag: "643fef30-9633"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-llid: 026e37fdb539363703acbe547a8bdde6
expires: Sat, 20 May 2023 14:05:06 GMT

GET
H2 200 dmp.omid_session_client.63164f6b3825d0575556.js Show response
static1.dmcdn.net/playerv5/ Frame 9A03 61 KB
12 KB 17ms
17ms Script
application/x-javascript 178.79.242.181
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/dmp.omid_session_client.63164f6b3825d0575556.js
Requested by: Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.photon_manifest.529fd40cb9ac7b46995a.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-181.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: c8a2e26051508d58bf9fd678d53238d1274420fa683ceb393d1c41b8df65abb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
content-encoding: gzip
age: 2198108
server-timing: total;dur=1, dc;desc="dc3"
content-length: 12086
last-modified: Thu, 13 Apr 2023 13:38:03 GMT
server: DMS/1.0.42
etag: "643805bb-f43f"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-llid: e54a2ffa70f43b0617a1af62d00880ec
expires: Tue, 16 May 2023 00:55:09 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 9A03 4 KB
2 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.photon_app.983d7cf72c576cd73b9c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 May 2023 11:30:17 GMT

GET
H/1.1 200
OK latencies.js Show response
speedtest.dailymotion.com/ Frame 9A03 7 KB
2 KB 68ms
15ms Script
application/javascript 188.65.124.91
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL: https://speedtest.dailymotion.com/latencies.js
Requested by: Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.photon_app.983d7cf72c576cd73b9c.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.65.124.91 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS: st.dc3.dailymotion.com
Software: /
Resource Hash: 72b2181e58d5c45800d66d36702794ca5ae5bf1fbc20f106442b7eac3191a623

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Thu, 11 May 2023 11:30:17 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Sep 2020 07:44:45 GMT
Content-Type: application/javascript
Cache-Control: max-age=21600, public
Accept-Ranges: bytes
Content-Length: 2041
Expires: Thu, 11 May 2023 17:30:17 GMT

GET
H2 200 ABCFavoritRegular.606eba755d8de32177c321d7c0801e64.woff2
static1.dmcdn.net/playerv5/fonts/ Frame 9A03 49 KB
49 KB 13ms
12ms Font
application/octet-stream 178.79.242.181
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/fonts/ABCFavoritRegular.606eba755d8de32177c321d7c0801e64.woff2
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-181.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: cae765e89c38588186de4b36811acb8e873a674a2ca9223dca8fb391a012082b

Request headers

Referer: https://geo.dailymotion.com/
Origin: https://geo.dailymotion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
last-modified: Wed, 26 Apr 2023 08:40:03 GMT
server: DMS/1.0.42
age: 1306010
etag: "6448e363-c320"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000
server-timing: total;dur=0, dc;desc="dc3"
accept-ranges: bytes
timing-allow-origin: *
content-length: 49952
x-llid: ec2837d9ad30de8ab1d638e3394a6eca
expires: Fri, 26 May 2023 08:43:27 GMT

GET
H3 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 9C8C 360 KB
120 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.photon_app.983d7cf72c576cd73b9c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f826765655e6a3e039bda8ec43370f2c9247a931e3e33129175e48ca0690b1e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122883
x-xss-protection: 0
expires: Thu, 11 May 2023 11:30:17 GMT

POST
H/1.1 200
OK / Show response
pebed.dm-event.net/ Frame 9A03 15 B
363 B 19ms
18ms XHR
application/json 188.65.124.59
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL: https://pebed.dm-event.net/
Requested by: Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.photon_vendor.4581297c3e0fb53a3eb4.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.65.124.59 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS: ebed2.dm.gg
Software: edward-ed/2.2.1 /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Accept: application/json, text/plain, */*
Referer: https://geo.dailymotion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

Date: Thu, 11 May 2023 11:30:17 GMT
Server: edward-ed/2.2.1
Access-Control-Max-Age: 604800
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length: 15

GET
H2 200 script-2.12.5.js Show response
waaw.ac/js/ Frame 383F 19 KB
5 KB 16ms
15ms Script
application/javascript 190.115.19.71
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://waaw.ac/js/script-2.12.5.js
Requested by: Host: waaw.ac
URL: https://waaw.ac/js/embed.211.js?736
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: Google Frontend /
Resource Hash: 5776d146edfa1de32f5c74f409ced004eac80e4f8e2b981ab44dfd46ebba1712

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waaw.ac/player/embed_player.php?vpn=1&vid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: cache
date: Thu, 11 May 2023 11:30:17 GMT
content-encoding: gzip
x-cache-status-inferno-s: HIT
last-modified: Tue, 01 Dec 2020 19:28:37 GMT
server: Google Frontend
etag: W/"5fc69965-4cb8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials: true
x-inferno-location: static
accessing-static: 1

GET
H2 404 trace Show response
waaw.ac/cdn-cgi/ Frame 383F 548 B
337 B 29ms
29ms XHR
text/html 190.115.19.71
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://waaw.ac/cdn-cgi/trace
Requested by: Host: unpkg.com
URL: https://unpkg.com/jquery@2.2.4/dist/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: Google Frontend /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Accept: */*
Referer: https://waaw.ac/player/embed_player.php?vpn=1&vid=1
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
content-encoding: gzip
server: Google Frontend
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
x-cache-status-inferno: MISS
x-origin-location: /
x-inferno-location: /

GET
H2 200 segment.css
waaw.ac/styles/global/ Frame 383F 616 B
654 B 16ms
16ms Stylesheet
text/css 190.115.19.71
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://waaw.ac/styles/global/segment.css?11
Requested by: Host: waaw.ac
URL: https://waaw.ac/player/embed_player.php?vpn=1&vid=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: Google Frontend /
Resource Hash: 889727ca9e58ccddfc9c0df7031ea9b5fd19b42a15286cc5c380eef5bea350ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waaw.ac/player/embed_player.php?vpn=1&vid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: cache
date: Thu, 11 May 2023 11:30:17 GMT
content-encoding: gzip
x-cache-status-inferno-s: HIT
last-modified: Sun, 17 Mar 2019 16:12:54 GMT
server: Google Frontend
etag: W/"5c8e7206-268"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials: true
x-inferno-location: static
accessing-static: 1

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B1D0 0
0 51ms
50ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230509&jk=2436963586929940&rc=
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 200 P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js Show response
pagead2.googlesyndication.com/bg/ Frame 6728 37 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f9f8b52529681e544fbc3f8adcaa0841fb3e9b96904c64e34937b264243bfd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 08 May 2023 23:41:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 215322
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14670
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 May 2024 23:41:35 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/113/ Frame 9A03 51 KB
15 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/113/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a54e29a4b1f0cdf4f5cb2e77963987ff5051d96515bf7ee4cf0a17a28756539

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 05:26:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21814
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15228
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 15:06:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 12 May 2023 05:26:43 GMT

GET
H2 200 embed_menu.css
waaw.ac/styles/cbv2new/theme/ Frame 383F 10 KB
3 KB 16ms
16ms Stylesheet
text/css 190.115.19.71
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://waaw.ac/styles/cbv2new/theme/embed_menu.css?21
Requested by: Host: waaw.ac
URL: https://waaw.ac/player/embed_player.php?vpn=1&vid=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: Google Frontend /
Resource Hash: 45bc2ebb82341b0beb20bf20f0318c5f520e782e2c23da5280d26ab94e046013

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waaw.ac/player/embed_player.php?vpn=1&vid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: cache
date: Thu, 11 May 2023 11:30:17 GMT
content-encoding: gzip
x-cache-status-inferno-s: HIT
last-modified: Wed, 02 Dec 2020 01:21:09 GMT
server: Google Frontend
etag: W/"5fc6ec05-26c0"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials: true
x-inferno-location: static
accessing-static: 1

GET
H3 200 css
fonts.googleapis.com/ Frame 383F 5 KB
701 B 24ms
23ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,300&subset=latin,cyrillic

Requested by

Host: waaw.ac
URL: https://waaw.ac/styles/cbv2new/theme/embed_menu.css?21

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

785b3c6cc775a90a0c69c4ca9228dce8d19e91fdbea991ce3ed438f3e77e38c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waaw.ac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 11 May 2023 11:30:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 11 May 2023 10:38:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 May 2023 11:30:17 GMT

POST
H3 204 trackv4 Show response
track-selectmedia.com/ 0
17 B 151ms
151ms XHR
application/json 34.117.33.6
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://track-selectmedia.com/trackv4?bulkV3=true&version=1325&uuid=19227091-e6cc-40ba-85c5-0e0af41993a5
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 6.33.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cnvyl.katerionews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: https://cnvyl.katerionews.com
allowedmethods: GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials: true
allowedheaders: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H3 204 trackv4
track-selectmedia.com/ Frame 0
0 146ms
146ms Preflight
application/json 34.117.33.6
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://track-selectmedia.com/trackv4?bulkV3=true&version=1325&uuid=19227091-e6cc-40ba-85c5-0e0af41993a5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 6.33.117.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://cnvyl.katerionews.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://cnvyl.katerionews.com
allowedheaders: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
allowedmethods: GET , POST , PUT , DELETE , OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json
date: Thu, 11 May 2023 11:30:17 GMT
referrer-policy: no-referrer-when-downgrade
via: 1.1 google

GET
H3 200 bridge3.572.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 9B87 707 KB
226 KB 13ms
12ms Document
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b144069da3f1709d073fdb3895992e36a79a45b9f8db3a8bc3f52b54bc86115a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://geo.dailymotion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 497261
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 231061
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 17:22:36 GMT
expires: Sat, 04 May 2024 17:22:36 GMT
last-modified: Thu, 04 May 2023 18:03:20 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 9C8C 44 KB
16 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 11 May 2023 11:30:17 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ Frame 383F 47 KB
47 KB 14ms
13ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300&subset=latin,cyrillic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://waaw.ac
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 05:45:28 GMT
x-content-type-options: nosniff
age: 452689
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 05:45:28 GMT

GET
H2 200 dmp.dynamic_quality_switcher.1c7534ac08453c758024.js Show response
static1.dmcdn.net/playerv5/ Frame 9A03 22 KB
7 KB 17ms
16ms Script
application/x-javascript 178.79.242.181
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/dmp.dynamic_quality_switcher.1c7534ac08453c758024.js
Requested by: Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.photon_manifest.529fd40cb9ac7b46995a.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-181.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: 0f5c7a7fa9d3024dc2ca19a856ea61d7d31c9a82743dcabd61ee3bce7c26147d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
content-encoding: gzip
age: 1306010
server-timing: total;dur=0, dc;desc="dc3"
content-length: 7194
last-modified: Wed, 26 Apr 2023 08:40:03 GMT
server: DMS/1.0.42
etag: "6448e363-5871"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-llid: 1c048a249aabd7298fbe45530ebe20a1
expires: Fri, 26 May 2023 08:43:27 GMT

GET
H2 200 dmp.vendors~hlsjs_stable.8ac8809237b9a52466f8.js Show response
static1.dmcdn.net/playerv5/ Frame 9A03 189 KB
54 KB 18ms
17ms Script
application/x-javascript 178.79.242.181
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/dmp.vendors~hlsjs_stable.8ac8809237b9a52466f8.js
Requested by: Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.photon_manifest.529fd40cb9ac7b46995a.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-181.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: 1b6d3eb6c61dbc3983ce0842d475d4c4e6174c9ac87baefec2e4b3ea11284d04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
content-encoding: gzip
age: 2202732
server-timing: total;dur=0, dc;desc="dc3"
content-length: 54686
last-modified: Thu, 13 Apr 2023 13:38:03 GMT
server: DMS/1.0.42
etag: "643805bb-2f204"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-llid: 42e9aa1ce26ab3c76f30e916df26dbd6
expires: Mon, 15 May 2023 23:38:05 GMT

GET
H2 204 x81iuq0.m3u8 Show response
dmxleo.dailymotion.com/cdn/manifest/video/ Frame 9A03 0
275 B 153ms
20ms Script
text/plain 188.65.124.66
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL

https://dmxleo.dailymotion.com/cdn/manifest/video/x81iuq0.m3u8?auth=1683977417-2562-wqryywrk-b8485b6081ae6705f8d6a304bb72d466KnEitRl761JjB3M1dJ8C3IbsbSSBveGY0ht8gBRYYXTLIJwH7KocbBkQaEvLSrCyPdA9z66TZoz7g19wsIK0Dk15q3DCHEaTnvWepeP_prZrgjl-YCW4rJYx-bjv03GcvDYCnCBIFrpB69x0K2Gs6F1V2gCDT6dQKNb50R5n71pkXEh8OkDK7cuIXgBDeSKkq3tdHZJrR3curU83x-cwWsZ2tQhU9VtOa6xctcdj6rcoQuV7giCZPluA_b78LF4EbEm3xUEMA4abVOvGGztOrlbwoUJh3tmRXpeaObo_1h8tXAOC4UcRyP0k8GYXi7MFiaj79FNqQTF64jbymo7Egazkou_Wpe3zF26ZRtN5Btu7Jdtqx--Q1pphm_ibEW6QqdG7bbzvONhihv1TXvg8mOPk-L65LPx5ZALt2r7SmDEwgNjDtjfG88b4b2gBdu1To5NSb-33w9Z3MsRwHi0hV44DjIIAE3_oJzl_mqJXEYENJGikzDinzQdd--cUo88DfwHrPGQDroAqQVPm9Kp7O4cVRH_bnHjV5D4_2wCmOICzoIUsBL3ah2CCitpPPQvz09GoRL6OnGtMKRx8PYKGghC6DDlaArJaj_b-LwObLaRRn0zpi5KWUriGeinV3pIvLSq8fWkmm2iCiVEKHdtrF57IL3GgN29V9lofkE4Q0Qud28g7877p4q3kBrwjsAahqXvallltbLBPgCFjSRjRO3-1z0FHJz4MPuNHBpd47fw61PhY5nVlUoHbO6OF0fMT6cHpwMuSyxO10YUKI-JPnVBWzfwXlqpYKeMI1f1FOhNhrtGyTXPJkvLzJ2h4XjZ0lmYRzrvlrCrqcL6B4yjOWHUuZQ_GcrqnBmYv34O8yhAfZlkRPwtxXKXxmJmRiV_2yAb7B6NzWa8H0Al4ibfrgtajWqDB3dXDTEOur-k3-P8WQQjMX2tk3zmMTtBEa_Tj7BuLwK4I022MvbV69gEn0yOv2Z0LN3qKkWVvZ4oSWgJAouz5tv-JxxNYiLYy8W2I9slJKH_We0bj4_XMKHCLeJLdWqfjTuNm68PXUSTzYjfQtzedHVCUnuvdlnJ4A_U02niNzuzUblYHAZcUSEsc8TOmZtWSFi705Qtu8UI65tPj1qGgGsE6cUk871OemidREgKxMyq-0xrWzVRF5wDMat9UXc8KUFeLTxj5r3GAQe3WxbNpL5-5dS68tcKunhJ1VW1eE0-BTuJWlVTnfU5GktSG6ITxfLXSxeAO9iBRekyBmQEe4ztb8BrkIgL3Dt6LkPk6n2w_cbcN0EnYPaoxJ67vuhx9mvRjLDWJWLrBz5nxvRSge7pXiUuV_3PCHv15LkvRM9TK9R3w8M0FT5RuicKkRRtX5fhZqwsd7LKi-LweP_HwIgHUG0ENOY-53b8lK&bs=1&cookie_sync_ab_gk=1&reader_gdpr_flag=1&reader_gdpr_consent=&gdpr_binary_consent=opt-out&gdpr_comes_from_infopack=0&reader_us_privacy=1---

Requested by

Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.photon_app.983d7cf72c576cd73b9c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.65.124.66 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-dm-lb-name: ingress-nginx-nginx-in-cluster-287vm
date: Thu, 11 May 2023 11:30:17 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: https://geo.dailymotion.com/
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type

GET
H2 200 segment.7.js Show response
waaw.ac/js/ Frame 383F 7 KB
3 KB 15ms
15ms Script
application/javascript 190.115.19.71
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://waaw.ac/js/segment.7.js?157
Requested by: Host: waaw.ac
URL: https://waaw.ac/player/embed_player.php?vpn=1&vid=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: Google Frontend /
Resource Hash: 2b9882b1d4950f6e9ec65efbef9636a76a43b423302695035cf88b8c44474acd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waaw.ac/player/embed_player.php?vpn=1&vid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: cache
date: Thu, 11 May 2023 11:30:17 GMT
content-encoding: gzip
x-cache-status-inferno-s: HIT
last-modified: Fri, 10 Dec 2021 17:25:16 GMT
server: Google Frontend
etag: W/"61b38d7c-1c01"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials: true
x-inferno-location: static
accessing-static: 1

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6728 0
10 B 13ms
12ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?3JUtIA
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 ABCFavoritMedium.49884d379d5f27f75991f15de4d231cb.woff2
static1.dmcdn.net/playerv5/fonts/ Frame 9A03 52 KB
52 KB 13ms
12ms Font
application/octet-stream 178.79.242.181
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/fonts/ABCFavoritMedium.49884d379d5f27f75991f15de4d231cb.woff2
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-181.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: 2d7e04f93797dca868560733bfe7342aabd013ae8bba52073a35bc5fd99e830b

Request headers

Referer: https://geo.dailymotion.com/
Origin: https://geo.dailymotion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:17 GMT
last-modified: Thu, 27 Apr 2023 13:00:57 GMT
server: DMS/1.0.42
age: 1204006
etag: "644a7209-ce44"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000
server-timing: total;dur=0, dc;desc="dc3"
accept-ranges: bytes
timing-allow-origin: *
content-length: 52804
x-llid: 4758991f90b7ab65da8e25f34471a09f
expires: Sat, 27 May 2023 13:03:31 GMT

GET
H/1.1 200
OK x81iuq0.m3u8 Show response
www.dailymotion.com/cdn/manifest/video/ Frame 9A03 3 KB
2 KB 41ms
39ms XHR
application/vnd.apple.mpegurl 188.65.124.90
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dailymotion.com/cdn/manifest/video/x81iuq0.m3u8?sec=wCeP82oEO1VeMk5o5WZGMNHcWRuwHHC0NRAjwB5j7y6oUce091avlJSovSGqq_Vn&dmTs=740572&dmV1st=65005734-b7b9-4444-b65f-ead7bd6c8989

Requested by

Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.vendors~hlsjs_stable.8ac8809237b9a52466f8.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

188.65.124.90 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

server-52-222-253-136.fra60.r.cloudfront.net

Software

DMS/1.0.42 /

Resource Hash

8db8495417a812138b9b8fcb12f0412ac8d838b8f3fa7d58def2ba960322ec40

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31708800; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Security-Policy: upgrade-insecure-requests
Content-Encoding: gzip
Date: Thu, 11 May 2023 11:30:18 GMT
Strict-Transport-Security: max-age=31708800; includeSubDomains; preload
Content-Security-Policy-Report-Only: default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Server-Timing: total;dur=22, dc;desc="dc3"
Content-Length: 938
Referrer-Policy: no-referrer-when-downgrade
Server: DMS/1.0.42
Expect-Ct: max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Vary: X-DM-SSL,Accept-Encoding
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: https://geo.dailymotion.com
Cache-Control: private, max-age=600
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Expires: Thu, 11 May 2023 11:40:18 +0000

GET
H2 200 netu.php Show response
testingmetriksbre.ru/ Frame 383F 1 KB
875 B 75ms
74ms Script
application/javascript 2606:4700:3037::ac43:aa2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://testingmetriksbre.ru/netu.php
Requested by: Host: waaw.ac
URL: https://waaw.ac/player/embed_player.php?vpn=1&vid=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:aa2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: fd45bb46808611318ab74c39100ef0aa9aa78e5ad508e6219d0ec8d4d52f2a46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waaw.ac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.1.33
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IJqJeQZTNowbZkTMqfeJ81Y%2BBjbePMbdLHDYwkc9H8ETJyC5IcxT2T1SDOe4bpkjmgHAC3umfQ7KVPoDFRCOChWcNTT3%2B0fMAXfadItWYZOhO5Lx83o8wjOqLtU3FVYPmSRFmt3vuGqLVzx%2BBvAMN8yvZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 7c5a16ce9d931c8b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK 486288648_mp4_h264_aac.m3u8 Show response
proxy-023.dc3.dailymotion.com/sec(F2xm4AE_MJz4XuMt-sLSYSph7R6l5XFruRG3j9tm_mRmSoFA2BaGJ0juj8aUhB4hradpo209wOK_5TR3Wb1PifAZCHMvO4cwnqMJf98pqzo)/video/846/882/ Frame 9A03 6 KB
742 B 70ms
17ms XHR
application/vnd.apple.mpegurl 188.65.126.232
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL: https://proxy-023.dc3.dailymotion.com/sec(F2xm4AE_MJz4XuMt-sLSYSph7R6l5XFruRG3j9tm_mRmSoFA2BaGJ0juj8aUhB4hradpo209wOK_5TR3Wb1PifAZCHMvO4cwnqMJf98pqzo)/video/846/882/486288648_mp4_h264_aac.m3u8
Requested by: Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.vendors~hlsjs_stable.8ac8809237b9a52466f8.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.65.126.232 Vaux-sur-Seine, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS: proxy-023.dc3.dailymotion.com
Software: lumberjack/2.5.2 /
Resource Hash: 41139164b653626527354456e5a27a14f42337831ff7a4c2306b7f1e2fe75c3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Thu, 11 May 2023 11:30:18 GMT
Content-Encoding: gzip
Last-Modified: Sun, 25 Jul 2021 10:07:02 GMT
Server: lumberjack/2.5.2
Access-Control-Max-Age: 600
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, public
Accept-Ranges: bytes
Content-Length: 363
Expires: Fri, 12 May 2023 11:30:18 GMT

GET
H3 200 f.php Show response
testingmetriksbre.ru/ Frame 4171 4 KB
2 KB 61ms
61ms Document
text/html 2606:4700:3037::ac43:aa2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://testingmetriksbre.ru/f.php?sid=212040
Requested by: Host: testingmetriksbre.ru
URL: https://testingmetriksbre.ru/netu.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:aa2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: 2378106c129ead4e68b0d0b258b90909bee51d999dcdaa5166640ecd158e913f

Request headers

Referer: https://waaw.ac/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 7c5a16cf1ee59b5e-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 11 May 2023 11:30:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LroJBSaXMd2AUEA09VVF3qeIc08zJ0gpb8gW2CSxLHnNdxqKCZexYvM5chBfbBX0IJaE0KV6xM92cT35%2FnpKGZMQ1DbH0gdtI%2FYviwoXIvLAlDKlNld%2BBPC%2FkYGRyPW%2FhU0SBpBlnecrrmqo24z4G8%2FRDg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.1.33
x-robots-tag: noindex

GET
H/1.1 200
OK 486288648_mp4_h264_aac.ts Show response
proxy-023.dc3.dailymotion.com/sec(F2xm4AE_MJz4XuMt-sLSYSph7R6l5XFruRG3j9tm_mRmSoFA2BaGJ0juj8aUhB4hradpo209wOK_5TR3Wb1PifAZCHMvO4cwnqMJf98pqzo)/atrk(0)/frag(1)/video/846/882/ Frame 9A03 198 KB
199 KB 16ms
16ms XHR
video/mp2t 188.65.126.232
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL: https://proxy-023.dc3.dailymotion.com/sec(F2xm4AE_MJz4XuMt-sLSYSph7R6l5XFruRG3j9tm_mRmSoFA2BaGJ0juj8aUhB4hradpo209wOK_5TR3Wb1PifAZCHMvO4cwnqMJf98pqzo)/atrk(0)/frag(1)/video/846/882/486288648_mp4_h264_aac.ts
Requested by: Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.vendors~hlsjs_stable.8ac8809237b9a52466f8.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.65.126.232 Vaux-sur-Seine, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS: proxy-023.dc3.dailymotion.com
Software: lumberjack/2.5.2 /
Resource Hash: 550519a47b20b551b6e2ad19d8ce4ca20a81a9fa001e35ebb21e2c8c72f706be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Thu, 11 May 2023 11:30:18 GMT
Last-Modified: Sun, 25 Jul 2021 10:07:02 GMT
Server: lumberjack/2.5.2
Access-Control-Max-Age: 600
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, public
Accept-Ranges: bytes
Content-Length: 203228
Expires: Fri, 12 May 2023 11:30:18 GMT

GET
BLOB 200
OK 495a497b-1291-46d3-8a72-a356885b70a5
https://geo.dailymotion.com/ Frame 9A03 65 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://geo.dailymotion.com/495a497b-1291-46d3-8a72-a356885b70a5
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a5e40c41a359f601b100331ed08088e4bfec229c2b9cc70c67ae27fb642dd3b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Length: 66540
Content-Type: text/javascript

GET
H3 200 banner.gif
testingmetriksbre.ru/ads/ Frame 4171 42 B
499 B 65ms
65ms Image
image/gif 2606:4700:3037::ac43:aa2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://testingmetriksbre.ru/ads/banner.gif
Requested by: Host: testingmetriksbre.ru
URL: https://testingmetriksbre.ru/f.php?sid=212040
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:aa2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://testingmetriksbre.ru/f.php?sid=212040
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:18 GMT
cf-cache-status: DYNAMIC
last-modified: Tue, 05 Jul 2022 17:05:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62c46f48-2a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QG%2Fahs1qN5F9vujxWksz94Mb1cHVCPymoZNXJK600rfHSLHeY9iWI0fKZxzJ0oPs830BFSC1GQUV58h5RmPbKt4uhbUdwx2hOvxcX7NFSv4J5jOhmEZSSBKNOMsmdoJA%2FpAqP8949AcPSTQYd3trxoDhoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
accept-ranges: bytes
cf-ray: 7c5a16cf7f7f9b5e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42

GET
H2 200 f.php Show response
videocdnmetrika.com/ Frame 4171 4 KB
2 KB 104ms
77ms Document
text/html 2606:4700:3035::ac43:df84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://videocdnmetrika.com/f.php?sid=212040&rand=962215149
Requested by: Host: testingmetriksbre.ru
URL: https://testingmetriksbre.ru/f.php?sid=212040
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:df84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: c9f2b26f3322f00b5db51d3223c0f26b827f83c14743c15a7fc56fdc5875ca91

Request headers

Referer: https://testingmetriksbre.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 7c5a16cfba552bd9-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 11 May 2023 11:30:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AkQ5l76YgPcVwOeiw4RpvNCx1KtfHkMUiv1V%2F1FPSt1VfKLpFCTKoCPWJ44%2BkxDvGisXBAP%2B6klqhDCSjZYUkMIxXwie2dUDP2ylij32a2he7NWbjXoz3I0sFOwerU8rnVH1SqksEm4XMWig%2F%2FVO%2FV%2Bd"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.1.33
x-robots-tag: noindex

GET
H2 200 banner.gif
videocdnmetrika.com/ads/ Frame 4171 42 B
415 B 12ms
11ms Image
image/gif 2606:4700:3035::ac43:df84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://videocdnmetrika.com/ads/banner.gif
Requested by: Host: videocdnmetrika.com
URL: https://videocdnmetrika.com/f.php?sid=212040&rand=962215149
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:df84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://videocdnmetrika.com/f.php?sid=212040&rand=962215149
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:18 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Jul 2022 17:05:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3086
etag: "62c46f48-2a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2FHk%2Fo%2BittKKXV61iCe%2F7tCUUkQrhAcC9ikiMqVtZ9DWV%2FstcoMuG39dVd1DwrFz3o593%2FU28XVJo3QJ1i7w3MbP3TZlD6YiJqAOtMV7NdzWeEHVfyye8byu6c9eYpwMhBFh2UqyEDTv0vKJ7IzCJVwF"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7c5a16d04ae02bd9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42

GET
H2 200 tag.js Show response
cdn.jsdelivr.net/npm/yandex-metrica-watch/ Frame 4171 213 KB
88 KB 690ms
227ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Requested by

Host: videocdnmetrika.com
URL: https://videocdnmetrika.com/f.php?sid=212040&rand=962215149

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8bbed2b8ca4e0a8532496fbeaac3ba7f97c964f5ccf704224da0263e79f9a185

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://videocdnmetrika.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 11 May 2023 11:30:18 GMT
x-content-type-options: nosniff
content-encoding: br
age: 37653
x-jsd-version: 1.274.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 89128
x-served-by: cache-fra-eddf8230100-FRA, cache-gig2250054-GIG
x-jsd-version-type: version
etag: W/"3545d-fnsNgR4saniyknGB9bqq0zV8j7M"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 23ms
22ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=cnvyl.katerionews.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 21ms
21ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cnvyl.katerionews.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 60CA 42 B
64 B 112ms
112ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuo_FzHOrrNwEzNmdS7ns9i6XdL3dGlQnTR_I81lZAows0E-3o5tT0Qmu2NMLv_b6RLADLs21LQek-IWeoDDZIfY4GymKI4jq5vkU4aG6pa6e19d2BR&sig=Cg0ArKJSzENMb-gy3jmaEAE&id=lidar2&mcvt=1035&p=393,1085,643,1385&mtos=1035,1035,1035,1035,1035&tos=1035,0,0,0,0&v=20230510&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=778162663&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683804613931&rpt=3347&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EC68 42 B
64 B 124ms
124ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstyTS9FH68hfE6mmj9KZXi-Ds77XVydNysUX4FmLQjDyQjSzFr-VAIv8y8FEcANN_hjxLAkBUkRBzmO--JYwG7c6O_anq-hGvTlES11fn8g1hwyuyeA8FIHu--PrT_D7IX8KxG4_A&sai=AMfl-YT1Czeuv-0mX3lOo6SQBCWHZpsslEqX03e9A7sbeI3HlsaobOOSHaOsFQFputdlOoF9huXENflb3KHrFp9nMgzyditSeF6nbbAh0T4q8j-ySLqO2Aq6uKYhBWnw&sig=Cg0ArKJSzAGylXUz9mdcEAE&cid=CAQSPABygQiDhq7jd2cYUoQV9T08s7AOF3FD_DYRYiptN2fJQARmdODMemMyaPc0WDQUYY18HhyUI7cBkF-3uhgB&id=lidar2&mcvt=1037&p=0,0,250,300&mtos=1037,1037,1037,1037,1037&tos=1037,0,0,0,0&v=20230510&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1453749305&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683804615351&rpt=1923&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 06D3 156 B
142 B 207ms
206ms XHR
text/xml 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7047%2C22893780809%2Fapl%2Faniplay%2Faniplay_100&description_url=cnvyl.katerionews.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=981345975650934&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=2800172156&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=B67A24A8-C7B1-4242-9D49-8C12E702485D&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&ref=https%3A%2F%2Fwaaw.ac%2F&url=https%3A%2F%2Fcnvyl.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b&dlt=1683804612163&idt=3835&dt=1683804618371&cookie=ID%3Db679b9b9d5fda808-22e199fec8dd0036%3AT%3D1683804613%3ART%3D1683804615%3AS%3DALNI_MaFP-Mowe6HlF_6scNdoNCdZGdGGA&gpic=UID%3D00000bf97ea5ad88%3AT%3D1683804613%3ART%3D1683804613%3AS%3DALNI_MZWK5e_uYbhC-dT_U-D2_xkjB9wTA&scor=4086804726482767&ged=ve4_td6_tt5_pd6_la6000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:18 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame FE98 95 KB
18 KB 541ms
541ms XHR
text/xml 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21939239661%2C22893780809%2Fapl%2Faniplay%2Faniplay_050&description_url=cnvyl.katerionews.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=415635908853450&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=1471510095&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=B67A24A8-C7B1-4242-9D49-8C12E702485D&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&ref=https%3A%2F%2Fwaaw.ac%2F&url=https%3A%2F%2Fcnvyl.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b&dlt=1683804612163&idt=3848&dt=1683804618373&cookie=ID%3Db679b9b9d5fda808-22e199fec8dd0036%3AT%3D1683804613%3ART%3D1683804615%3AS%3DALNI_MaFP-Mowe6HlF_6scNdoNCdZGdGGA&gpic=UID%3D00000bf97ea5ad88%3AT%3D1683804613%3ART%3D1683804613%3AS%3DALNI_MZWK5e_uYbhC-dT_U-D2_xkjB9wTA&scor=2215664261155154&ged=ve4_td6_tt5_pd6_la6000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38cef6e40126dc951e0fd354dcb653db3932882dca7bb849113133e1d08afaea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18118
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame E936 156 B
142 B 176ms
176ms XHR
text/xml 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7047%2C22893780809%2Fapl%2Faniplay%2Faniplay_150&description_url=cnvyl.katerionews.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1582947687530301&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=2056672941&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=B67A24A8-C7B1-4242-9D49-8C12E702485D&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&ref=https%3A%2F%2Fwaaw.ac%2F&url=https%3A%2F%2Fcnvyl.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b&dlt=1683804612163&idt=3878&dt=1683804618374&cookie=ID%3Db679b9b9d5fda808-22e199fec8dd0036%3AT%3D1683804613%3ART%3D1683804615%3AS%3DALNI_MaFP-Mowe6HlF_6scNdoNCdZGdGGA&gpic=UID%3D00000bf97ea5ad88%3AT%3D1683804613%3ART%3D1683804613%3AS%3DALNI_MZWK5e_uYbhC-dT_U-D2_xkjB9wTA&scor=4229233540786916&ged=ve4_td6_tt5_pd6_la6000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:18 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 16DC 95 KB
18 KB 437ms
436ms XHR
text/xml 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21939239661%2C22893780809%2Fapl%2Faniplay%2Faniplay_150&description_url=cnvyl.katerionews.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3167927168311846&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4141724494&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=B67A24A8-C7B1-4242-9D49-8C12E702485D&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&ref=https%3A%2F%2Fwaaw.ac%2F&url=https%3A%2F%2Fcnvyl.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b&dlt=1683804612163&idt=3900&dt=1683804618384&cookie=ID%3Db679b9b9d5fda808-22e199fec8dd0036%3AT%3D1683804613%3ART%3D1683804615%3AS%3DALNI_MaFP-Mowe6HlF_6scNdoNCdZGdGGA&gpic=UID%3D00000bf97ea5ad88%3AT%3D1683804613%3ART%3D1683804613%3AS%3DALNI_MZWK5e_uYbhC-dT_U-D2_xkjB9wTA&scor=545600310684212&ged=ve4_td6_tt5_pd6_la6000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f5130b116df9dddc97e269119adcc9cf18ab2192399da5dfac03bb599cd0c26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18013
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame DB49 156 B
142 B 170ms
170ms XHR
text/xml 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7047%2C22893780809%2Fapl%2Faniplay%2Faniplay_550&description_url=cnvyl.katerionews.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=913580521379611&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=2611017745&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=B67A24A8-C7B1-4242-9D49-8C12E702485D&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&ref=https%3A%2F%2Fwaaw.ac%2F&url=https%3A%2F%2Fcnvyl.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b&dlt=1683804612163&idt=3916&dt=1683804618385&cookie=ID%3Db679b9b9d5fda808-22e199fec8dd0036%3AT%3D1683804613%3ART%3D1683804615%3AS%3DALNI_MaFP-Mowe6HlF_6scNdoNCdZGdGGA&gpic=UID%3D00000bf97ea5ad88%3AT%3D1683804613%3ART%3D1683804613%3AS%3DALNI_MZWK5e_uYbhC-dT_U-D2_xkjB9wTA&scor=2238282273691985&ged=ve4_td6_tt5_pd6_la6000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:18 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 1648 156 B
142 B 206ms
206ms XHR
text/xml 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21939239661%2C22893780809%2Fapl%2Faniplay%2Faniplay_250&description_url=cnvyl.katerionews.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2160492111483505&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4190038522&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=B67A24A8-C7B1-4242-9D49-8C12E702485D&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&ref=https%3A%2F%2Fwaaw.ac%2F&url=https%3A%2F%2Fcnvyl.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b&dlt=1683804612163&idt=3955&dt=1683804618388&cookie=ID%3Db679b9b9d5fda808-22e199fec8dd0036%3AT%3D1683804613%3ART%3D1683804615%3AS%3DALNI_MaFP-Mowe6HlF_6scNdoNCdZGdGGA&gpic=UID%3D00000bf97ea5ad88%3AT%3D1683804613%3ART%3D1683804613%3AS%3DALNI_MZWK5e_uYbhC-dT_U-D2_xkjB9wTA&scor=4384137267816555&ged=ve4_td6_tt5_pd6_la6000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:18 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 1F9B 156 B
142 B 463ms
462ms XHR
text/xml 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7047%2C22893780809%2Fapl%2Faniplay%2Faniplay_450&description_url=cnvyl.katerionews.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3119232532694248&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=2833661598&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=B67A24A8-C7B1-4242-9D49-8C12E702485D&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&ref=https%3A%2F%2Fwaaw.ac%2F&url=https%3A%2F%2Fcnvyl.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b&dlt=1683804612163&idt=3936&dt=1683804618390&cookie=ID%3Db679b9b9d5fda808-22e199fec8dd0036%3AT%3D1683804613%3ART%3D1683804615%3AS%3DALNI_MaFP-Mowe6HlF_6scNdoNCdZGdGGA&gpic=UID%3D00000bf97ea5ad88%3AT%3D1683804613%3ART%3D1683804613%3AS%3DALNI_MZWK5e_uYbhC-dT_U-D2_xkjB9wTA&scor=4169046585021758&ged=ve4_td6_tt5_pd6_la6000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:18 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 1B88 156 B
142 B 398ms
398ms XHR
text/xml 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21939239661%2C22893780809%2Fapl%2Faniplay%2Faniplay_170&description_url=cnvyl.katerionews.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3640022841451339&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=3945014588&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=B67A24A8-C7B1-4242-9D49-8C12E702485D&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&ref=https%3A%2F%2Fwaaw.ac%2F&url=https%3A%2F%2Fcnvyl.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b&dlt=1683804612163&idt=3968&dt=1683804618392&cookie=ID%3Db679b9b9d5fda808-22e199fec8dd0036%3AT%3D1683804613%3ART%3D1683804615%3AS%3DALNI_MaFP-Mowe6HlF_6scNdoNCdZGdGGA&gpic=UID%3D00000bf97ea5ad88%3AT%3D1683804613%3ART%3D1683804613%3AS%3DALNI_MZWK5e_uYbhC-dT_U-D2_xkjB9wTA&scor=1149569604758738&ged=ve4_td6_tt5_pd6_la6000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:18 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 3010 156 B
142 B 335ms
335ms XHR
text/xml 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22703897216%2C22893780809%2FSMG_Adipolo%2Fpreroll%2Fsyndication_2&description_url=cnvyl.katerionews.com&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3313044967337841&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=2401421350&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=B67A24A8-C7B1-4242-9D49-8C12E702485D&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&ref=https%3A%2F%2Fwaaw.ac%2F&url=https%3A%2F%2Fcnvyl.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b&dlt=1683804612163&idt=3980&dt=1683804618394&cookie=ID%3Db679b9b9d5fda808-22e199fec8dd0036%3AT%3D1683804613%3ART%3D1683804615%3AS%3DALNI_MaFP-Mowe6HlF_6scNdoNCdZGdGGA&gpic=UID%3D00000bf97ea5ad88%3AT%3D1683804613%3ART%3D1683804613%3AS%3DALNI_MZWK5e_uYbhC-dT_U-D2_xkjB9wTA&scor=2937149619870324&ged=ve4_td6_tt5_pd6_la6000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:18 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 2C97 156 B
142 B 502ms
502ms XHR
text/xml 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F136431902%2C22893780809%2Fapl%2Faniplay%2Faniplay_150&description_url=cnvyl.katerionews.com&tfcd=0&npa=0&sz=400x300&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4141444471709078&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4068321354&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=B67A24A8-C7B1-4242-9D49-8C12E702485D&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&ref=https%3A%2F%2Fwaaw.ac%2F&url=https%3A%2F%2Fcnvyl.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b&dlt=1683804612163&idt=3994&dt=1683804618396&cookie=ID%3Db679b9b9d5fda808-22e199fec8dd0036%3AT%3D1683804613%3ART%3D1683804615%3AS%3DALNI_MaFP-Mowe6HlF_6scNdoNCdZGdGGA&gpic=UID%3D00000bf97ea5ad88%3AT%3D1683804613%3ART%3D1683804613%3AS%3DALNI_MZWK5e_uYbhC-dT_U-D2_xkjB9wTA&scor=2380502223711722&ged=ve4_td6_tt5_pd6_la6000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:18 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame E488 156 B
142 B 221ms
221ms XHR
text/xml 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21725819945%2C22651347523%2Fjkapvid%2Funiversaljkvid&description_url=cnvyl.katerionews.com&tfcd=0&npa=0&sz=400x300%7C640x480&cust_params=aplkv%3D250&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3194615945604249&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=87870059&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=B67A24A8-C7B1-4242-9D49-8C12E702485D&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&ref=https%3A%2F%2Fwaaw.ac%2F&url=https%3A%2F%2Fcnvyl.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b&dlt=1683804612163&idt=4007&dt=1683804618398&cookie=ID%3Db679b9b9d5fda808-22e199fec8dd0036%3AT%3D1683804613%3ART%3D1683804615%3AS%3DALNI_MaFP-Mowe6HlF_6scNdoNCdZGdGGA&gpic=UID%3D00000bf97ea5ad88%3AT%3D1683804613%3ART%3D1683804613%3AS%3DALNI_MZWK5e_uYbhC-dT_U-D2_xkjB9wTA&scor=3072686116299091&ged=ve4_td6_tt5_pd6_la6000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:18 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 1E49 156 B
142 B 403ms
403ms XHR
text/xml 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F127641337%2C22652786701%2C22893780809%2FAdipoloshFloor3&description_url=cnvyl.katerionews.com&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1858216869065292&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=961248209&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=B67A24A8-C7B1-4242-9D49-8C12E702485D&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&ref=https%3A%2F%2Fwaaw.ac%2F&url=https%3A%2F%2Fcnvyl.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b&dlt=1683804612163&idt=4021&dt=1683804618400&cookie=ID%3Db679b9b9d5fda808-22e199fec8dd0036%3AT%3D1683804613%3ART%3D1683804615%3AS%3DALNI_MaFP-Mowe6HlF_6scNdoNCdZGdGGA&gpic=UID%3D00000bf97ea5ad88%3AT%3D1683804613%3ART%3D1683804613%3AS%3DALNI_MZWK5e_uYbhC-dT_U-D2_xkjB9wTA&scor=3795293052952098&ged=ve4_td6_tt5_pd6_la6000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:18 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 6ABC 156 B
142 B 173ms
173ms XHR
text/xml 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7047%2C22893780809%2Fapl%2Faniplay%2Faniplay_350&description_url=cnvyl.katerionews.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=729607824482504&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=2364559228&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=B67A24A8-C7B1-4242-9D49-8C12E702485D&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&ref=https%3A%2F%2Fwaaw.ac%2F&url=https%3A%2F%2Fcnvyl.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b&dlt=1683804612163&idt=4041&dt=1683804618402&cookie=ID%3Db679b9b9d5fda808-22e199fec8dd0036%3AT%3D1683804613%3ART%3D1683804615%3AS%3DALNI_MaFP-Mowe6HlF_6scNdoNCdZGdGGA&gpic=UID%3D00000bf97ea5ad88%3AT%3D1683804613%3ART%3D1683804613%3AS%3DALNI_MZWK5e_uYbhC-dT_U-D2_xkjB9wTA&scor=519909818861962&ged=ve4_td6_tt5_pd6_la6000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:18 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame B447 156 B
142 B 306ms
305ms XHR
text/xml 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21939239661%2C22893780809%2Fapl%2Faniplay%2Faniplay_450&description_url=cnvyl.katerionews.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3699275736491624&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=502217293&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=B67A24A8-C7B1-4242-9D49-8C12E702485D&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&ref=https%3A%2F%2Fwaaw.ac%2F&url=https%3A%2F%2Fcnvyl.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b&dlt=1683804612163&idt=4056&dt=1683804618405&cookie=ID%3Db679b9b9d5fda808-22e199fec8dd0036%3AT%3D1683804613%3ART%3D1683804615%3AS%3DALNI_MaFP-Mowe6HlF_6scNdoNCdZGdGGA&gpic=UID%3D00000bf97ea5ad88%3AT%3D1683804613%3ART%3D1683804613%3AS%3DALNI_MZWK5e_uYbhC-dT_U-D2_xkjB9wTA&scor=4317019499606355&ged=ve4_td6_tt5_pd6_la6000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:18 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame E576 156 B
142 B 264ms
263ms XHR
text/xml 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22703897216%2C22893780809%2FSMG_Adipolo%2Fpreroll%2Fsyndication_150&description_url=cnvyl.katerionews.com&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3872688308599930&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=3652503878&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=B67A24A8-C7B1-4242-9D49-8C12E702485D&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&ref=https%3A%2F%2Fwaaw.ac%2F&url=https%3A%2F%2Fcnvyl.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b&dlt=1683804612163&idt=4072&dt=1683804618409&cookie=ID%3Db679b9b9d5fda808-22e199fec8dd0036%3AT%3D1683804613%3ART%3D1683804615%3AS%3DALNI_MaFP-Mowe6HlF_6scNdoNCdZGdGGA&gpic=UID%3D00000bf97ea5ad88%3AT%3D1683804613%3ART%3D1683804613%3AS%3DALNI_MZWK5e_uYbhC-dT_U-D2_xkjB9wTA&scor=1852510635143676&ged=ve4_td6_tt5_pd6_la6000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:18 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 60CA 0
0 51ms
51ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230509&jk=2436963586929940&bg=!19Sl1IDNAAYldGN0BXQ7ADkAdvg8WuzmwX3MAj1kGvfEfgHygw6Q28tx3YsajMmcNvw2HIIVAMihUuqCERztgxGPApPW6bWfOAoCAAABClIAAAAEaAEHmQLTEHn1927cZAPOdSBYu2KHAqp3vaa3fm4wv8YVDa-wOYAxmecOx2-bmfTCUhscSXuO_UPaXtLQ_KjjgsqpdwGH1qIJuC9Ig-jqez_8pKC3gCzGhKvsUJK-QxGqBAf7ifsJAsYpdGrpe9wx6o_XAW7WBXRLwaQ_jcsjzNKm0haTH1jyN0WQ3Q0Rh8aHHD2VN7dJr-8bQ31jrmE_NSEPU-n133sqr496mKlBoLXRzmeyNaZMV1MYHen4I_euuBT-Ekt0EX1tvAUkRlvnY7V1XCIDFkeHvVZBUw3LnMzxrQSCPZf0CdORiL1h6L1arKBo2ciOCHOf9AeIfCf28x6i7ao7MlXpFAiJ2KOiv9z-YVR6cwWK33Svam7kV7PSrUVx2d6T1SMVoEUJ0GeRYgIiFORXo92jFzNWgv1B5PcLtesValMsNb1pgXOL4suCiqkk3hgpPKnIAkbE1LImBge2Zpm78dkz0wHve9j4G9mSfGt25LtFVOExzHsSFmHi1CgEIlPaCKTCVoVTrTt1cq4XknY_XHhchWupGQJeOEmMXYDyCV45xsIIC7Hw9V9rKJtN99Rk9o73CbZXTV741UvwyNn5Q9GDtNZ43HVGtypPnPpGha2khOY83JgBPDOf9bMQyR9Lzon2XM10eL4WI7-AzvOJj9DjKXFlA4hliw1tAMB0QfObHJULikiJtHCJRQZFiQ2V1wSdfMgdj051DvuVs3RnvgxeH0Eg8c-jqMP8Dm_HUGnKOTLuQgltmfkg4NMLB7VCLjxBXTMqKjlXtcNEG1JUBcU9JRUyCCnc_XjZR1kJZ8F54_F78a0xD7oZLd_mnvZChukZVrPrbVYVk2NSNQWIKTDYu8wEZHkPmCZlWPZEnQoJ1zEwLw_mTb9m0UY5mGwMMH4VW7OD6bK4mLqCSYggPIkb9tBnO0MBcAr2iox1-xMwtFkAA4dIz18QUi1W5q828CJh
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

POST
H3 204 csi
csi.gstatic.com/ Frame E936 0
17 B 273ms
272ms Ping
image/gif 2404:6800:4005:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lhj1slr5&c=4990421423842&slotId=2495210711921&ghmsh_eids=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4005:814::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:18 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 06D3 0
17 B 270ms
270ms Ping
image/gif 2404:6800:4005:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lhj1slpn&c=4990421423842&slotId=2495210711921&ghmsh_eids=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4005:814::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:18 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 trackv4 Show response
track-selectmedia.com/ 0
17 B 161ms
161ms XHR
application/json 34.117.33.6
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://track-selectmedia.com/trackv4?bulkV3=true&version=1325&uuid=391c19c2-dbd4-4288-bbf0-1fb1e6d924d1
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 6.33.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cnvyl.katerionews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 11 May 2023 11:30:18 GMT
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: https://cnvyl.katerionews.com
allowedmethods: GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials: true
allowedheaders: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H3 204 trackv4
track-selectmedia.com/ Frame 0
0 147ms
146ms Preflight
application/json 34.117.33.6
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://track-selectmedia.com/trackv4?bulkV3=true&version=1325&uuid=391c19c2-dbd4-4288-bbf0-1fb1e6d924d1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 6.33.117.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://cnvyl.katerionews.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://cnvyl.katerionews.com
allowedheaders: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
allowedmethods: GET , POST , PUT , DELETE , OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json
date: Thu, 11 May 2023 11:30:18 GMT
referrer-policy: no-referrer-when-downgrade
via: 1.1 google

POST
H3 204 csi
csi.gstatic.com/ Frame 16DC 0
17 B 270ms
270ms Ping
image/gif 2404:6800:4005:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lhj1slr3&c=4990421423842&slotId=2495210711921&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=3&vhc=0&wta=1&ytext_viu=1&ytext_hd=0&ytext_vi=QvfuMoYA-Uk&hghme=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4005:814::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:18 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 /
track-selectmedia.com/trackv4/ 0
17 B 147ms
147ms Image
application/json 34.117.33.6
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track-selectmedia.com/trackv4/?d10=HU&d12=Chrome&d14=338X600&d19=10&d2=1683804300&d20=112.0.0&d23=tag_5f40f04e-17fa-49cf-ae12-28a8f5bc005c&d24=e1da33b2-5df6-46fc-a1b0-e9494976c808&d25=fee06c3e-0c86-4f3a-ae7d-b4a40c03835b&d3=413cb585-3a5f-47af-b38f-bfa872f9a666&d4=5cc8935c-b8e7-4e62-97fc-d3dc58e709bd&d5=cnvyl.katerionews.com&d8=1&d9=Windows&channelkey=dHMxPTVjYzg5MzVjLWI4ZTctNGU2Mi05N2ZjLWQzZGM1OGU3MDliZCZ0czI9MSZ0czM9MiZ0czQ9MQ==&d28=1325&d33=20&d34=-1&d35=1&d36=1&d37=1&d38=1&d40=20&d26=600x338&d27=1&adSourceKey=YWRzMT01OGZhNTNkNy0wMWFiLTQ3ZjItYTg1My03YWNhZjg5MjNhNDkmYWRzMj0xJmFkczM9MS41JmFkczQ9MCZhZHM2PTAmYWRzNz0xJmFkczg9ODlhYzk5NmEtNTA4ZC00YTkzLTgyZDYtNDcwZWVhYmQzNzc2JmFkczk9MA==&adsourceId=58fa53d7-01ab-47f2-a853-7acaf8923a49&cb=1683804618844-97ede1d8-47b0-47b5-b0d6-87119b6d12d6&e=4
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 6.33.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:18 GMT
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin
allowedmethods: GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials: true
allowedheaders: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 204 csi
csi.gstatic.com/ Frame FE98 0
17 B 270ms
270ms Ping
image/gif 2404:6800:4005:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lhj1slqa&c=4990421423842&slotId=2495210711921&ghmsh_eids=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=3&vhc=0&wta=1&ytext_viu=1&ytext_hd=0&ytext_vi=QvfuMoYA-Uk&hghme=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4005:814::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:19 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 /
track-selectmedia.com/trackv4/ 0
17 B 148ms
147ms Image
application/json 34.117.33.6
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track-selectmedia.com/trackv4/?d10=HU&d12=Chrome&d14=338X600&d19=10&d2=1683804300&d20=112.0.0&d23=tag_5f40f04e-17fa-49cf-ae12-28a8f5bc005c&d24=e1da33b2-5df6-46fc-a1b0-e9494976c808&d25=fee06c3e-0c86-4f3a-ae7d-b4a40c03835b&d3=413cb585-3a5f-47af-b38f-bfa872f9a666&d4=5cc8935c-b8e7-4e62-97fc-d3dc58e709bd&d5=cnvyl.katerionews.com&d8=1&d9=Windows&channelkey=dHMxPTVjYzg5MzVjLWI4ZTctNGU2Mi05N2ZjLWQzZGM1OGU3MDliZCZ0czI9MSZ0czM9MiZ0czQ9MQ==&d28=1325&d33=20&d34=-1&d35=1&d36=1&d37=1&d38=1&d40=20&d26=600x338&d27=1&adSourceKey=YWRzMT00ZDM3MDVmMC1hMDUwLTRmZmEtYTdjYy00YTA3N2ZlNWE1MTkmYWRzMj0xJmFkczM9MC41JmFkczQ9MCZhZHM2PTAmYWRzNz0xJmFkczg9ODlhYzk5NmEtNTA4ZC00YTkzLTgyZDYtNDcwZWVhYmQzNzc2JmFkczk9MA==&adsourceId=4d3705f0-a050-4ffa-a7cc-4a077fe5a519&cb=1683804618934-9ef2fdf2-d5c9-4187-aa29-af4be4f0cfd3&e=4
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 6.33.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:19 GMT
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin
allowedmethods: GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials: true
allowedheaders: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 204 csi
csi.gstatic.com/ Frame FE98 0
17 B 270ms
270ms Ping
image/gif 2404:6800:4005:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lhj1sn1s&c=4990421423842&slotId=2495210711921&qqid=CNbhnIGV7f4CFYvWdwodhdYMtw&gqid=ytFcZIfgF56TjuwPlYumqAw&fb=ima_html5-lima&sdkv=h.3.572.0&mrd=4&aab=1&itv=1&met.4=ghmsh_s.lhj1sn1u~ghmsh_s.lhj1sn1u&ghmsh_hd=1&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=720x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=2a3fqhYzXjQLOpHt
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4005:814::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:19 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FE98 0
0 47ms
46ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&lid=143&sdkv=h.3.572.0&e=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&id=ima_html5&c=1003782099767000&domain

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame FE98 453 B
478 B 14ms
13ms Image
image/png 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-video-pub-2930805104418204

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:21:48 GMT
x-content-type-options: nosniff
age: 510
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: image/png
cache-control: public, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 May 2023 12:11:48 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame FE98 42 B
64 B 51ms
51ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CyqHSytFcZNbUGout3wOFrbO4C_qvrcFwkZ-B2Y8RsJAfEAEg3aCKfGCVAqABk_i82gLIAQWpArhJv7UzZ7I-4AIAqAMBmAQAqgSjBE_QJHpHd1Mjw_rnotQhxyiODyWplfRTxMfEB-i53O3xud-OVtg5qd5d3OEhkCrc1Bebws4N8LSV42GyQsg3lxhD9NE__3mfooMNlBvUl6R1NxLhVPR_eCK2-n4AZvxOHZn0hhe26lkGkEnZ8bhEQpzGeBTG0EmWqvNQ95okJ6rhHqXk9jFmRcJ5AXKHZW17lVBqfpfb9qw0Lk2J_PXy52gk9bur7dC8qIlnhyWgK3piN6-uIgYlbnw1hmCQPDef9EsNzs2CYRf3bnfOEgbYDVvVALCAE8ncyW6S3K6TK1nIdsId28UsJUw-O846zsNBQKO1i4mbQdwRUCSaBA2cZ4hEfDmjeT6I1k-bEYtFIuzmSfD7QlCoytLtSMfDwnnp9uIiplKOWIkkY8ziPiTlKictGv-GoQwvJ0JpiRReG6YHQRKsT11DFiLkCAf7Q8aymGCbbWxgwSuDoSf0jN2s0JpFutzVzI0pxAA9iP3j7d26kAFAHnLXNRWiXU-QzBy1AAewUS0oAtVS7gyoV3eqOyQYVyfAdoGefdlFCQbh8R-pb4UENtzUv2urdRYIcfnfv1hge0_0QfaBaDmvUB6SXadZtlx2mLpAY1cOoymVYGyc2Oj3jxi1k0KndziDsTdZVMG6-tE6CyPqftrTcMPzha1ghD106QTN7yh9flAP_LT3Ls9LL9FkITE8HRcDEP-foi56T7F5eMZjDr6wQUIfeSpB6B3ABNu7q6aeBOAEAaAGVIAH1YfDpQGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcBqAgB0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOrEJl9iKqxE2dRGACgOYCwHICwHQCw64DAGaDQEO2BML0BUBmBYB4hYCCAH4FgGAFwE&sigh=eas2zZ-Q13E&label=show_ad&sdkv=h.3.572.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU4ODMyODc1MDk5MzIMNjQ3Njc2OTM1OTkyQKYEUiMQDyUAAHBBKAE6C1F2ZnVNb1lBLVVrQglnb29nbGVhZHNQABgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
pubads.g.doubleclick.net/pagead/ Frame FE98 0
0 52ms
52ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=CO68yytFcZNbUGout3wOFrbO4C_qvrcFwkZ-B2Y8RsJAfEAEg3aCKfGCVAqABk_i82gLIAQWpArhJv7UzZ7I-4AIAqAMBmAQAqgSgBE_QJHpHd1Mjw_rnotQhxyiODyWplfRTxMfEB-i53O3xud-OVtg5qd5d3OEhkCrc1Bebws4N8LSV42GyQsg3lxhD9NE__3mfooMNlBvUl6R1NxLhVPR_eCK2-n4AZvxOHZn0hhe26lkGkEnZ8bhEQpzGeBTG0EmWqvNQ95okJ6rhHqXk9jFmRcJ5AXKHZW17lVBqfpfb9qw0Lk2J_PXy52gk9bur7dC8qIlnhyWgK3piN6-uIgYlbnw1hmCQPDef9EsNzs2CYRf3bnfOEgbYDVvVALCAE8ncyW6S3K6TK1nIdsId28UsJUw-O846zsNBQKO1i4mbQdwRUCSaBA2cZ4hEfDmjeT6I1k-bEYtFIuzmSfD7QlCoytLtSMfDwnnp9uIiplKOWIkkY8ziPiTlKictGv-GoQwvJ0JpiRReG6YHQRKsT11DFiLkCAf7Q8aymGCbbWxgwSuDoSf0jN2s0JpFutzVzI0pxAA9iP3j7d26kAFAHnLXNRWiXU-QzBy1AAewUS0oAtVS7gyoV3eqOyQYVyfAdoGefdlFCQbh8R-pb4UENtzUv2urdRYIcfnfv1hge0_0QfaBaDmvUB6SXadZtlx2mLpAY1cOoymVYGyc2Oj3jxi1k0KndziDsTdZVMG6-tE6CyPqftrTcMPzha1ghD106QSV7rKI7cJZbhcCur6Ou_axiWXZnRkiGlKVjDaNjQEtnUzAJZKo4JKTCO_ABNu7q6aeBOAEAaAGVIAH1YfDpQGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAfIHBBCr_SCoCAHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDyAsBwhMGGJP4vNoC2BML0BUBmBYB4hYCCAGAFwGyFx4KHAgAEhRwdWItNjg2OTIyOTgwNjIzMjY3Nhimk3Y&sigh=MzPQZhJZFZc&cmd=Ch1jYS12aWRlby1wdWItMjkzMDgwNTEwNDQxODIwNBAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&cid=CAQSPABygQiDTPIptQbl0QfrssgmrxW_n1Q8JZdgg7P2GNboOmqwlMyCXxVy7DO3RjVpYy-auPsNFpTAELKWfhgB&vt=10&sdkv=h.3.572.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU4ODMyODc1MDk5MzIMNjQ3Njc2OTM1OTkyQKYEUiMQDyUAAHBBKAE6C1F2ZnVNb1lBLVVrQglnb29nbGVhZHNQABgB
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

POST
H3 204 csi
csi.gstatic.com/ 0
17 B 270ms
270ms Ping
image/gif 2404:6800:4005:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~lhj1sj6b&c=4990421423842&slotId=2495210711921&eee=missing-element&bi=missing-id
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4005:814::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:19 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content videoplayback
rr1---sn-5hne6nsk.googlevideo.com/ Frame F444 1 MB
1 MB 88ms
16ms Media
video/mp4 2a00:1450:400e:5::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr1---sn-5hne6nsk.googlevideo.com/videoplayback?expire=1683833418&ei=ytFcZLmlMcay1gK61J7ADg&ip=2a00:c98:2050:a007:2::14&id=42f7ee328600f949&itag=22&source=youtube&requiressl=yes&mh=mS&mm=31&mn=sn-5hne6nsk&ms=au&mv=m&mvi=1&pl=44&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.116&lmt=1675961074427261&mt=1683804315&txp=6318224&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIhAIYNEu5mGqrXTAxloA7-5_gkuZaEQhKzkgk81NdV0jTCAiBaL_lcwQUC_H5tVDr8ojoXQKRBzWYmZAuEXFYW5EO4dQ==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgLUpijyDvFHt5iU-zVW92LcXWQjS4PfiM2jdlHjbl2QoCIA8Tc8JSxShC7aIIs93aqpyeKvWI1P5D-NrhX253g_qx&cpn=2a3fqhYzXjQLOpHt

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:5::6 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

adf282c7f5d85f570718e97b32e0ac2cae5b5860ed4baea1aaf5ea82931bcb7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Range: bytes=0-

Response headers

Date: Thu, 11 May 2023 11:30:19 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 09 Feb 2023 16:44:34 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-1379111/1379112
Cache-Control: private, max-age=28499
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1379112
Expires: Thu, 11 May 2023 11:30:19 GMT

GET
H2 200 zxwk7krOl5 Show response
marazma.com/sub/ Frame 0314 233 B
607 B 82ms
43ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://marazma.com/sub/zxwk7krOl5
Requested by: Host: waaw.ac
URL: https://waaw.ac/player/embed_player.php?vpn=1&vid=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02c5f57a077940444e91a2e72b8cdeefb95ae3e30822371c8161be3f04d2bda4

Request headers

Referer: https://waaw.ac/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7c5a16d52d6218e4-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 11 May 2023 11:30:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5oqKLFzrH98e9%2FNroskn9jZLLu5KdgcCv31ZH0hCZnlBnsQtZ%2BQ8A8zB9gFgIcx9hEVHgjOU8jEL%2Bk%2BUAkeGR%2Bw21RRjRskBjOkBuyjNVMWc4dqixYTxoiwchunx8Kxulb0KXzN6YtArXA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H/1.1

200
OK

redirect Show response
xml.poprtb.com/ Frame 0314
Redirect Chain

https://marazma.com/load
https://xml.poprtb.com/redirect?feed=491010&auth=OpDJQF&pubid=152420

0
165 B

432ms
118ms

Document
text/plain

174.137.133.17
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to

Full URL: https://xml.poprtb.com/redirect?feed=491010&auth=OpDJQF&pubid=152420
Requested by: Host: waaw.ac
URL: https://waaw.ac/player/embed_player.php?vpn=1&vid=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.17 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://marazma.com
Referer: https://marazma.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 0
Cache-Control: no-store
Connection: keep-alive
Content-Length: 0
Date: Thu, 11 May 2023 11:30:19 GMT
Pragma: no-cache
Server: nginx

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7c5a16d57dd918e4-FRA
content-type: text/html; charset=utf-8
date: Thu, 11 May 2023 11:30:19 GMT
location: https://xml.poprtb.com/redirect?feed=491010&auth=OpDJQF&pubid=152420
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ClAZn2hAjDYSzmGmLi%2FsYRDNewp22XY0%2F9JgYAubTboqeNSV%2FI2mCb7wJnVjbay7cKUH2funjSDHptEKqbVihhjyViI2oP7FrZgVODdX38Viwb9cjnO2eD8ge%2FzjezKxifIOQx4onZseFw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame FE98 42 B
64 B 51ms
51ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CyqHSytFcZNbUGout3wOFrbO4C_qvrcFwkZ-B2Y8RsJAfEAEg3aCKfGCVAqABk_i82gLIAQWpArhJv7UzZ7I-4AIAqAMBmAQAqgSjBE_QJHpHd1Mjw_rnotQhxyiODyWplfRTxMfEB-i53O3xud-OVtg5qd5d3OEhkCrc1Bebws4N8LSV42GyQsg3lxhD9NE__3mfooMNlBvUl6R1NxLhVPR_eCK2-n4AZvxOHZn0hhe26lkGkEnZ8bhEQpzGeBTG0EmWqvNQ95okJ6rhHqXk9jFmRcJ5AXKHZW17lVBqfpfb9qw0Lk2J_PXy52gk9bur7dC8qIlnhyWgK3piN6-uIgYlbnw1hmCQPDef9EsNzs2CYRf3bnfOEgbYDVvVALCAE8ncyW6S3K6TK1nIdsId28UsJUw-O846zsNBQKO1i4mbQdwRUCSaBA2cZ4hEfDmjeT6I1k-bEYtFIuzmSfD7QlCoytLtSMfDwnnp9uIiplKOWIkkY8ziPiTlKictGv-GoQwvJ0JpiRReG6YHQRKsT11DFiLkCAf7Q8aymGCbbWxgwSuDoSf0jN2s0JpFutzVzI0pxAA9iP3j7d26kAFAHnLXNRWiXU-QzBy1AAewUS0oAtVS7gyoV3eqOyQYVyfAdoGefdlFCQbh8R-pb4UENtzUv2urdRYIcfnfv1hge0_0QfaBaDmvUB6SXadZtlx2mLpAY1cOoymVYGyc2Oj3jxi1k0KndziDsTdZVMG6-tE6CyPqftrTcMPzha1ghD106QTN7yh9flAP_LT3Ls9LL9FkITE8HRcDEP-foi56T7F5eMZjDr6wQUIfeSpB6B3ABNu7q6aeBOAEAaAGVIAH1YfDpQGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcBqAgB0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOrEJl9iKqxE2dRGACgOYCwHICwHQCw64DAGaDQEO2BML0BUBmBYB4hYCCAH4FgGAFwE&sigh=eas2zZ-Q13E&label=video_ad_loaded&sdkv=h.3.572.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU4ODMyODc1MDk5MzIMNjQ3Njc2OTM1OTkyQKYEUiMQDyUAAKBBKAE6C1F2ZnVNb1lBLVVrQglnb29nbGVhZHNQABgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Oy6hyfNY.js Show response
tpc.googlesyndication.com/sodar/ Frame FE98 41 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 18:07:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62557
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15406
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 May 2024 18:07:42 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FE98 0
0 48ms
48ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?evt=showui&format=TRUEVIEW&lid=143&sdkv=h.3.572.0&e=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&id=ima_html5&c=1003782099767000&domain

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
pubads.g.doubleclick.net/pagead/ Frame FE98 0
0 57ms
57ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=CO68yytFcZNbUGout3wOFrbO4C_qvrcFwkZ-B2Y8RsJAfEAEg3aCKfGCVAqABk_i82gLIAQWpArhJv7UzZ7I-4AIAqAMBmAQAqgSgBE_QJHpHd1Mjw_rnotQhxyiODyWplfRTxMfEB-i53O3xud-OVtg5qd5d3OEhkCrc1Bebws4N8LSV42GyQsg3lxhD9NE__3mfooMNlBvUl6R1NxLhVPR_eCK2-n4AZvxOHZn0hhe26lkGkEnZ8bhEQpzGeBTG0EmWqvNQ95okJ6rhHqXk9jFmRcJ5AXKHZW17lVBqfpfb9qw0Lk2J_PXy52gk9bur7dC8qIlnhyWgK3piN6-uIgYlbnw1hmCQPDef9EsNzs2CYRf3bnfOEgbYDVvVALCAE8ncyW6S3K6TK1nIdsId28UsJUw-O846zsNBQKO1i4mbQdwRUCSaBA2cZ4hEfDmjeT6I1k-bEYtFIuzmSfD7QlCoytLtSMfDwnnp9uIiplKOWIkkY8ziPiTlKictGv-GoQwvJ0JpiRReG6YHQRKsT11DFiLkCAf7Q8aymGCbbWxgwSuDoSf0jN2s0JpFutzVzI0pxAA9iP3j7d26kAFAHnLXNRWiXU-QzBy1AAewUS0oAtVS7gyoV3eqOyQYVyfAdoGefdlFCQbh8R-pb4UENtzUv2urdRYIcfnfv1hge0_0QfaBaDmvUB6SXadZtlx2mLpAY1cOoymVYGyc2Oj3jxi1k0KndziDsTdZVMG6-tE6CyPqftrTcMPzha1ghD106QSV7rKI7cJZbhcCur6Ou_axiWXZnRkiGlKVjDaNjQEtnUzAJZKo4JKTCO_ABNu7q6aeBOAEAaAGVIAH1YfDpQGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAfIHBBCr_SCoCAHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDyAsBwhMGGJP4vNoC2BML0BUBmBYB4hYCCAGAFwGyFx4KHAgAEhRwdWItNjg2OTIyOTgwNjIzMjY3Nhimk3Y&sigh=MzPQZhJZFZc&cmd=Ch1jYS12aWRlby1wdWItMjkzMDgwNTEwNDQxODIwNBAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&cid=CAQSPABygQiDTPIptQbl0QfrssgmrxW_n1Q8JZdgg7P2GNboOmqwlMyCXxVy7DO3RjVpYy-auPsNFpTAELKWfhgB&sdkv=h.3.572.0
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame FE98 42 B
64 B 52ms
51ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CQVzpytFcZNbUGout3wOFrbO4C_qvrcFwkZ-B2Y8RsJAfEAEg3aCKfGCVAqABk_i82gLIAQWpArhJv7UzZ7I-4AIAqAMBmAQAqgSgBE_QJHpHd1Mjw_rnotQhxyiODyWplfRTxMfEB-i53O3xud-OVtg5qd5d3OEhkCrc1Bebws4N8LSV42GyQsg3lxhD9NE__3mfooMNlBvUl6R1NxLhVPR_eCK2-n4AZvxOHZn0hhe26lkGkEnZ8bhEQpzGeBTG0EmWqvNQ95okJ6rhHqXk9jFmRcJ5AXKHZW17lVBqfpfb9qw0Lk2J_PXy52gk9bur7dC8qIlnhyWgK3piN6-uIgYlbnw1hmCQPDef9EsNzs2CYRf3bnfOEgbYDVvVALCAE8ncyW6S3K6TK1nIdsId28UsJUw-O846zsNBQKO1i4mbQdwRUCSaBA2cZ4hEfDmjeT6I1k-bEYtFIuzmSfD7QlCoytLtSMfDwnnp9uIiplKOWIkkY8ziPiTlKictGv-GoQwvJ0JpiRReG6YHQRKsT11DFiLkCAf7Q8aymGCbbWxgwSuDoSf0jN2s0JpFutzVzI0pxAA9iP3j7d26kAFAHnLXNRWiXU-QzBy1AAewUS0oAtVS7gyoV3eqOyQYVyfAdoGefdlFCQbh8R-pb4UENtzUv2urdRYIcfnfv1hge0_0QfaBaDmvUB6SXadZtlx2mLpAY1cOoymVYGyc2Oj3jxi1k0KndziDsTdZVMG6-tE6CyPqftrTcMPzha1ghD106QSV7rKI7cJZbhcCur6Ou_axiWXZnRkiGlKVjDaNjQEtnUzAJZKo4JKTCO_ABNu7q6aeBOAEAaAGVIAH1YfDpQGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcBqAgB0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA8gLAdgTC9AVAZgWAeIWAggB-BYBgBcB&sigh=Yo9lsrRgB2M&cmd=Ch1jYS12aWRlby1wdWItMjkzMDgwNTEwNDQxODIwNBAAGAI&label=vast_creativeview&ad_mt=0&acvw=sv%3D951%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15046%26vmtime%3D-1%26is%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D3884%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D417832637%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D5222%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1683804618950&sdkv=h.3.572.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU4ODMyODc1MDk5MzIMNjQ3Njc2OTM1OTkyQKYEUiYQDyUAAKBBKAE6C1F2ZnVNb1lBLVVrQglnb29nbGVhZHNItAFQABgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame FE98 42 B
64 B 120ms
119ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstOLWfodwuT8O6rlix5tq2opalNJDGYtrSP5NaaW3ZRe1lEhlg8oFjQH48c0ElkaI0AM35uyXYfzTz4qxGd3cpZoy-me6yMGM-ZusqreHAixUneBhNIrODWaGcVZ6ib0aAUqgUL2A&sai=AMfl-YQbS1d5BEVMSBTHL6RGPqSt-MrKbVoKZ279jPUufYcT2AZE7hKeAFgxB4WpjEAECj2xMmLw_ODFEDLr5yJt15JhbPI0wozV3v6hb3fBzQsxzvl6R8HQMSQUPCCn&sig=Cg0ArKJSzLAjWwTLk5XsEAE&cid=CAQSPABygQiDTPIptQbl0QfrssgmrxW_n1Q8JZdgg7P2GNboOmqwlMyCXxVy7DO3RjVpYy-auPsNFpTAELKWfhgB&id=lidarv&acvw=sv%3D951%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15046%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D3884%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D417832637%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D5223%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1683804618950&avm=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame FE98 42 B
64 B 54ms
53ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CQVzpytFcZNbUGout3wOFrbO4C_qvrcFwkZ-B2Y8RsJAfEAEg3aCKfGCVAqABk_i82gLIAQWpArhJv7UzZ7I-4AIAqAMBmAQAqgSgBE_QJHpHd1Mjw_rnotQhxyiODyWplfRTxMfEB-i53O3xud-OVtg5qd5d3OEhkCrc1Bebws4N8LSV42GyQsg3lxhD9NE__3mfooMNlBvUl6R1NxLhVPR_eCK2-n4AZvxOHZn0hhe26lkGkEnZ8bhEQpzGeBTG0EmWqvNQ95okJ6rhHqXk9jFmRcJ5AXKHZW17lVBqfpfb9qw0Lk2J_PXy52gk9bur7dC8qIlnhyWgK3piN6-uIgYlbnw1hmCQPDef9EsNzs2CYRf3bnfOEgbYDVvVALCAE8ncyW6S3K6TK1nIdsId28UsJUw-O846zsNBQKO1i4mbQdwRUCSaBA2cZ4hEfDmjeT6I1k-bEYtFIuzmSfD7QlCoytLtSMfDwnnp9uIiplKOWIkkY8ziPiTlKictGv-GoQwvJ0JpiRReG6YHQRKsT11DFiLkCAf7Q8aymGCbbWxgwSuDoSf0jN2s0JpFutzVzI0pxAA9iP3j7d26kAFAHnLXNRWiXU-QzBy1AAewUS0oAtVS7gyoV3eqOyQYVyfAdoGefdlFCQbh8R-pb4UENtzUv2urdRYIcfnfv1hge0_0QfaBaDmvUB6SXadZtlx2mLpAY1cOoymVYGyc2Oj3jxi1k0KndziDsTdZVMG6-tE6CyPqftrTcMPzha1ghD106QSV7rKI7cJZbhcCur6Ou_axiWXZnRkiGlKVjDaNjQEtnUzAJZKo4JKTCO_ABNu7q6aeBOAEAaAGVIAH1YfDpQGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcBqAgB0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA8gLAdgTC9AVAZgWAeIWAggB-BYBgBcB&sigh=Yo9lsrRgB2M&cmd=Ch1jYS12aWRlby1wdWItMjkzMDgwNTEwNDQxODIwNBAAGAI&label=part2viewed&ad_mt=0&acvw=sv%3D951%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15046%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D3884%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D417832637%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D5223%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1683804618950&sdkv=h.3.572.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU4ODMyODc1MDk5MzIMNjQ3Njc2OTM1OTkyQKYEUiYQDyUAAKBBKAE6C1F2ZnVNb1lBLVVrQglnb29nbGVhZHNItAFQABgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame FE98 42 B
64 B 52ms
52ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CQVzpytFcZNbUGout3wOFrbO4C_qvrcFwkZ-B2Y8RsJAfEAEg3aCKfGCVAqABk_i82gLIAQWpArhJv7UzZ7I-4AIAqAMBmAQAqgSgBE_QJHpHd1Mjw_rnotQhxyiODyWplfRTxMfEB-i53O3xud-OVtg5qd5d3OEhkCrc1Bebws4N8LSV42GyQsg3lxhD9NE__3mfooMNlBvUl6R1NxLhVPR_eCK2-n4AZvxOHZn0hhe26lkGkEnZ8bhEQpzGeBTG0EmWqvNQ95okJ6rhHqXk9jFmRcJ5AXKHZW17lVBqfpfb9qw0Lk2J_PXy52gk9bur7dC8qIlnhyWgK3piN6-uIgYlbnw1hmCQPDef9EsNzs2CYRf3bnfOEgbYDVvVALCAE8ncyW6S3K6TK1nIdsId28UsJUw-O846zsNBQKO1i4mbQdwRUCSaBA2cZ4hEfDmjeT6I1k-bEYtFIuzmSfD7QlCoytLtSMfDwnnp9uIiplKOWIkkY8ziPiTlKictGv-GoQwvJ0JpiRReG6YHQRKsT11DFiLkCAf7Q8aymGCbbWxgwSuDoSf0jN2s0JpFutzVzI0pxAA9iP3j7d26kAFAHnLXNRWiXU-QzBy1AAewUS0oAtVS7gyoV3eqOyQYVyfAdoGefdlFCQbh8R-pb4UENtzUv2urdRYIcfnfv1hge0_0QfaBaDmvUB6SXadZtlx2mLpAY1cOoymVYGyc2Oj3jxi1k0KndziDsTdZVMG6-tE6CyPqftrTcMPzha1ghD106QSV7rKI7cJZbhcCur6Ou_axiWXZnRkiGlKVjDaNjQEtnUzAJZKo4JKTCO_ABNu7q6aeBOAEAaAGVIAH1YfDpQGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcBqAgB0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA8gLAdgTC9AVAZgWAeIWAggB-BYBgBcB&sigh=Yo9lsrRgB2M&cmd=Ch1jYS12aWRlby1wdWItMjkzMDgwNTEwNDQxODIwNBAAGAI&label=admute&ad_mt=0&acvw=sv%3D951%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D9%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D9%26pst%3D-1%26dur%3D15046%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D9%26is%3D33554450%26i0%3D33554450%26ic%3D4096%26cs%3D33558546%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D3884%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D417832637%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D5226%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1683804618950&sdkv=h.3.572.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU4ODMyODc1MDk5MzIMNjQ3Njc2OTM1OTkyQKYEUiYQDyUAAKBBKAE6C1F2ZnVNb1lBLVVrQglnb29nbGVhZHNItAFQABgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 /
track-selectmedia.com/trackv4/ 0
17 B 149ms
148ms Image
application/json 34.117.33.6
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track-selectmedia.com/trackv4/?d10=HU&d12=Chrome&d14=338X600&d19=10&d2=1683804300&d20=112.0.0&d23=tag_5f40f04e-17fa-49cf-ae12-28a8f5bc005c&d24=e1da33b2-5df6-46fc-a1b0-e9494976c808&d25=fee06c3e-0c86-4f3a-ae7d-b4a40c03835b&d3=413cb585-3a5f-47af-b38f-bfa872f9a666&d4=5cc8935c-b8e7-4e62-97fc-d3dc58e709bd&d5=cnvyl.katerionews.com&d8=1&d9=Windows&channelkey=dHMxPTVjYzg5MzVjLWI4ZTctNGU2Mi05N2ZjLWQzZGM1OGU3MDliZCZ0czI9MSZ0czM9MiZ0czQ9MQ==&d28=1325&d33=20&d34=-1&d35=1&d36=1&d37=1&d38=1&d40=20&d26=600x338&d27=1&adSourceKey=YWRzMT00ZDM3MDVmMC1hMDUwLTRmZmEtYTdjYy00YTA3N2ZlNWE1MTkmYWRzMj0xJmFkczM9MC41JmFkczQ9MCZhZHM2PTAmYWRzNz0xJmFkczg9ODlhYzk5NmEtNTA4ZC00YTkzLTgyZDYtNDcwZWVhYmQzNzc2JmFkczk9MA==&d30=20&adsourceId=4d3705f0-a050-4ffa-a7cc-4a077fe5a519&cb=1683804619143-f9439b55-b107-47d8-9046-63676ad73b01&e=5
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 6.33.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:19 GMT
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin
allowedmethods: GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials: true
allowedheaders: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 204 /
track-selectmedia.com/trackv4/ 0
17 B 147ms
146ms Image
application/json 34.117.33.6
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track-selectmedia.com/trackv4/?d10=HU&d12=Chrome&d14=338X600&d19=10&d2=1683804300&d20=112.0.0&d23=tag_5f40f04e-17fa-49cf-ae12-28a8f5bc005c&d24=e1da33b2-5df6-46fc-a1b0-e9494976c808&d25=fee06c3e-0c86-4f3a-ae7d-b4a40c03835b&d3=413cb585-3a5f-47af-b38f-bfa872f9a666&d4=5cc8935c-b8e7-4e62-97fc-d3dc58e709bd&d5=cnvyl.katerionews.com&d8=1&d9=Windows&channelkey=dHMxPTVjYzg5MzVjLWI4ZTctNGU2Mi05N2ZjLWQzZGM1OGU3MDliZCZ0czI9MSZ0czM9MiZ0czQ9MQ==&d28=1325&d33=20&d34=-1&d35=1&d36=1&d37=1&d38=1&d40=20&d26=600x338&d27=1&adSourceKey=YWRzMT00ZDM3MDVmMC1hMDUwLTRmZmEtYTdjYy00YTA3N2ZlNWE1MTkmYWRzMj0xJmFkczM9MC41JmFkczQ9MCZhZHM2PTAmYWRzNz0xJmFkczg9ODlhYzk5NmEtNTA4ZC00YTkzLTgyZDYtNDcwZWVhYmQzNzc2JmFkczk9MA==&adsourceId=4d3705f0-a050-4ffa-a7cc-4a077fe5a519&cb=1683804619143-1800f0eb-1efa-4d66-8f36-56b5f262b925&e=6
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 6.33.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:19 GMT
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin
allowedmethods: GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials: true
allowedheaders: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 204 /
track-selectmedia.com/trackv4/ 0
17 B 148ms
148ms Image
application/json 34.117.33.6
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track-selectmedia.com/trackv4/?d10=HU&d12=Chrome&d14=338X600&d19=10&d2=1683804300&d20=112.0.0&d23=tag_5f40f04e-17fa-49cf-ae12-28a8f5bc005c&d24=e1da33b2-5df6-46fc-a1b0-e9494976c808&d25=fee06c3e-0c86-4f3a-ae7d-b4a40c03835b&d3=413cb585-3a5f-47af-b38f-bfa872f9a666&d4=5cc8935c-b8e7-4e62-97fc-d3dc58e709bd&d5=cnvyl.katerionews.com&d8=1&d9=Windows&channelkey=dHMxPTVjYzg5MzVjLWI4ZTctNGU2Mi05N2ZjLWQzZGM1OGU3MDliZCZ0czI9MSZ0czM9MiZ0czQ9MQ==&d28=1325&d33=20&d34=-1&d35=1&d36=1&d37=1&d38=1&d40=20&adSourceKey=YWRzMT00ZDM3MDVmMC1hMDUwLTRmZmEtYTdjYy00YTA3N2ZlNWE1MTkmYWRzMj0xJmFkczM9MC41JmFkczQ9MCZhZHM2PTAmYWRzNz0xJmFkczg9ODlhYzk5NmEtNTA4ZC00YTkzLTgyZDYtNDcwZWVhYmQzNzc2JmFkczk9MA==&adsourceId=4d3705f0-a050-4ffa-a7cc-4a077fe5a519&cb=1683804619148-7c7124af-8b27-46c0-83cd-03661411c3a6&e=11
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 6.33.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:19 GMT
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin
allowedmethods: GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials: true
allowedheaders: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 hhrtBw21.html Show response
tpc.googlesyndication.com/sodar/ Frame 192A 23 KB
9 KB 14ms
14ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/hhrtBw21.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 218346
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 08 May 2023 22:51:13 GMT
expires: Tue, 07 May 2024 22:51:13 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js Show response
pagead2.googlesyndication.com/bg/ Frame 192A 37 KB
14 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f9f8b52529681e544fbc3f8adcaa0841fb3e9b96904c64e34937b264243bfd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 08 May 2023 23:41:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 215324
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14670
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 May 2024 23:41:35 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ Frame 4171 43 B
187 B 182ms
47ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: videocdnmetrika.com
URL: https://videocdnmetrika.com/f.php?sid=212040&rand=962215149

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://videocdnmetrika.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:19 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 05 May 2023 15:14:23 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6454f31f-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 11 May 2023 12:30:19 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/90175160/ Frame 4171
Redirect Chain

https://mc.yandex.ru/watch/90175160?wmode=7&page-url=https%3A%2F%2Fvideocdnmetrika.com%2Ff.php%3Fsid%3D212040%26rand%3D962215149&page-ref=https%3A%2F%2Ftestingmetriksbre.ru%2F&charset=utf-8&uah=chm...
https://mc.yandex.ru/watch/90175160/1?wmode=7&page-url=https%3A%2F%2Fvideocdnmetrika.com%2Ff.php%3Fsid%3D212040%26rand%3D962215149&page-ref=https%3A%2F%2Ftestingmetriksbre.ru%2F&charset=utf-8&uah=c...

435 B
518 B

49ms
49ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/90175160/1?wmode=7&page-url=https%3A%2F%2Fvideocdnmetrika.com%2Ff.php%3Fsid%3D212040%26rand%3D962215149&page-ref=https%3A%2F%2Ftestingmetriksbre.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73idgcr0qjmn%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1031%3Acn%3A1%3Adp%3A0%3Als%3A1363909227936%3Ahid%3A281849956%3Az%3A0%3Ai%3A20230511113019%3Aet%3A1683804619%3Ac%3A1%3Arn%3A135239553%3Arqn%3A1%3Au%3A1683804619991603999%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A9%2C17%2C78%2C0%2C1%2C0%2C%2C12%2C0%2C%2C%2C%2C120%3Aco%3A0%3Acpf%3A1%3Ans%3A1683804618165%3Arqnl%3A1%3Ast%3A1683804619%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: videocdnmetrika.com
URL: https://videocdnmetrika.com/f.php?sid=212040&rand=962215149

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

a6c16d5905eb972346e6987d421d0a01eedd8cba5c9bb4aca5f82dd2ef76f58f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://videocdnmetrika.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Thu, 11-May-2023 11:30:19 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://videocdnmetrika.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 435
x-xss-protection: 1; mode=block
expires: Thu, 11-May-2023 11:30:19 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:19 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 11-May-2023 11:30:19 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/90175160/1?wmode=7&page-url=https%3A%2F%2Fvideocdnmetrika.com%2Ff.php%3Fsid%3D212040%26rand%3D962215149&page-ref=https%3A%2F%2Ftestingmetriksbre.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73idgcr0qjmn%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1031%3Acn%3A1%3Adp%3A0%3Als%3A1363909227936%3Ahid%3A281849956%3Az%3A0%3Ai%3A20230511113019%3Aet%3A1683804619%3Ac%3A1%3Arn%3A135239553%3Arqn%3A1%3Au%3A1683804619991603999%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A9%2C17%2C78%2C0%2C1%2C0%2C%2C12%2C0%2C%2C%2C%2C120%3Aco%3A0%3Acpf%3A1%3Ans%3A1683804618165%3Arqnl%3A1%3Ast%3A1683804619%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://videocdnmetrika.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 11-May-2023 11:30:19 GMT

GET
H2 204 playback
www.youtube.com/api/stats/ Frame FE98 0
0 109ms
23ms Image
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/api/stats/playback?ns=yt&fexp=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&el=adunit&cpn=2a3fqhYzXjQLOpHt&docid=QvfuMoYA-Uk&visitordata=Cgt1cFZVWmNTZW5HSQ%253D%253D&of=-_xhI4eL4MjOL53E0nwGhA&ver=2&cmt=0.207&fmt=18&rt=0.000&adformat=2_2_1&euri&len=15.047&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=113.0.5672.92&cos=Win32&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=13&rtn=10
Requested by: Host: cnvyl.katerionews.com
URL: https://cnvyl.katerionews.com/hot-news/?data=def50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 192A 0
20 B 55ms
54ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.572.0&bgai=BLZAcytFcZNbUGout3wOFrbO4CwAAAAA4AboFEwiH7ZmBle3-AhWeiYMHHZWFCcU&bg=!kpGlkcXNAAYldGN0BXQ7ADkAdvg8WhimVLOlNxJmqvxC_6QmTfCMYAqAVChBdEAZasdoWgBb_NbqLFb9kUs6aiVmK8Xc61fmdYMCAAAAjVIAAAACaAEHCgDtyAkmpEJ2X9xLEriLRR-JDEsdR2WbLqrNSygHJNhuX4-Myby9lqMlMreeeaBofOBQAUfZzmB9ivDxmtje_urbGq5fo36_2b2cuJW_XzWkDYbWKg3WG7jXNzRLs0CGKCKhzgJBKYRwfSdalwuh_VEhZazCRhI4oNrQk6TupK27u7vm_JptiKqinn7l55oTw8_wjeuzop7dnDC1znVyfEIOStteYWikU-miMHvVHE-TVUgS0qislJi6reBr5iYOtjDbOg7JkgvctyvBt6sSLW9F6D_6i43CvN2rBthCw4Z6Ik9mguj7nKvRamF1nx2pmQJfVaKDRU5fzHzb51eHEBaCxhMZXTK2ZPxmvie7B8K85Sj_PMBfg5Jj_BoJCydS9UaLu-DgK1jEdWYzmVV0xYA1A2LG9LrwABF9R9CWl7Y-FvXtDsKjY1cTUf3yTnczqdsS3FfnkEnyg4nfkWEzb8hrrGuuizBJG8NbJd-CCnqk2d8efzgJROJysdcAfk12NvZfI56C7O6QeBcL-9UZnzS9G722ip3PW8TsNWqjLJiQQVtJzcYZm1n9hsrImv0-jkpVRDQ0imIwxLp_-XYvEOAGHWfIJ3fdijKTy3ehhPfz8rPI56gf_-m6HRRzhn3PKXmeFknfL_UZUlHk33FNup0qNm8aNT_lIzgwuA8z4V4d5aRVYQu6H4A76I6R6vybZIxY7XpTkS2LZXn9CSX7_V7jmeGjLG2VnBd1A4sUWPXWPYlxH16Gg86TFvRPcODEiRd9RQipiNz3IohR6jNLqSiXA_F7tNvH5MHzeze9e4uKbbi2-RrlTuFiCCC2OIgvE4woomlSuVqGsio3x8bI1joGDqyDDbxZxi6E7LH9_lyon4Akt0YO4-sxczMc1cQsXXgxkgYX4Fzdgb54ai706YcMTW2Bmzegh4RaE66hPcvv_vpulqzmccoLHXL_SWdwrb-pOBEIf0FAAB2pP1Cnw9LexaH5hkALNr8WCt87Plcwvg7scTbYcJ0LQ9qVi8Cc8VR71TbTCAD5rwHDOMXA_5EEET1t-P_45mUgA_cTYnX1FI0m31d_srLyLbYkYabhWckovKClcwdnasYxPsmiyh8ACGGy5Lst8MbjkcnHRt3Ypg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 trackv4 Show response
track-selectmedia.com/ 0
17 B 195ms
195ms XHR
application/json 34.117.33.6
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://track-selectmedia.com/trackv4?bulkV3=true&version=1325&uuid=2255a283-27b5-4809-845b-9abff8f934f4
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/test/selectmedia-player.umd.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 6.33.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cnvyl.katerionews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 11 May 2023 11:30:19 GMT
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: https://cnvyl.katerionews.com
allowedmethods: GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials: true
allowedheaders: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H3 204 trackv4
track-selectmedia.com/ Frame 0
0 147ms
147ms Preflight
application/json 34.117.33.6
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://track-selectmedia.com/trackv4?bulkV3=true&version=1325&uuid=2255a283-27b5-4809-845b-9abff8f934f4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 6.33.117.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://cnvyl.katerionews.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://cnvyl.katerionews.com
allowedheaders: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
allowedmethods: GET , POST , PUT , DELETE , OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json
date: Thu, 11 May 2023 11:30:19 GMT
referrer-policy: no-referrer-when-downgrade
via: 1.1 google

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame FE98 42 B
64 B 124ms
123ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstOLWfodwuT8O6rlix5tq2opalNJDGYtrSP5NaaW3ZRe1lEhlg8oFjQH48c0ElkaI0AM35uyXYfzTz4qxGd3cpZoy-me6yMGM-ZusqreHAixUneBhNIrODWaGcVZ6ib0aAUqgUL2A&sai=AMfl-YQbS1d5BEVMSBTHL6RGPqSt-MrKbVoKZ279jPUufYcT2AZE7hKeAFgxB4WpjEAECj2xMmLw_ODFEDLr5yJt15JhbPI0wozV3v6hb3fBzQsxzvl6R8HQMSQUPCCn&sig=Cg0ArKJSzLAjWwTLk5XsEAE&cid=CAQSPABygQiDTPIptQbl0QfrssgmrxW_n1Q8JZdgg7P2GNboOmqwlMyCXxVy7DO3RjVpYy-auPsNFpTAELKWfhgB&id=lidarv&acvw=sv%3D951%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D20,500,358,1100%26tos%3D2039,0,0,0,0%26mtos%3D2039,2039,2039,2039,2039%26amtos%3D0,0,0,0,0%26mcvt%3D2039%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2271%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D639%26pst%3D433%26dur%3D15046%26vmtime%3D2067%26dtos%3D2039%26dtoss%3D1%26dvs%3D2039%26dfvs%3D2039%26dvpt%3D2262%26is%3D33554707%26i0%3D33554450%26ic%3D16777473%26cs%3D50336019%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D3884%26femvt%3D0%26emc%3D13%26emuc%3D0%26emb%3D11,0,0,0,0%26avms%3Dexc%26qi%3D417832637%26psm%3D-2147483641%26psv%3D7%26psfv%3D7%26psa%3D0%26ptlt%3D7489%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,2039,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.1%26t%3D1683804618950

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 60ms
60ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305090101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js?cb=31074489

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3eb6fc6570eb72553d95f3296a8f04fa2b8d7e0a6027430e733a29ce9ab864a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11173
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame EB12 15 KB
6 KB 15ms
15ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=cnvyl.katerionews.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.134.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://cnvyl.katerionews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 11 May 2023 11:30:22 GMT
server: Kestrel
server-processing-duration-in-ticks: 359304
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame EB12
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=katerionews.com&sn=ChromeSyncframe&so=0&topUrl=cnvyl.katerionews.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=gDGaw3xKREh3d3FHSlFXNThSSkpRNkdHZGh4cVBFVVp6V0hVNTBpTUl2VVMyYzVGZjIyN2dVT3ZwRjQ1RkwvaW9QbWtxNjZ5cHllS1E4K3BSU0xQVTArNFZPS2FWSlZaMCsxblJ4UlVvQWQvS01QN2hxeExobDBXdkJhTH...

431 B
653 B

197ms
18ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=gDGaw3xKREh3d3FHSlFXNThSSkpRNkdHZGh4cVBFVVp6V0hVNTBpTUl2VVMyYzVGZjIyN2dVT3ZwRjQ1RkwvaW9QbWtxNjZ5cHllS1E4K3BSU0xQVTArNFZPS2FWSlZaMCsxblJ4UlVvQWQvS01QN2hxeExobDBXdkJhTHNhbzAwM3FPbDQ2R3BwaVlxbVcxWjhDdWZYbGpPeDFyV1RTZk9Db1orRW9XaTBJN2dOem92Und2R0NDaG5CWWJ1TmdRbTVmTGs3ZEtMMDh5bzJTbFJiQ2xPQ0dHWjhFcDk2SS84V2hlbUYraG5RTUYreExhMzU0RFNjeGJueGxPUGJsS2NaZVRENUpOVExkVzZiNGpmSXhtdFBMNVh1T2tXTmE1TFY2ZCsrd1QrVy9hNEx4bz18&cppv=2

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b81124b4c03628467c46e0c6bedd9c23ebd285df7d481f65c0c90a3de3f5a3ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:21 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1736862
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:22 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=gDGaw3xKREh3d3FHSlFXNThSSkpRNkdHZGh4cVBFVVp6V0hVNTBpTUl2VVMyYzVGZjIyN2dVT3ZwRjQ1RkwvaW9QbWtxNjZ5cHllS1E4K3BSU0xQVTArNFZPS2FWSlZaMCsxblJ4UlVvQWQvS01QN2hxeExobDBXdkJhTHNhbzAwM3FPbDQ2R3BwaVlxbVcxWjhDdWZYbGpPeDFyV1RTZk9Db1orRW9XaTBJN2dOem92Und2R0NDaG5CWWJ1TmdRbTVmTGs3ZEtMMDh5bzJTbFJiQ2xPQ0dHWjhFcDk2SS84V2hlbUYraG5RTUYreExhMzU0RFNjeGJueGxPUGJsS2NaZVRENUpOVExkVzZiNGpmSXhtdFBMNVh1T2tXTmE1TFY2ZCsrd1QrVy9hNEx4bz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 361037
content-length: 0
expires: 0

GET sodar2.js
tpc.googlesyndication.com/sodar/ 0
0

POST
H/1.1 200
OK / Show response
pebed.dm-event.net/ Frame 9A03 15 B
363 B 37ms
37ms XHR
application/json 188.65.124.59
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL: https://pebed.dm-event.net/
Requested by: Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.photon_vendor.4581297c3e0fb53a3eb4.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.65.124.59 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS: ebed2.dm.gg
Software: edward-ed/2.2.1 /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Accept: application/json, text/plain, */*
Referer: https://geo.dailymotion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

Date: Thu, 11 May 2023 11:30:22 GMT
Server: edward-ed/2.2.1
Access-Control-Max-Age: 604800
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length: 15

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
465 B 53ms
52ms XHR
text/javascript 52.222.253.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fcnvyl.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b&pr=https%3A%2F%2Fwaaw.ac%2F&pid=HCNaUmmuFcHEY&cb=1&ws=1600x1200&v=23.505.1627&t=1900&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1683804622999-0%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22%2F21939239661%2C22893780809%2Fapl%2Faplmcm%2Fdynamic%2Fadx22893379435%22%7D%5D&sg=%7B%22ortb2%22%3A%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22browsers%22%3A%5B%5D%7D%7D%7D%7D&schain=1.0%2C1!adipolo.com%2C22893780809%2C1%2C%2C%2C&pubid=00ed17ab-4189-4639-9d5e-15acd40affde&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.253.136 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:23 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P3
x-amz-rid: QTBDH5RM2ZRTPKKR13K1
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://cnvyl.katerionews.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 988BCqSE1p6bhY5TAMphqbdT2xb2Jva_2OeBJy5o5MfooLUkjYcE1w==

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 23ms
22ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=cnvyl.katerionews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js?cb=31074489

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 27ms
27ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cnvyl.katerionews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js?cb=31074489

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 23 KB
11 KB 238ms
238ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=556442471277437&correlator=2646937912359299&hxva=1&scor=2565836025110748&eid=31072019%2C31072878%2C31074371%2C31074489%2C31068366&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fifs&iu_parts=21939239661%3A22893780809%2Capl%2Caplmcm%2Cdynamic%2Cadx22893379435&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=160x600&ifi=2&adks=344632558&didk=1597312050&sfv=1-0-40&prev_scp=refresh%3Dtrue%26test%3Devent%26hb_rfBid%3D0%26amznbid%3D1%26amznp%3D1%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3Db679b9b9d5fda808-22e199fec8dd0036%3AT%3D1683804613%3ART%3D1683804615%3AS%3DALNI_MaFP-Mowe6HlF_6scNdoNCdZGdGGA&gpic=UID%3D00000bf97ea5ad88%3AT%3D1683804613%3ART%3D1683804613%3AS%3DALNI_MZWK5e_uYbhC-dT_U-D2_xkjB9wTA&abxe=1&dt=1683804623013&lmt=1683804623&dlt=1683804612163&idt=577&adxs=-160&adys=311&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fcnvyl.katerionews.com%2Fhot-news%2F%3Fdata%3Ddef50200a8d3f6817e8d8ffd1894ab60f8af712e60673425ab6a0a68ff040c6077a06baead14a9596bf4248be8d46572a3c00055ab9f2af10f2729fd5d299128f3254b64e75f20db64ed6070f449fb1f73917a5278498d3f0f1e25ed54b55ec4ca589182bd64fd9b839c98e91fd53fc6ef1ba4a45cbbd23c9c056ceb569fa7105efd1d0f88506434c91f8421f4c651f158afa5cfbea493e8f9a5eb5fff37d821fb863f6969a748db4fef270752b4ce7ee4b8cbe4343e46f66a9a8d72a732c7fae65ce5d98d3f0d9a72e3b6f83a3f2aa69ad8a040771b5ad198e12b6fa857e99b45a8a46ae388aa09ee9bed25ddde2b375cfb0c94a0d99edf37edf041f621eaf3e300d62131503ac9f15faa593ab66bf0e5a591449ff9bc88507d4dee149477b5f623475d769586c99c9db88a3fb3711977cc9c530f7460cf6ee6e0c3acacc4c35ce20bbe0b3ffd4059b57941e874a697a5996792625aa0dce68b2126e599d57a2b99a904df22cebcdde4f0134e5ed156e33f0bd6c016a3f91627bdec2ea2596534775290deef980243dc6ca6631acc50533c0b7cd5127b3d8159236d6809b06eba2a380b2f711a08cab7a894b857be977fa3c1d1478dd0aeee55c656ce16de83503573340cd5994d94ba25fcf4b88efaf06e8b&ref=https%3A%2F%2Fwaaw.ac%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=160&psts=ABHeCviZBXKXSDljBZLVHh2jZe6Ci_crJIqIHPT5krqMU89jcJwvzgL4C4vhuhzhXhDW_KVZGlpXfrjDv7HEYpi9aty3g8i6tNfB5CCL5MYBIg&ga_vid=447977211.1683804613&ga_sid=1683804613&ga_hid=142297053&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js?cb=31074489

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a55c58fd6b6c6b2b3315a18dbd9cc05929193a6e196a0fd2483fbfc391f9063

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10784
x-xss-protection: 0
google-lineitem-id: 5504336788
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138326289731
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cnvyl.katerionews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 video.counters.2.js Show response
waaw.ac/js/ Frame 383F 696 B
814 B 15ms
15ms Script
application/javascript 190.115.19.71
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://waaw.ac/js/video.counters.2.js?117
Requested by: Host: waaw.ac
URL: https://waaw.ac/player/embed_player.php?vpn=1&vid=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: Google Frontend /
Resource Hash: 34310731b79445f958ec982df1cb3793cea4f125f0a192a110d08203f4015c10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waaw.ac/player/embed_player.php?vpn=1&vid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: cache
date: Thu, 11 May 2023 11:30:22 GMT
content-encoding: gzip
x-cache-status-inferno-s: HIT
last-modified: Sun, 06 Feb 2022 19:35:56 GMT
server: Google Frontend
etag: W/"6200231c-2b8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials: true
x-inferno-location: static
accessing-static: 1

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ Frame 383F 213 KB
73 KB 91ms
90ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: waaw.ac
URL: https://waaw.ac/js/video.counters.2.js?117

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

fab231fbfc156c6195e0fa7e07d5effaa4d6cf51f8d91d3b4a77d116c693b927

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waaw.ac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Fri, 05 May 2023 15:14:23 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6454f31f-122f1"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 74481
expires: Thu, 11 May 2023 12:30:23 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/ Frame 383F
Redirect Chain

https://counter.yadro.ru/hit?rhttps%3A//waaw.ac/e/VDFzNEluSU0wbzdEMmJhL0UrQ0svdz09%3Fhttp_referer%3Dhttps%253A%252F%252Fwaaw.ac%252Ff%252F1eZisRF9BgAt%26embed_from%3Dembed_from;s1600*1200*24;uhttps...
https://counter.yadro.ru/hit?q;rhttps%3A//waaw.ac/e/VDFzNEluSU0wbzdEMmJhL0UrQ0svdz09%3Fhttp_referer%3Dhttps%253A%252F%252Fwaaw.ac%252Ff%252F1eZisRF9BgAt%26embed_from%3Dembed_from;s1600*1200*24;uhtt...

43 B
528 B

43ms
41ms

Image
image/gif

88.212.201.204
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;rhttps%3A//waaw.ac/e/VDFzNEluSU0wbzdEMmJhL0UrQ0svdz09%3Fhttp_referer%3Dhttps%253A%252F%252Fwaaw.ac%252Ff%252F1eZisRF9BgAt%26embed_from%3Dembed_from;s1600*1200*24;uhttps%3A//waaw.ac/player/embed_player.php%3Fvpn%3D1%26vid%3D1;0.437557525604215

Protocol

HTTP/1.1

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host204.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waaw.ac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 May 2023 11:30:23 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Tue, 10 May 2022 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 11 May 2023 11:30:23 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;rhttps%3A//waaw.ac/e/VDFzNEluSU0wbzdEMmJhL0UrQ0svdz09%3Fhttp_referer%3Dhttps%253A%252F%252Fwaaw.ac%252Ff%252F1eZisRF9BgAt%26embed_from%3Dembed_from;s1600*1200*24;uhttps%3A//waaw.ac/player/embed_player.php%3Fvpn%3D1%26vid%3D1;0.437557525604215
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Tue, 10 May 2022 21:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame FE98 42 B
64 B 52ms
52ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CQVzpytFcZNbUGout3wOFrbO4C_qvrcFwkZ-B2Y8RsJAfEAEg3aCKfGCVAqABk_i82gLIAQWpArhJv7UzZ7I-4AIAqAMBmAQAqgSgBE_QJHpHd1Mjw_rnotQhxyiODyWplfRTxMfEB-i53O3xud-OVtg5qd5d3OEhkCrc1Bebws4N8LSV42GyQsg3lxhD9NE__3mfooMNlBvUl6R1NxLhVPR_eCK2-n4AZvxOHZn0hhe26lkGkEnZ8bhEQpzGeBTG0EmWqvNQ95okJ6rhHqXk9jFmRcJ5AXKHZW17lVBqfpfb9qw0Lk2J_PXy52gk9bur7dC8qIlnhyWgK3piN6-uIgYlbnw1hmCQPDef9EsNzs2CYRf3bnfOEgbYDVvVALCAE8ncyW6S3K6TK1nIdsId28UsJUw-O846zsNBQKO1i4mbQdwRUCSaBA2cZ4hEfDmjeT6I1k-bEYtFIuzmSfD7QlCoytLtSMfDwnnp9uIiplKOWIkkY8ziPiTlKictGv-GoQwvJ0JpiRReG6YHQRKsT11DFiLkCAf7Q8aymGCbbWxgwSuDoSf0jN2s0JpFutzVzI0pxAA9iP3j7d26kAFAHnLXNRWiXU-QzBy1AAewUS0oAtVS7gyoV3eqOyQYVyfAdoGefdlFCQbh8R-pb4UENtzUv2urdRYIcfnfv1hge0_0QfaBaDmvUB6SXadZtlx2mLpAY1cOoymVYGyc2Oj3jxi1k0KndziDsTdZVMG6-tE6CyPqftrTcMPzha1ghD106QSV7rKI7cJZbhcCur6Ou_axiWXZnRkiGlKVjDaNjQEtnUzAJZKo4JKTCO_ABNu7q6aeBOAEAaAGVIAH1YfDpQGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcBqAgB0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA8gLAdgTC9AVAZgWAeIWAggB-BYBgBcB&sigh=Yo9lsrRgB2M&cmd=Ch1jYS12aWRlby1wdWItMjkzMDgwNTEwNDQxODIwNBAAGAI&label=videoplaytime25&ad_mt=3924&acvw=sv%3D951%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D20,500,358,1100%26tos%3D3739,0,0,0,0%26mtos%3D3739,3739,3739,3739,3739%26amtos%3D0,0,0,0,0%26mcvt%3D3739%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3971%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1040%26pst%3D433%26dur%3D15046%26vmtime%3D3924%26dtos%3D1700%26dtoss%3D2%26dvs%3D1700%26dfvs%3D1700%26dvpt%3D1700%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50336019%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3739,3739,3739,3739,3739%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26femt%3D3884%26femvt%3D0%26emc%3D22%26emuc%3D0%26emb%3D20,0,0,0,0%26avms%3Dexc%26qi%3D417832637%26psm%3D-2147483633%26psv%3D15%26psfv%3D15%26psa%3D0%26ptlt%3D9189%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,3739,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.1%26t%3D1683804618950&sdkv=h.3.572.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU4ODMyODc1MDk5MzIMNjQ3Njc2OTM1OTkyQKYEUiYQDyUAAKBBKAE6C1F2ZnVNb1lBLVVrQglnb29nbGVhZHNItAFQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 /
track-selectmedia.com/trackv4/ 0
17 B 147ms
147ms Image
application/json 34.117.33.6
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track-selectmedia.com/trackv4/?d10=HU&d12=Chrome&d14=338X600&d19=10&d2=1683804300&d20=112.0.0&d23=tag_5f40f04e-17fa-49cf-ae12-28a8f5bc005c&d24=e1da33b2-5df6-46fc-a1b0-e9494976c808&d25=fee06c3e-0c86-4f3a-ae7d-b4a40c03835b&d3=413cb585-3a5f-47af-b38f-bfa872f9a666&d4=5cc8935c-b8e7-4e62-97fc-d3dc58e709bd&d5=cnvyl.katerionews.com&d8=1&d9=Windows&channelkey=dHMxPTVjYzg5MzVjLWI4ZTctNGU2Mi05N2ZjLWQzZGM1OGU3MDliZCZ0czI9MSZ0czM9MiZ0czQ9MQ==&d28=1325&d33=20&d34=-1&d35=1&d36=1&d37=1&d38=1&d40=20&adSourceKey=YWRzMT00ZDM3MDVmMC1hMDUwLTRmZmEtYTdjYy00YTA3N2ZlNWE1MTkmYWRzMj0xJmFkczM9MC41JmFkczQ9MCZhZHM2PTAmYWRzNz0xJmFkczg9ODlhYzk5NmEtNTA4ZC00YTkzLTgyZDYtNDcwZWVhYmQzNzc2JmFkczk9MA==&adsourceId=4d3705f0-a050-4ffa-a7cc-4a077fe5a519&cb=1683804623104-f54a7529-523f-4306-8cd2-cc9e4900b7cc&e=12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 6.33.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:23 GMT
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin
allowedmethods: GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials: true
allowedheaders: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 advert.gif
mc.yandex.com/metrika/ Frame 383F 43 B
73 B 53ms
45ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waaw.ac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:23 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 05 May 2023 15:14:23 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6454f31f-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 11 May 2023 12:30:23 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/54046198/ Frame 383F
Redirect Chain

https://mc.yandex.com/watch/54046198?wmode=7&page-url=https%3A%2F%2Fwaaw.ac%2Fplayer%2Fembed_player.php%3Fvpn%3D1%26vid%3D1&page-ref=https%3A%2F%2Fwaaw.ac%2Fe%2FVDFzNEluSU0wbzdEMmJhL0UrQ0svdz09%3Fh...
https://mc.yandex.com/watch/54046198/1?wmode=7&page-url=https%3A%2F%2Fwaaw.ac%2Fplayer%2Fembed_player.php%3Fvpn%3D1%26vid%3D1&page-ref=https%3A%2F%2Fwaaw.ac%2Fe%2FVDFzNEluSU0wbzdEMmJhL0UrQ0svdz09%3...

447 B
483 B

52ms
52ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/54046198/1?wmode=7&page-url=https%3A%2F%2Fwaaw.ac%2Fplayer%2Fembed_player.php%3Fvpn%3D1%26vid%3D1&page-ref=https%3A%2F%2Fwaaw.ac%2Fe%2FVDFzNEluSU0wbzdEMmJhL0UrQ0svdz09%3Fhttp_referer%3Dhttps%253A%252F%252Fwaaw.ac%252Ff%252F1eZisRF9BgAt%26embed_from%3Dembed_from&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73flq82iod0f%3Afp%3A3080%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1031%3Acn%3A1%3Adp%3A0%3Als%3A1301802836572%3Ahid%3A820546722%3Az%3A0%3Ai%3A20230511113023%3Aet%3A1683804623%3Ac%3A1%3Arn%3A613443198%3Arqn%3A1%3Au%3A1683804623663257879%3Aw%3A1170x760%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C652%2C25%2C1%2C0%2C%2C3723%2C1%2C5904%2C5904%2C0%2C4403%3Aco%3A0%3Acpf%3A1%3Ans%3A1683804613691%3Arqnl%3A1%3Ast%3A1683804623%3At%3AVideo%20player&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

fbdeea52a05aed024d1f3af0d6014dc411b8e7858192dcc552d1e6200445fe6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waaw.ac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:23 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Thu, 11-May-2023 11:30:23 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://waaw.ac
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 447
x-xss-protection: 1; mode=block
expires: Thu, 11-May-2023 11:30:23 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:23 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 11-May-2023 11:30:23 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/54046198/1?wmode=7&page-url=https%3A%2F%2Fwaaw.ac%2Fplayer%2Fembed_player.php%3Fvpn%3D1%26vid%3D1&page-ref=https%3A%2F%2Fwaaw.ac%2Fe%2FVDFzNEluSU0wbzdEMmJhL0UrQ0svdz09%3Fhttp_referer%3Dhttps%253A%252F%252Fwaaw.ac%252Ff%252F1eZisRF9BgAt%26embed_from%3Dembed_from&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73flq82iod0f%3Afp%3A3080%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1031%3Acn%3A1%3Adp%3A0%3Als%3A1301802836572%3Ahid%3A820546722%3Az%3A0%3Ai%3A20230511113023%3Aet%3A1683804623%3Ac%3A1%3Arn%3A613443198%3Arqn%3A1%3Au%3A1683804623663257879%3Aw%3A1170x760%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C652%2C25%2C1%2C0%2C%2C3723%2C1%2C5904%2C5904%2C0%2C4403%3Aco%3A0%3Acpf%3A1%3Ans%3A1683804613691%3Arqnl%3A1%3Ast%3A1683804623%3At%3AVideo%20player&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://waaw.ac
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 11-May-2023 11:30:23 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4387 0
0 52ms
51ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsutoWEReXj0QOWp4399Ixv5MGlaak4pbLjs62TJJTcQ8U482I_0_fU1g4aZR1c4tPFUyKArIP-z_gNpA8MFr3Wn34c65PRi6eJetM8Fu-AzispeOD-OUSg1v5-pjdJzxMfPeiIrojE_UpQ0oJjvWkotCxmmsD6TGRGcpv1FGJ11qXszAd8RCx2OGIkgbT2kiymY24EWjjOd4h0mG6bzFuhxvibwtNYN7n-YSHP7cjvh74LFL3lrv6gS5LPDaDvmwzf0kQgaAR2TXcs2bMsXv2un-03OXPYBP8UCfGV-Qai8wr4Rc5ILXPbzPXRY0b7-DDJcMPuuaxH-AdUTdSrh_g9n5pNZ3OTeB5p7nGPncxk&sai=AMfl-YR8IPMzJoysx3-b7A5RM_HcOBlnAiYoo8F1L0wXY-ZUHsgOpAw2vDDSNHP7whQLmKv4YZrzzwd2rMHfig_Pbz0gTxe-dRM9TSzGwgJ-m8yqk8mn6yhjZTHGKpik3RA&sig=Cg0ArKJSzAavp9L_Fdl9EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: waaw.ac
URL: https://waaw.ac/f/1eZisRF9BgAt

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK prebid.js Show response
acdn.adnxs.com/prebid/not-for-prod/ Frame 4387 2 MB
652 KB 46ms
8ms Script
application/javascript 151.101.65.108

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/prebid/not-for-prod/prebid.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js?cb=31074489
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5cf86ea3904f96ce75441057cc58106eedc9f049d34e2a7ed5023a87d916ec6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Expires: Wed, 19 Apr 2023 10:50:23 GMT
Date: Thu, 11 May 2023 11:30:23 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 2352
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 666704
X-Served-By: cache-lga21951-LGA, cache-fra-eddf8230044-FRA
Last-Modified: Thu, 10 Feb 2022 18:43:39 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1683804623.309770,VS0,VE1
ETag: W/"62055cdb-23771c"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 75339, 1

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4387 169 KB
52 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js?cb=31074489

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 May 2023 11:30:23 GMT

GET
DATA 200
OK truncated
/ Frame 4387 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 496e7179eed1022014cc91800718cd89fe03c5d315b4048c99b23f22ff61af1f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 csi
csi.gstatic.com/ 0
17 B 271ms
270ms Ping
image/gif 2404:6800:4005:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=2~lhj1sn2q&c=4990421423842&slotId=2495210711921&met.4=hvd_lc.lhj1sn2q~hvd_ad.lhj1sn2q~hvd_mad.lhj1sn2q~hvd_admu.lhj1sn2q~hvd_src.lhj1sn2q&ps=600x338
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4005:814::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 11:30:23 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 wrapper.html
wrappers.geoedge.be/ Frame 4387 3 KB
3 KB 82ms
7ms XHR
text/html 2600:9000:236e:200:2:d490:4d80:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://wrappers.geoedge.be/wrapper.html
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/not-for-prod/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:200:2:d490:4d80:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://cnvyl.katerionews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 May 2023 03:54:10 GMT
x-amz-version-id: gVDFxbxIIKkKTV40SMjG._OTMed_.wGK
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
last-modified: Mon, 12 Apr 2021 12:46:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 27374
etag: "4a6c546fe449447f2a620613c0655458"
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 3121
x-amz-cf-id: 56zDeOCPMzwEcsS-9mf_P-kA1RoDvzbwZsiIdWAijYAAbCEOuWs80A==

GET freewheel-mapping.json
cdn.jsdelivr.net/gh/prebid/category-mapping-file@1/ Frame 4387 0
0

GET
H/1.1 200
OK localstore.js
script.4dex.io/ Frame 4387 483 B
1022 B 39ms
12ms Script
application/javascript 2606:4700:20::ac43:4bf1

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/not-for-prod/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cnvyl.katerionews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Thu, 11 May 2023 11:30:23 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 575733
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iuhDeEFWmrfXybjMaLEiYBYjQEaTgD9q%2BHWy3GaeB0%2BxzA1tyewDAEAzR8W%2FcT7Dj04NatPK8ONgmY4SPZP8ktyjYZu9IYaL%2BYl3JNx0yTMKc0wx23rBUPsuEppP%2Ff5yXUByI3KDVKbora69"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 7c5a16f0bb603671-FRA

POST
H2 200 prebid-request
onetag-sys.com/ Frame 4387 15 B
368 B 15ms
15ms XHR
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/not-for-prod/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS