livehd7.vip Open in urlscan Pro
2606:4700:3030::6815:1641  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://livehd7.vip/ HTTP 301
   https://livehd7.vip/ Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

• https://www.livehd7.onl/wp-content/uploads/2021/10/%D8%A3%D8%B3%D8%AA%D8%B1%D8%A7%D9%84%D9%8A%D8%A7 HTTP 301
• https://livehd7.vip/wp-content/uploads/2021/10/%D8%A3%D8%B3%D8%AA%D8%B1%D8%A7%D9%84%D9%8A%D8%A7

Request Chain 6

• https://www.livehd7.onl/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A%D8%A9 HTTP 301
• https://livehd7.vip/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A%D8%A9

Request Chain 7

• https://www.livehd7.onl/wp-content/uploads/2021/10/%D9%83%D9%88%D8%B1%D9%8A%D8%A7%20%D8%A7%D9%84%D8%AC%D9%86%D9%88%D8%A8%D9%8A%D8%A9 HTTP 301
• https://livehd7.vip/wp-content/uploads/2021/10/%D9%83%D9%88%D8%B1%D9%8A%D8%A7%20%D8%A7%D9%84%D8%AC%D9%86%D9%88%D8%A8%D9%8A%D8%A9

Request Chain 8

• https://www.livehd7.onl/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%A5%D9%85%D8%A7%D8%B1%D8%A7%D8%AA HTTP 301
• https://livehd7.vip/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%A5%D9%85%D8%A7%D8%B1%D8%A7%D8%AA

Request Chain 10

• https://www.livehd7.onl/wp-content/uploads/2021/10/%D8%A5%D9%8A%D8%B1%D8%A7%D9%86 HTTP 301
• https://livehd7.vip/wp-content/uploads/2021/10/%D8%A5%D9%8A%D8%B1%D8%A7%D9%86

Request Chain 13

• https://www.livehd7.onl/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%B5%D9%8A%D9%86 HTTP 301
• https://livehd7.vip/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%B5%D9%8A%D9%86

Request Chain 14

• https://www.livehd7.onl/wp-content/uploads/2021/10/%D8%B9%D9%85%D8%A7%D9%86 HTTP 301
• https://livehd7.vip/wp-content/uploads/2021/10/%D8%B9%D9%85%D8%A7%D9%86

Request Chain 18

• https://www.livehd7.onl/wp-content/uploads/2021/10/%D9%82%D8%B7%D8%B1 HTTP 301
• https://livehd7.vip/wp-content/uploads/2021/10/%D9%82%D8%B7%D8%B1

Request Chain 19

• https://www.livehd7.onl/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%B9%D8%B1%D8%A7%D9%82 HTTP 301
• https://livehd7.vip/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%B9%D8%B1%D8%A7%D9%82

Request Chain 20

• https://www.livehd7.onl/wp-content/uploads/2021/10/%D8%B3%D9%88%D8%B1%D9%8A%D8%A7 HTTP 301
• https://livehd7.vip/wp-content/uploads/2021/10/%D8%B3%D9%88%D8%B1%D9%8A%D8%A7

Request Chain 23

• https://www.livehd7.onl/wp-content/uploads/2021/10/%D8%A3%D9%84%D9%85%D8%A7%D9%86%D9%8A%D8%A7 HTTP 301
• https://livehd7.vip/wp-content/uploads/2021/10/%D8%A3%D9%84%D9%85%D8%A7%D9%86%D9%8A%D8%A7

Request Chain 25

• https://www.livehd7.onl/wp-content/uploads/2021/10/%D8%A3%D9%8A%D8%B1%D9%84%D9%86%D8%AF%D8%A7 HTTP 301
• https://livehd7.vip/wp-content/uploads/2021/10/%D8%A3%D9%8A%D8%B1%D9%84%D9%86%D8%AF%D8%A7

Request Chain 26

• https://www.livehd7.onl/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%A8%D8%B1%D8%AA%D8%BA%D8%A7%D9%84 HTTP 301
• https://livehd7.vip/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%A8%D8%B1%D8%AA%D8%BA%D8%A7%D9%84

Request Chain 27

• https://livehd7.vip/wp-content/uploads/2021/11/%D8%A7%D9%84%D9%8A%D9%88%D9%86%D8%A7%D9%86 HTTP 302
• https://livehd7.vip/

Request Chain 28

• https://www.livehd7.onl/wp-content/uploads/2021/10/%D8%A5%D8%B3%D8%A8%D8%A7%D9%86%D9%8A%D8%A7 HTTP 301
• https://livehd7.vip/wp-content/uploads/2021/10/%D8%A5%D8%B3%D8%A8%D8%A7%D9%86%D9%8A%D8%A7

Request Chain 31

• https://www.livehd7.onl/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%A5%D9%83%D9%88%D8%A7%D8%AF%D9%88%D8%B1 HTTP 301
• https://livehd7.vip/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%A5%D9%83%D9%88%D8%A7%D8%AF%D9%88%D8%B1

Request Chain 32

• https://www.livehd7.onl/wp-content/uploads/2021/10/%D9%81%D9%86%D8%B2%D9%88%D9%8A%D9%84%D8%A7 HTTP 301
• https://livehd7.vip/wp-content/uploads/2021/10/%D9%81%D9%86%D8%B2%D9%88%D9%8A%D9%84%D8%A7

Request Chain 79

• https://pbjs.e-planning.net/pbjs/1/2e43c/1/livehd7.vip/ROS?rnd=0.31507611623927567&e=728x90_0%3A728x90%2C970x90%2C320x50%2C320x100&ur=https%3A%2F%2Flivehd7.vip%2F&pbv=5.20.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Flivehd7.vip%2F&e_pubcid=83563767-d077-4dae-b285-962540d4c62d HTTP 302
• https://pbjs.e-planning.net/hb/1/2e43c/1/livehd7.vip/ROS?ct=1&r=pbjs&rnd=0.31507611623927567&e=728x90_0%3A728x90%2C970x90%2C320x50%2C320x100&ur=https%3A%2F%2Flivehd7.vip%2F&pbv=5.20.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Flivehd7.vip%2F&e_pubcid=83563767-d077-4dae-b285-962540d4c62d

Request Chain 111

• https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMJo96Xl8wnKPHnxrpBl2o4&google_cver=1&google_push=AYg5qPLs58jjKnfTmm9sWp7e33nEK95WnWMbY2Bw5BPkVWb5wAhW-jwOJ10WZSgKO0ybI-MVVyZefTq9vp-i_0_UjxmFuKQHjjA HTTP 302
• https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMJo96Xl8wnKPHnxrpBl2o4&google_cver=1&google_push=AYg5qPLs58jjKnfTmm9sWp7e33nEK95WnWMbY2Bw5BPkVWb5wAhW-jwOJ10WZSgKO0ybI-MVVyZefTq9vp-i_0_UjxmFuKQHjjA HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aW5oWGZpTzIxTUw2Y2o1&google_gid=CAESEMJo96Xl8wnKPHnxrpBl2o4&google_cver=1&google_push=AYg5qPLs58jjKnfTmm9sWp7e33nEK95WnWMbY2Bw5BPkVWb5wAhW-jwOJ10WZSgKO0ybI-MVVyZefTq9vp-i_0_UjxmFuKQHjjA

Request Chain 112

• https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEN9MXK1Y4MXLO9ljrSI1GS0&google_cver=1&google_push=AYg5qPJWR1FLlfi5BwK5R7Arqelh1qJuRJdKFI1JXk3cOKkWArH3McVrI4JjBG4MMlL7Gs1c9OCtl-Ta1z2dV-1NXHg588hrEw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJWR1FLlfi5BwK5R7Arqelh1qJuRJdKFI1JXk3cOKkWArH3McVrI4JjBG4MMlL7Gs1c9OCtl-Ta1z2dV-1NXHg588hrEw&google_hm=MTg2OTU0Nzk5Mjk3MDE4NjI%3D

Request Chain 113

• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_cver=1&google_push=AYg5qPK1zpWvvuY8XdwX2zPbXFKHFEj01RCAgJKUfyXyWm9oRAYIDkdhdmAtfealmnhisNxVrxxP7OSS8bwuygkvgwBQ5rVJ1vg HTTP 302
• https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_push=AYg5qPK1zpWvvuY8XdwX2zPbXFKHFEj01RCAgJKUfyXyWm9oRAYIDkdhdmAtfealmnhisNxVrxxP7OSS8bwuygkvgwBQ5rVJ1vg&s=184023&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_push=AYg5qPK1zpWvvuY8XdwX2zPbXFKHFEj01RCAgJKUfyXyWm9oRAYIDkdhdmAtfealmnhisNxVrxxP7OSS8bwuygkvgwBQ5rVJ1vg&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_push=AYg5qPK1zpWvvuY8XdwX2zPbXFKHFEj01RCAgJKUfyXyWm9oRAYIDkdhdmAtfealmnhisNxVrxxP7OSS8bwuygkvgwBQ5rVJ1vg&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_push=AYg5qPK1zpWvvuY8XdwX2zPbXFKHFEj01RCAgJKUfyXyWm9oRAYIDkdhdmAtfealmnhisNxVrxxP7OSS8bwuygkvgwBQ5rVJ1vg&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_push=AYg5qPK1zpWvvuY8XdwX2zPbXFKHFEj01RCAgJKUfyXyWm9oRAYIDkdhdmAtfealmnhisNxVrxxP7OSS8bwuygkvgwBQ5rVJ1vg&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_push=AYg5qPK1zpWvvuY8XdwX2zPbXFKHFEj01RCAgJKUfyXyWm9oRAYIDkdhdmAtfealmnhisNxVrxxP7OSS8bwuygkvgwBQ5rVJ1vg&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_push=AYg5qPK1zpWvvuY8XdwX2zPbXFKHFEj01RCAgJKUfyXyWm9oRAYIDkdhdmAtfealmnhisNxVrxxP7OSS8bwuygkvgwBQ5rVJ1vg&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_push=AYg5qPK1zpWvvuY8XdwX2zPbXFKHFEj01RCAgJKUfyXyWm9oRAYIDkdhdmAtfealmnhisNxVrxxP7OSS8bwuygkvgwBQ5rVJ1vg&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_push=AYg5qPK1zpWvvuY8XdwX2zPbXFKHFEj01RCAgJKUfyXyWm9oRAYIDkdhdmAtfealmnhisNxVrxxP7OSS8bwuygkvgwBQ5rVJ1vg&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_push=AYg5qPK1zpWvvuY8XdwX2zPbXFKHFEj01RCAgJKUfyXyWm9oRAYIDkdhdmAtfealmnhisNxVrxxP7OSS8bwuygkvgwBQ5rVJ1vg&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_push=AYg5qPK1zpWvvuY8XdwX2zPbXFKHFEj01RCAgJKUfyXyWm9oRAYIDkdhdmAtfealmnhisNxVrxxP7OSS8bwuygkvgwBQ5rVJ1vg&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_push=AYg5qPK1zpWvvuY8XdwX2zPbXFKHFEj01RCAgJKUfyXyWm9oRAYIDkdhdmAtfealmnhisNxVrxxP7OSS8bwuygkvgwBQ5rVJ1vg&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_push=AYg5qPK1zpWvvuY8XdwX2zPbXFKHFEj01RCAgJKUfyXyWm9oRAYIDkdhdmAtfealmnhisNxVrxxP7OSS8bwuygkvgwBQ5rVJ1vg&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_push=AYg5qPK1zpWvvuY8XdwX2zPbXFKHFEj01RCAgJKUfyXyWm9oRAYIDkdhdmAtfealmnhisNxVrxxP7OSS8bwuygkvgwBQ5rVJ1vg&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_push=AYg5qPK1zpWvvuY8XdwX2zPbXFKHFEj01RCAgJKUfyXyWm9oRAYIDkdhdmAtfealmnhisNxVrxxP7OSS8bwuygkvgwBQ5rVJ1vg&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_push=AYg5qPK1zpWvvuY8XdwX2zPbXFKHFEj01RCAgJKUfyXyWm9oRAYIDkdhdmAtfealmnhisNxVrxxP7OSS8bwuygkvgwBQ5rVJ1vg&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_push=AYg5qPK1zpWvvuY8XdwX2zPbXFKHFEj01RCAgJKUfyXyWm9oRAYIDkdhdmAtfealmnhisNxVrxxP7OSS8bwuygkvgwBQ5rVJ1vg&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_push=AYg5qPK1zpWvvuY8XdwX2zPbXFKHFEj01RCAgJKUfyXyWm9oRAYIDkdhdmAtfealmnhisNxVrxxP7OSS8bwuygkvgwBQ5rVJ1vg&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_push=AYg5qPK1zpWvvuY8XdwX2zPbXFKHFEj01RCAgJKUfyXyWm9oRAYIDkdhdmAtfealmnhisNxVrxxP7OSS8bwuygkvgwBQ5rVJ1vg&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_push=AYg5qPK1zpWvvuY8XdwX2zPbXFKHFEj01RCAgJKUfyXyWm9oRAYIDkdhdmAtfealmnhisNxVrxxP7OSS8bwuygkvgwBQ5rVJ1vg&google_cver=1

Request Chain 114

• https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEDuSY7hx8Lj1KRsyHQgH7Ys&google_cver=1&google_push=AYg5qPLuBZi7VMvyrWXAFhlgHs8AjmjLTDm294Oe3r_U4G91-LtkF1HGxUgo3ekC4_ogUrwpPZUZoe_HWFVIzky8KIb_V5qiY1Q HTTP 302
• https://sync.targeting.unrulymedia.com/csync/RX-ac0c83c9-4c8f-46e5-95fa-a62671373d12-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPLuBZi7VMvyrWXAFhlgHs8AjmjLTDm294Oe3r_U4G91-LtkF1HGxUgo3ekC4_ogUrwpPZUZoe_HWFVIzky8KIb_V5qiY1Q%26google_hm%3DA6wMg8lMj0bllfqmJnE3PRI HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLuBZi7VMvyrWXAFhlgHs8AjmjLTDm294Oe3r_U4G91-LtkF1HGxUgo3ekC4_ogUrwpPZUZoe_HWFVIzky8KIb_V5qiY1Q&google_hm=A6wMg8lMj0bllfqmJnE3PRI

Request Chain 115

• https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEOl-Mm4Z9NqKG4hCkyAIbtw&google_cver=1&google_push=AYg5qPLCWwyDxZ0T_cFShlliLXJ-4vVHAgK0JKmOJij8nAWnJD9YMBSkvbiRJPO1cHqJnVoxXFR1o7xc2Q84RzaPAckPrX8_iDE HTTP 302
• https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPLCWwyDxZ0T_cFShlliLXJ-4vVHAgK0JKmOJij8nAWnJD9YMBSkvbiRJPO1cHqJnVoxXFR1o7xc2Q84RzaPAckPrX8_iDE&google_gid=CAESEOl-Mm4Z9NqKG4hCkyAIbtw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQ3NjAyNDg5OTc5NTMyNDczNQ%3D%3D&google_push=AYg5qPLCWwyDxZ0T_cFShlliLXJ-4vVHAgK0JKmOJij8nAWnJD9YMBSkvbiRJPO1cHqJnVoxXFR1o7xc2Q84RzaPAckPrX8_iDE

Request Chain 118

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 119

• https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D HTTP 307
• https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=c342ab72-b0f3-4231-8c4e-48b3510c58f1

Request Chain 131

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHZaFJ86__h35Pz_wrRrHTc&google_cver=1

Request Chain 132

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYzfe7TxljIHqFA6n-QHzgAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHZaFJ86__h35Pz_wrRrHTc&google_cver=1

Request Chain 133

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEGFTn7V6C8nznS7rc0t4V3c&google_cver=1

Request Chain 134

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQyMTIwOTQxMjcyNjkzMTA0NQ%3D%3D

Request Chain 143

• https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMJo96Xl8wnKPHnxrpBl2o4&google_cver=1&google_push=AYg5qPIGQYcAQuknRZHnDb6hkTS-KG54g5NYrN0T9k9AZJynQKJHRHPzhkkr_-et7PxjrCjpqWCPaMnb8Aqq3AbwQswDjO-nudnS HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aW5oWGZpTzIxTUw2Y2o1&google_gid=CAESEMJo96Xl8wnKPHnxrpBl2o4&google_cver=1&google_push=AYg5qPIGQYcAQuknRZHnDb6hkTS-KG54g5NYrN0T9k9AZJynQKJHRHPzhkkr_-et7PxjrCjpqWCPaMnb8Aqq3AbwQswDjO-nudnS

Request Chain 144

• https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEOVTFIXdcr47PrKWTU2snLU&google_cver=1&google_push=AYg5qPJnUI4H9qDQjhw_x9TmCtajqs9Qi1FOMmcn_fM6uBnearwSUPcAnxulwLJ8OqWFXh-KLiDQ0iS1wzJV3M4LNCpMzd-eEKg HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJnUI4H9qDQjhw_x9TmCtajqs9Qi1FOMmcn_fM6uBnearwSUPcAnxulwLJ8OqWFXh-KLiDQ0iS1wzJV3M4LNCpMzd-eEKg

Request Chain 145

• https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAlTPomIkG16yG_C__PVXFM&google_cver=1&google_push=AYg5qPI5WJ7-Jx0dQ588tXfKnrXAQ2Z-0RfNmdZEG-tTplnJAIHsxlSvxIHdI7oz8FL6tCbDojhFE7OrfW74iIrZwcEKQT0ZfXoUng HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyOTIzODgzNzgwNTExOTY0Mw%3D%3D&google_push=AYg5qPI5WJ7-Jx0dQ588tXfKnrXAQ2Z-0RfNmdZEG-tTplnJAIHsxlSvxIHdI7oz8FL6tCbDojhFE7OrfW74iIrZwcEKQT0ZfXoUng

Request Chain 177

• https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO4laFtxEDsAtXotUJ-ZCb4&google_cver=1 HTTP 302
• https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEO4laFtxEDsAtXotUJ-ZCb4&google_cver=1

Request Chain 178

• https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
• https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZGE5YTY2N2EtMWUwZS0yNWI2LWQ2YWQtY2Q2YzA0NjE0MGQw

Request Chain 179

• https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
• https://sync.teads.tv/um?eid=3&uid=CAESELZJSxuVu6Y4Il5XFIbvm4c&google_cver=1

Request Chain 190

• https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJst5uwvPQ7waSmNrUH5h8SAg-dQPwM_GMrY_RfIY3CfWfCetaad1izapUjQH0BQ-3Ot4h7Z6n3polTUYQCRJmGj7j6V8A&google_gid=CAESEBWdAogZ-LO6deMADHYjWDU&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVl6ZmZBQUFCWVVZdDIzSg&google_push=AYg5qPJst5uwvPQ7waSmNrUH5h8SAg-dQPwM_GMrY_RfIY3CfWfCetaad1izapUjQH0BQ-3Ot4h7Z6n3polTUYQCRJmGj7j6V8A

Request Chain 191

• https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEJXSObuFtn4DhOoMSfcyeLI&google_cver=1&google_push=AYg5qPKojrOgkwePXUBM8M4lMr4PC6zaGmE1VYqzHvwiiBfa0DkghdPvjgbMWzZX4ShQaXJsp_9MGAMAACTXQtem4HeDZbR5OfU HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJXSObuFtn4DhOoMSfcyeLI&google_push=AYg5qPKojrOgkwePXUBM8M4lMr4PC6zaGmE1VYqzHvwiiBfa0DkghdPvjgbMWzZX4ShQaXJsp_9MGAMAACTXQtem4HeDZbR5OfU

Request Chain 192

• https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEChPr0nAsNZXJowiNp9f7tQ&google_cver=1&google_push=AYg5qPL6Ij6ckk32exMBZkAgCwSYgvf9G2cGR0PZ_heAsvjpDmfQWRO-wfR2fKYd1U37L0vzoM1aTm3xPXt_XS10zJBlIiAHknaE HTTP 302
• https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEChPr0nAsNZXJowiNp9f7tQ&google_cver=1&google_push=AYg5qPL6Ij6ckk32exMBZkAgCwSYgvf9G2cGR0PZ_heAsvjpDmfQWRO-wfR2fKYd1U37L0vzoM1aTm3xPXt_XS10zJBlIiAHknaE&checkcookies=true HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=jqVTxAxBi_pGnqkAX04ZWQ&google_push=AYg5qPL6Ij6ckk32exMBZkAgCwSYgvf9G2cGR0PZ_heAsvjpDmfQWRO-wfR2fKYd1U37L0vzoM1aTm3xPXt_XS10zJBlIiAHknaE

Request Chain 194

• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_cver=1&google_push=AYg5qPKS48pECzd-bnWvgcq2eCXwvC1N9zAo-o2toXi2LKujLZgbe6NjGdm38Py9ZvC0wmaIWs0AKWoI1henx_Zhdi2DjCWpupoM HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_push=AYg5qPKS48pECzd-bnWvgcq2eCXwvC1N9zAo-o2toXi2LKujLZgbe6NjGdm38Py9ZvC0wmaIWs0AKWoI1henx_Zhdi2DjCWpupoM&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_push=AYg5qPKS48pECzd-bnWvgcq2eCXwvC1N9zAo-o2toXi2LKujLZgbe6NjGdm38Py9ZvC0wmaIWs0AKWoI1henx_Zhdi2DjCWpupoM&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_push=AYg5qPKS48pECzd-bnWvgcq2eCXwvC1N9zAo-o2toXi2LKujLZgbe6NjGdm38Py9ZvC0wmaIWs0AKWoI1henx_Zhdi2DjCWpupoM&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_push=AYg5qPKS48pECzd-bnWvgcq2eCXwvC1N9zAo-o2toXi2LKujLZgbe6NjGdm38Py9ZvC0wmaIWs0AKWoI1henx_Zhdi2DjCWpupoM&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_push=AYg5qPKS48pECzd-bnWvgcq2eCXwvC1N9zAo-o2toXi2LKujLZgbe6NjGdm38Py9ZvC0wmaIWs0AKWoI1henx_Zhdi2DjCWpupoM&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_push=AYg5qPKS48pECzd-bnWvgcq2eCXwvC1N9zAo-o2toXi2LKujLZgbe6NjGdm38Py9ZvC0wmaIWs0AKWoI1henx_Zhdi2DjCWpupoM&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_push=AYg5qPKS48pECzd-bnWvgcq2eCXwvC1N9zAo-o2toXi2LKujLZgbe6NjGdm38Py9ZvC0wmaIWs0AKWoI1henx_Zhdi2DjCWpupoM&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_push=AYg5qPKS48pECzd-bnWvgcq2eCXwvC1N9zAo-o2toXi2LKujLZgbe6NjGdm38Py9ZvC0wmaIWs0AKWoI1henx_Zhdi2DjCWpupoM&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_push=AYg5qPKS48pECzd-bnWvgcq2eCXwvC1N9zAo-o2toXi2LKujLZgbe6NjGdm38Py9ZvC0wmaIWs0AKWoI1henx_Zhdi2DjCWpupoM&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_push=AYg5qPKS48pECzd-bnWvgcq2eCXwvC1N9zAo-o2toXi2LKujLZgbe6NjGdm38Py9ZvC0wmaIWs0AKWoI1henx_Zhdi2DjCWpupoM&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_push=AYg5qPKS48pECzd-bnWvgcq2eCXwvC1N9zAo-o2toXi2LKujLZgbe6NjGdm38Py9ZvC0wmaIWs0AKWoI1henx_Zhdi2DjCWpupoM&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_push=AYg5qPKS48pECzd-bnWvgcq2eCXwvC1N9zAo-o2toXi2LKujLZgbe6NjGdm38Py9ZvC0wmaIWs0AKWoI1henx_Zhdi2DjCWpupoM&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_push=AYg5qPKS48pECzd-bnWvgcq2eCXwvC1N9zAo-o2toXi2LKujLZgbe6NjGdm38Py9ZvC0wmaIWs0AKWoI1henx_Zhdi2DjCWpupoM&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_push=AYg5qPKS48pECzd-bnWvgcq2eCXwvC1N9zAo-o2toXi2LKujLZgbe6NjGdm38Py9ZvC0wmaIWs0AKWoI1henx_Zhdi2DjCWpupoM&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_push=AYg5qPKS48pECzd-bnWvgcq2eCXwvC1N9zAo-o2toXi2LKujLZgbe6NjGdm38Py9ZvC0wmaIWs0AKWoI1henx_Zhdi2DjCWpupoM&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_push=AYg5qPKS48pECzd-bnWvgcq2eCXwvC1N9zAo-o2toXi2LKujLZgbe6NjGdm38Py9ZvC0wmaIWs0AKWoI1henx_Zhdi2DjCWpupoM&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_push=AYg5qPKS48pECzd-bnWvgcq2eCXwvC1N9zAo-o2toXi2LKujLZgbe6NjGdm38Py9ZvC0wmaIWs0AKWoI1henx_Zhdi2DjCWpupoM&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_push=AYg5qPKS48pECzd-bnWvgcq2eCXwvC1N9zAo-o2toXi2LKujLZgbe6NjGdm38Py9ZvC0wmaIWs0AKWoI1henx_Zhdi2DjCWpupoM&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_push=AYg5qPKS48pECzd-bnWvgcq2eCXwvC1N9zAo-o2toXi2LKujLZgbe6NjGdm38Py9ZvC0wmaIWs0AKWoI1henx_Zhdi2DjCWpupoM&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_push=AYg5qPKS48pECzd-bnWvgcq2eCXwvC1N9zAo-o2toXi2LKujLZgbe6NjGdm38Py9ZvC0wmaIWs0AKWoI1henx_Zhdi2DjCWpupoM&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_cver=1

Request Chain 196

• https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJf4FIqYDx4SV2LE6VmXFrw&google_cver=1&google_push=AYg5qPI_l2UdumaiNnAz99bPPHVs6Fa7XdZcTLu5IFwQjkv1jNbyr3LSeuLrHt6pBTPdidazRQt1jkAdQOCmn1qQG0ZqUxlRaRUK HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1SSGtDbVVORTJ1RWprLkkya0gwRWtSVVZ4bWpmYXFiZn5B&google_push=AYg5qPI_l2UdumaiNnAz99bPPHVs6Fa7XdZcTLu5IFwQjkv1jNbyr3LSeuLrHt6pBTPdidazRQt1jkAdQOCmn1qQG0ZqUxlRaRUK

Request Chain 217

• https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flivehd7.vip%2F&domain=livehd7.vip&cw=1&lsw=1 HTTP 302
• https://mug.criteo.com/sid?cpp=jbFz23xQb0lZNmkyd05wd3d6bjZaODVmT0RkV1ZNVFR6bjdpb1B1MkEwa2RhZVM1enBrNFhIdmZnVzZ6bTg0ZmhmZEZ2aHNlOWU3Q3doUEhkZnNxUmozY3Y5cXgzUEhNcE1iVG5rMldwTjBtZ0gxQmcyaGZjWEF2c25ScTFPV2pYQVh0L1FlNjlJWENINjhHRnpCMUdmYTgwVDNOQkhaWitoMFp4dTQ2SGQ1Z0hEOFYxbi93RWVOcXl1OElxZVVLU1VPK1B1b2k3bWdqVHJPRHI5MlRyNjNnamlrT0lOdlhubk1WS2tjUnh5aFl5ZE1vPXw&cppv=2

218 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response livehd7.vip/ Redirect Chain http://livehd7.vip/ https://livehd7.vip/	196 KB 53 KB	104ms 63ms	Document text/html	2606:4700:3030::6815:1641 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://livehd7.vip/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:1641 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e24040fcc7ef571e798955be0ec4161b03301678ad6fc057aa7613e1a3cdc4a9 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Thu, 11 Nov 2021 09:16:41 GMT content-type text/html last-modified Thu, 11 Nov 2021 08:56:36 GMT cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6awicALuniMNh8GJrrCJYqW8N1ZJMsZcGhziSP%2FnoksCp7s9eIQldUKFhUzkgxjDY2H%2F4L4UvtwWq4gbCpNV2HlQdmOgdYJCGIw2VzKHck2KRRbewgS560%2ByMXGMuwKiWq5sVikdF7ttWg%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6ac66c577d7f59e9-MXP content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Redirect headers Date Thu, 11 Nov 2021 09:16:41 GMT Transfer-Encoding chunked Connection keep-alive Cache-Control max-age=3600 Expires Thu, 11 Nov 2021 10:16:41 GMT Location https://livehd7.vip/ Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2B1rJnkd5wA%2FJPZpWi8xfnZWBKRx0X%2FRzbZLzz0ZZVg0JPAPft8bJB7rtSSxwswMbtUoHA5b3MiXtKsFPXiBx9SI7n7qBZkJEDxIRqM5M7ysUilK8KLW6CtwpynwMzIAGSW%2FReXl2Wj%2BHw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary Accept-Encoding Server cloudflare CF-RAY 6ac66c570c216964-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	style.css livehd7.vip/wp-content/themes/YallaShoot/	36 KB 9 KB	29ms 28ms	Stylesheet text/css	2606:4700:3030::6815:1641 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://livehd7.vip/wp-content/themes/YallaShoot/style.css?1285358574 Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:1641 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e9f636dd1d951ec338dd6af8f2288dd683857aeb2401401db0a3b8bec22ec4ae Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT content-encoding br cf-cache-status HIT last-modified Sun, 10 Oct 2021 01:48:22 GMT server cloudflare age 1200 etag W/"61624666-8e9e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RMsgXBFOSetG3drWYXy9Tk7Q6sn7A8kmbLn1z32p%2F51cdfsSaCy0rOteUd%2BlDCO4JInU4Rjf8wN3hgp3ck7v0VVDOGR4g7Tmp644DzqT4vJFMRn4Idgv9QbXyZTbmJ1qnZUttTH7ynoVUg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6ac66c580f1059e9-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	145 KB 51 KB	63ms 32ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1410072543553213 Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9f280c27e22fdf76b7d341986cc0cf47e2d9af850274185870e0f7ca08e7fb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://livehd7.vip/ Origin https://livehd7.vip Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 51381 x-xss-protection 0 server cafe etag 10843404541933758469 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Thu, 11 Nov 2021 09:16:41 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	90 KB 36 KB	43ms 17ms	Script application/javascript	2a00:1450:4001:82a::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-146139292-8 Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 549dba533dd6e2773b19bffa2926bd217549866cb3d0fec14b774ce204b845ec Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36361 x-xss-protection 0 last-modified Thu, 11 Nov 2021 09:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 11 Nov 2021 09:16:41 GMT
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	78 KB 27 KB	47ms 21ms	Script text/javascript	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software sffe / Resource Hash db2e69b0bd69b2bb517c8c9be0aa18d8f13a624eeb1a71205ce2e838d69221b7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1040 / 645 of 1000 / last-modified: 1636585612" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 26839 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Thu, 11 Nov 2021 09:16:41 GMT
GET H/1.1	200 OK	dynamicforall.js Show response jscdn.greeter.me/	8 KB 8 KB	72ms 9ms	Script text/javascript	205.185.216.42 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://jscdn.greeter.me/dynamicforall.js Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS map2.hwcdn.net Software / Resource Hash 9256fdf9cc24ae9e1a819b94f3b8aa58b791457242306bc86fd13f312a9174ec Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Thu, 11 Nov 2021 09:16:41 GMT Connection Keep-Alive Last-Modified Tue, 10 Aug 2021 11:16:10 GMT x-amz-request-id tx000000000000044b263fd-00618cd406-25d72b1f-fra1b etag "9c3c18cc39130a194ea7138fd8375b39" Vary Access-Control-Request-Headers,Access-Control-Request-Method,Origin X-HW 1636622201.dop145.fr8.t,1636622201.cds278.fr8.shn,1636622201.dop145.fr8.t,1636622201.cds237.fr8.c Content-Type text/javascript Cache-Control max-age=669 x-rgw-object-type Normal strict-transport-security max-age=15552000; includeSubDomains; preload Accept-Ranges bytes Content-Length 7954
GET H2	200	%D8%A3%D8%B3%D8%AA%D8%B1%D8%A7%D9%84%D9%8A%D8%A7 livehd7.vip/wp-content/uploads/2021/10/ Redirect Chain https://www.livehd7.onl/wp-content/uploads/2021/10/%D8%A3%D8%B3%D8%AA%D8%B1%D8%A7%D9%84%D9%8A%D8%A7 https://livehd7.vip/wp-content/uploads/2021/10/%D8%A3%D8%B3%D8%AA%D8%B1%D8%A7%D9%84%D9%8A%D8%A7	7 KB 7 KB	59ms 58ms	Image application/octet-stream	2606:4700:3030::6815:1641 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://livehd7.vip/wp-content/uploads/2021/10/%D8%A3%D8%B3%D8%AA%D8%B1%D8%A7%D9%84%D9%8A%D8%A7 Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Server 2606:4700:3030::6815:1641 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 90b0efe6cbe692bfd07130106bf3767af38ac06c7b991d930bf4607cf0fffe02 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT cf-cache-status DYNAMIC last-modified Thu, 07 Oct 2021 09:16:30 GMT server cloudflare etag "615ebaee-1b47" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2B%2FnfAvKx%2FbHR4LgbqGPrjC6VPS6fDgeaDHqoDA77N5ajfr66Pyvr%2FF0KKQE0DAmKuHKF4O5NxmBBxuFd5FTtnypB5ZXR3GR3ByoGEZvg7CfJGQRGTiUITuteuyjy8074t267m8Vc9%2BFng%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream accept-ranges bytes cf-ray 6ac66c58c8e359e9-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 6983 Redirect headers date Thu, 11 Nov 2021 09:16:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UIqdQ9KFdJDbE%2Bv7P9I94cxQ4KnhlzLFvFEQytEzXIMZbqlu0GNQ3CBJ0YsieRbhul4xFxq36UXihtNc9UFQKq%2FhlfNaedicL8l%2Fux3CJdMRKEmZdTr7fQtl7oHpcVyeaQsJOPz8Bnnx57uEJBU%3D"}],"group":"cf-nel","max_age":604800} location https://livehd7.vip/wp-content/uploads/2021/10/%D8%A3%D8%B3%D8%AA%D8%B1%D8%A7%D9%84%D9%8A%D8%A7 cache-control max-age=3600 cf-ray 6ac66c584d865cb0-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expires Thu, 11 Nov 2021 10:16:41 GMT
GET H2	200	%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A%D8%A9 livehd7.vip/wp-content/uploads/2021/10/ Redirect Chain https://www.livehd7.onl/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A%D8%A9 https://livehd7.vip/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A%D8%A9	6 KB 7 KB	59ms 58ms	Image application/octet-stream	2606:4700:3030::6815:1641 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://livehd7.vip/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A%D8%A9 Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Server 2606:4700:3030::6815:1641 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 55086289fc50f2edb6677074d247bcc8700b40b7990ee6aa47babf613da97dcf Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT cf-cache-status DYNAMIC last-modified Thu, 07 Oct 2021 09:16:46 GMT server cloudflare etag "615ebafe-18c5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L0coDw195Q1naqcaTcb8eB9zqWulNoTszyka0f6pc392WUors0hcdSxNlobv8tonq1BShBNhgOBfICKTa2%2F3f5fZeC5r7nHYtiUA4FUjJpe0HRjcYKTfkcpnwZOJLevo9PejxHmVxQKYnQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream accept-ranges bytes cf-ray 6ac66c58c8ed59e9-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 6341 Redirect headers date Thu, 11 Nov 2021 09:16:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S0CCEhQCn2snft%2BXyuLZuXkWdKjjglMDlKqihAhr9SRSn2%2F5K1R2vHEX4525V%2BMXutXQ%2B%2BH%2Fg6sf27vQC%2FezvqFZETGE%2FZF0NFOk2dhnYihMgHW84rZUlJAYmxys28ne5cIBZZ0hk9fSxN%2FZV%2FM%3D"}],"group":"cf-nel","max_age":604800} location https://livehd7.vip/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A%D8%A9 cache-control max-age=3600 cf-ray 6ac66c585d935cb0-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expires Thu, 11 Nov 2021 10:16:41 GMT
GET H2	200	%D9%83%D9%88%D8%B1%D9%8A%D8%A7%20%D8%A7%D9%84%D8%AC%D9%86%D9%88%D8%A8%D9%8A%D8%A9 livehd7.vip/wp-content/uploads/2021/10/ Redirect Chain https://www.livehd7.onl/wp-content/uploads/2021/10/%D9%83%D9%88%D8%B1%D9%8A%D8%A7%20%D8%A7%D9%84%D8%AC%D9%86%D9%88%D8%A8%D9%8A%D8%A9 https://livehd7.vip/wp-content/uploads/2021/10/%D9%83%D9%88%D8%B1%D9%8A%D8%A7%20%D8%A7%D9%84%D8%AC%D9%86%D9%88%D8%A8%D9%8A%D8%A9	7 KB 7 KB	64ms 64ms	Image application/octet-stream	2606:4700:3030::6815:1641 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://livehd7.vip/wp-content/uploads/2021/10/%D9%83%D9%88%D8%B1%D9%8A%D8%A7%20%D8%A7%D9%84%D8%AC%D9%86%D9%88%D8%A8%D9%8A%D8%A9 Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Server 2606:4700:3030::6815:1641 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8c72cba63484e9b5d152d2ae5f8deaa9e074f599c1b9d12fea38d0267db3b772 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT cf-cache-status DYNAMIC last-modified Thu, 07 Oct 2021 09:43:50 GMT server cloudflare etag "615ec156-1a86" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pwGmgGrZwsi0IqUcXe0o0qxUu%2BI%2FpTZh%2FwvbMpN5tjUfVuKtTqKbuOhSoO5%2F1e6r9wEmQ%2BI%2Bbn%2BM1cYEZ%2F3xux4F3hTFYi7wqF9bTxb%2Brug4ZRo2EFtFVBrhzsw8skyN%2BWgOpEjlckomkQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream accept-ranges bytes cf-ray 6ac66c58c8f059e9-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 6790 Redirect headers date Thu, 11 Nov 2021 09:16:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6zo6Dgo5WpEkt9w1xG1exxHmprz8HuiefUhZ2j191RkU7nyXtEzHoGn5fpybE4b1jlSZnwQIG%2BwVVyQ32AZZq%2Baqn%2F9srINb7nKOoMTFm%2Foetbz4HQeZWcqFctIbZYxrB3wurhGcjFR5aS0oYlA%3D"}],"group":"cf-nel","max_age":604800} location https://livehd7.vip/wp-content/uploads/2021/10/%D9%83%D9%88%D8%B1%D9%8A%D8%A7%20%D8%A7%D9%84%D8%AC%D9%86%D9%88%D8%A8%D9%8A%D8%A9 cache-control max-age=3600 cf-ray 6ac66c585d945cb0-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expires Thu, 11 Nov 2021 10:16:41 GMT
GET H2	200	%D8%A7%D9%84%D8%A5%D9%85%D8%A7%D8%B1%D8%A7%D8%AA livehd7.vip/wp-content/uploads/2021/10/ Redirect Chain https://www.livehd7.onl/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%A5%D9%85%D8%A7%D8%B1%D8%A7%D8%AA https://livehd7.vip/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%A5%D9%85%D8%A7%D8%B1%D8%A7%D8%AA	4 KB 4 KB	58ms 57ms	Image application/octet-stream	2606:4700:3030::6815:1641 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://livehd7.vip/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%A5%D9%85%D8%A7%D8%B1%D8%A7%D8%AA Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Server 2606:4700:3030::6815:1641 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fd751e14fe58f1186d1e7a8800fc3996ff49c8ea2803b5d5a0c218855385c2ba Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT cf-cache-status DYNAMIC last-modified Thu, 07 Oct 2021 09:17:20 GMT server cloudflare etag "615ebb20-ffa" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oSNbE%2Fl%2B3L%2BTELWL9nst8Kl80CKBJakOi6uoh58QppysZ7mcidNCsvCxIWeh%2Bbg3br0gUWb4czIwBwQ6rt3Y6sDz%2FS6tKmy56j%2BzAvegUiU8%2FoTS7jcitASbPrUf1HhJm69GthyYsqeXlQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream accept-ranges bytes cf-ray 6ac66c58c8ec59e9-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 4090 Redirect headers date Thu, 11 Nov 2021 09:16:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XEp1rpJ0KBy9fFENwoDDzECe55RFVghqcavgrWWjeKXzFUzbdhLVoSy5VNTEiBVLAD1joR59jPY9oDuFLV6rykoKHmp9GieCRkZP8KdMFY42vdtWKiZrj%2BxA9RxMS19T2feY6c2abSzEMDZVYZ8%3D"}],"group":"cf-nel","max_age":604800} location https://livehd7.vip/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%A5%D9%85%D8%A7%D8%B1%D8%A7%D8%AA cache-control max-age=3600 cf-ray 6ac66c585d965cb0-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expires Thu, 11 Nov 2021 10:16:41 GMT
GET H2	200	SVBzrEoo3aCu2Lw2wcv4LQ_96x96-e1636582459345.png livehd7.vip/wp-content/uploads/2021/11/	2 KB 3 KB	37ms 31ms	Image image/png	2606:4700:3030::6815:1641 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://livehd7.vip/wp-content/uploads/2021/11/SVBzrEoo3aCu2Lw2wcv4LQ_96x96-e1636582459345.png Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:1641 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 04d621e619931739cfbf3b34649f09fbb70d3f0d0a8d8726101b6130f6be3e96 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 129 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 2495 last-modified Wed, 10 Nov 2021 23:00:04 GMT server cloudflare etag "618c4ef4-9bf" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d9WGz6FrP6CLRCccIfW9BzmIZflDVyxk%2B5HlioPn9KF9OMtJBcUUuDnVMu%2FYNsqhZK3fFBraH3Ej%2BZ82d27Gqek3h5GUV3M7wDWEEU2aYReWja2hRyZ3I5DSK2aWGefmOWukMQrVdD3ocQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 6ac66c581f4659e9-MXP
GET H2	200	%D8%A5%D9%8A%D8%B1%D8%A7%D9%86 livehd7.vip/wp-content/uploads/2021/10/ Redirect Chain https://www.livehd7.onl/wp-content/uploads/2021/10/%D8%A5%D9%8A%D8%B1%D8%A7%D9%86 https://livehd7.vip/wp-content/uploads/2021/10/%D8%A5%D9%8A%D8%B1%D8%A7%D9%86	7 KB 7 KB	64ms 63ms	Image application/octet-stream	2606:4700:3030::6815:1641 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://livehd7.vip/wp-content/uploads/2021/10/%D8%A5%D9%8A%D8%B1%D8%A7%D9%86 Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Server 2606:4700:3030::6815:1641 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bb426d0a0f9eae681050bc1c0cd013c50f0ca7eb7985eb25a7b1fe8a21064fae Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT cf-cache-status DYNAMIC last-modified Thu, 07 Oct 2021 09:17:20 GMT server cloudflare etag "615ebb20-1bcb" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yPBNfLMZSZCBenltUmGlplxAGkz1itJWDSznhU7iaMDgoiJ6k8iU%2BOC3gAwEeyT4oNW8cA%2Bu811s7ErgUsclsQ0miuPQ1cQP%2FpRGJ%2FsUbSY1eVBoFDH5mHg9vsKqH4r9valQ9eumVQQXxw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream accept-ranges bytes cf-ray 6ac66c58c8e459e9-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 7115 Redirect headers date Thu, 11 Nov 2021 09:16:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gmhhd5J9rhuVR5ffp7hTgxgjoWn4o%2FrjL11IIkQxnJsWb%2FU8qDzaSxkVHdzfqJyi%2BNZdio4ULdk1nRvcfXwcss5p1kdQ9paZ%2BhG2M8McVXdBGrGJCI4rHa%2FcLhVSzdazafWr6XKfsXoIxQicud4%3D"}],"group":"cf-nel","max_age":604800} location https://livehd7.vip/wp-content/uploads/2021/10/%D8%A5%D9%8A%D8%B1%D8%A7%D9%86 cache-control max-age=3600 cf-ray 6ac66c585d8d5cb0-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expires Thu, 11 Nov 2021 10:16:41 GMT
GET H2	200	%D8%A5%D8%AB%D9%8A%D9%88%D8%A8%D9%8A%D8%A7 livehd7.vip/wp-content/uploads/2021/11/	6 KB 6 KB	69ms 64ms	Image application/octet-stream	2606:4700:3030::6815:1641 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://livehd7.vip/wp-content/uploads/2021/11/%D8%A5%D8%AB%D9%8A%D9%88%D8%A8%D9%8A%D8%A7 Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:1641 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 68d1078f517e1f05b0ae14b013a3acadde5b74cbd5aee9bd8c83f7e294033410 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT cf-cache-status DYNAMIC last-modified Tue, 09 Nov 2021 23:56:22 GMT server cloudflare etag "618b0aa6-17c4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GvXPIBU%2BZojOACVe4lpP7JrQeLdMvV%2BUBp3PKlJTRH2NA8%2BzNqH5nUSjquyWen4KvghZU2SJjB6swJkyEdLYP3%2BlwpJccQrNNTjt7d%2BnO00t21cIEGuzTh8BrHDUKnIUFlgdMIWLDWC5Gw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream accept-ranges bytes cf-ray 6ac66c581f4b59e9-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 6084
GET H2	200	%D8%BA%D8%A7%D9%86%D8%A7 livehd7.vip/wp-content/uploads/2021/11/	6 KB 6 KB	68ms 63ms	Image application/octet-stream	2606:4700:3030::6815:1641 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://livehd7.vip/wp-content/uploads/2021/11/%D8%BA%D8%A7%D9%86%D8%A7 Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:1641 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f4f460154e6f04b40ecc80c7c5ef3e1ba1eef5096103c2ca40b473ed7e867a1a Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT cf-cache-status DYNAMIC last-modified Tue, 09 Nov 2021 23:56:22 GMT server cloudflare etag "618b0aa6-16d5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ICVdm5Gzwv678Q6OBscYtAEhy3UBsY9NHrG0ReUOP8FG3E6cmXIEmnL3brW3K4cZVvli8L5iRxZ9EYA8rNi5D8dcVYdColYxxukUTEN5kMDoF1kexfH%2FyoJe93ior65oesJvHLzb0Tedfg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream accept-ranges bytes cf-ray 6ac66c581f4f59e9-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 5845
GET H2	200	%D8%A7%D9%84%D8%B5%D9%8A%D9%86 livehd7.vip/wp-content/uploads/2021/10/ Redirect Chain https://www.livehd7.onl/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%B5%D9%8A%D9%86 https://livehd7.vip/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%B5%D9%8A%D9%86	5 KB 5 KB	58ms 57ms	Image application/octet-stream	2606:4700:3030::6815:1641 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://livehd7.vip/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%B5%D9%8A%D9%86 Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Server 2606:4700:3030::6815:1641 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c6e0c2f684b8a342ffa8d24d001f77c8ecff7b62d2fd816d6f3c26460e23d3a9 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT cf-cache-status DYNAMIC last-modified Mon, 11 Oct 2021 21:57:13 GMT server cloudflare etag "6164b339-13f2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JdcAAByjVoGs%2BooVjT2Py0ZcF%2FAg0pOoAU46YENZem4rPtH8y5xYsbCfsEakO%2FFV2QacAT6%2FbMNYrRlcrV%2ByR1hsmirakeqN283D363BVoIy%2FMaG1mfJlSPpDAVzGTG%2BqdF1CTv3x0X8Nw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream accept-ranges bytes cf-ray 6ac66c58c8f259e9-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 5106 Redirect headers date Thu, 11 Nov 2021 09:16:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8VkRxHqjnQe4UWfhvVQjr0FeObmSYhgZ%2FcAV05c8RcsPDqvJJ6wTWXEW3ZcHgSSP3SwqL8mBAD28N2eU2NMvCEAVBRpRErwk6JjwkhfiNqTljD2JNvNt1ES6%2FFVdIZ5z3ZwaJIwf0Sxx%2BMQQvl4%3D"}],"group":"cf-nel","max_age":604800} location https://livehd7.vip/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%B5%D9%8A%D9%86 cache-control max-age=3600 cf-ray 6ac66c585d8f5cb0-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expires Thu, 11 Nov 2021 10:16:41 GMT
GET H2	200	%D8%B9%D9%85%D8%A7%D9%86 livehd7.vip/wp-content/uploads/2021/10/ Redirect Chain https://www.livehd7.onl/wp-content/uploads/2021/10/%D8%B9%D9%85%D8%A7%D9%86 https://livehd7.vip/wp-content/uploads/2021/10/%D8%B9%D9%85%D8%A7%D9%86	5 KB 6 KB	60ms 59ms	Image application/octet-stream	2606:4700:3030::6815:1641 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://livehd7.vip/wp-content/uploads/2021/10/%D8%B9%D9%85%D8%A7%D9%86 Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Server 2606:4700:3030::6815:1641 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9e6845bbfc6fc8e3491a0205e2f581cc5e341f448fdba6d9780ad47846561e30 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT cf-cache-status DYNAMIC last-modified Thu, 07 Oct 2021 09:16:30 GMT server cloudflare etag "615ebaee-15de" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iyjmCKMIZ%2BpzfXiJQhTTlMNSSXMVxUPjf88zfwlLPiuaSOUgPW4JNpeoj%2B%2B1lem7oC7%2BZkLCeKju6WrkcuDKoRxPHhKZ8U5x5S0P5GCRwwSoqUD%2BvHDBTAgQ%2BexbSQZEqrthCxLPRhLMHg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream accept-ranges bytes cf-ray 6ac66c58d91359e9-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 5598 Redirect headers date Thu, 11 Nov 2021 09:16:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=59vEtRbT3hl7ldfO6n3DsVlrFSNfb25d5BycsUExeDgtQ3%2FNW%2BtAuSmwkniNm2R39wbR6AFxthMSwmHjmcuj7QRpBiOVyDKOH4r09PJ6TkcZc1jA0Iio3Z3mj142ZLllAq9wTgypGQdnsmGJfTA%3D"}],"group":"cf-nel","max_age":604800} location https://livehd7.vip/wp-content/uploads/2021/10/%D8%B9%D9%85%D8%A7%D9%86 cache-control max-age=3600 cf-ray 6ac66c585da75cb0-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expires Thu, 11 Nov 2021 10:16:41 GMT
GET H2	200	%D8%AC%D9%88%D8%B1%D8%AC%D9%8A%D8%A7 livehd7.vip/wp-content/uploads/2021/11/	6 KB 6 KB	66ms 61ms	Image application/octet-stream	2606:4700:3030::6815:1641 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://livehd7.vip/wp-content/uploads/2021/11/%D8%AC%D9%88%D8%B1%D8%AC%D9%8A%D8%A7 Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:1641 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a09e9708e1f75c34a7bbd6802e73de64011ea63d5ab8ea9af6f29f35bc5f43bf Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT cf-cache-status DYNAMIC last-modified Tue, 09 Nov 2021 23:54:52 GMT server cloudflare etag "618b0a4c-1748" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mVdTkzBj2slECGIFBWXp2t5h4BJdzfWjP3f9nu%2BJhT9Gfge7X9OzmS1ECDwmKFbo25rkAjBMMrQS0jh0GRXMAf83aAD3m1%2FGt6d%2BTrgVnk%2BKNM3jjYqnp4xQ3fu13SRBbrVPU4RU8z0VWw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream accept-ranges bytes cf-ray 6ac66c581f5359e9-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 5960
GET H2	200	%D8%A7%D9%84%D8%B3%D9%88%D9%8A%D8%AF livehd7.vip/wp-content/uploads/2021/11/	5 KB 6 KB	64ms 59ms	Image application/octet-stream	2606:4700:3030::6815:1641 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://livehd7.vip/wp-content/uploads/2021/11/%D8%A7%D9%84%D8%B3%D9%88%D9%8A%D8%AF Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:1641 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cc22aaf108f6de1f7a6a6f0a0fb6c724dfc75a81663a6c6549e1f0eea3e98ca1 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT cf-cache-status DYNAMIC last-modified Tue, 09 Nov 2021 23:54:52 GMT server cloudflare etag "618b0a4c-1595" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MEZCzzKkOes8pC2iP98Jd5RUr%2BfgNfADrGS3cMq3J5UAVDDiDQc0is%2B%2BD1yvK3Z4cdRwp7Fc4kAQZtrtVSzA2cKoqsilBICHs%2FwaJrLfvquAcMAPVbAViExTWfw78HIvya7hw3tDlQhPUQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream accept-ranges bytes cf-ray 6ac66c581f5959e9-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 5525
GET H2	200	%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7 livehd7.vip/wp-content/uploads/2021/11/	7 KB 7 KB	66ms 61ms	Image application/octet-stream	2606:4700:3030::6815:1641 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://livehd7.vip/wp-content/uploads/2021/11/%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7 Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:1641 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6d1bd9815cbaa1d0e1655f97c63c2b98fd10cc0dc44325ec6b741d008e778bb7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT cf-cache-status DYNAMIC last-modified Tue, 09 Nov 2021 23:53:49 GMT server cloudflare etag "618b0a0d-1aed" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ncpEcb8Z8X1c0mzDWkmj5GkNIEWOsL6g%2BSeLmvK2hzhicyPzjM8t9oLtt7V93TltfVD0IxQSJP0PeW2OAq32ecz9iMTqzfDKNr05UybzNHi4DGinVm5AbTU%2BZsMRlXxjSCw4yaQ5aWgSHA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream accept-ranges bytes cf-ray 6ac66c581f5a59e9-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 6893
GET H2	200	%D9%82%D8%B7%D8%B1 livehd7.vip/wp-content/uploads/2021/10/ Redirect Chain https://www.livehd7.onl/wp-content/uploads/2021/10/%D9%82%D8%B7%D8%B1 https://livehd7.vip/wp-content/uploads/2021/10/%D9%82%D8%B7%D8%B1	5 KB 6 KB	61ms 61ms	Image application/octet-stream	2606:4700:3030::6815:1641 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://livehd7.vip/wp-content/uploads/2021/10/%D9%82%D8%B7%D8%B1 Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Server 2606:4700:3030::6815:1641 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 09ee73038f57eb31c8770a8b13b265521d1a38097e3dd28ad16d4ad2359136f1 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT cf-cache-status DYNAMIC last-modified Fri, 08 Oct 2021 21:13:59 GMT server cloudflare etag "6160b497-151a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zkW5KeErWc1jLDJBov5fI54yyG9Sg5v0bMvhzhgKKYZeLqACya%2FQGOG%2BJp%2FHSebqpQzlaS%2BxDMas3zaT5RBK%2Bxv7eaoVWVlnx%2BnbBoeScprk1p4o8G%2F%2FN81XQMA5mqu3We8yGT7Pwg%2FdNw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream accept-ranges bytes cf-ray 6ac66c58d91059e9-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 5402 Redirect headers date Thu, 11 Nov 2021 09:16:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OTpNbP%2BXpEehWCV0CgACnGhNfP5VA6MRjH65o4tg5NsntpWKaayD3CLBQrT4plv0tKOlfyqXtuKXeWNAYz%2FDWpcu8yPWypsdQzgBZv4KIwBnH%2FfcB6ckX40zqypN5xehe51ZLpl6QGJhSeLV%2B8M%3D"}],"group":"cf-nel","max_age":604800} location https://livehd7.vip/wp-content/uploads/2021/10/%D9%82%D8%B7%D8%B1 cache-control max-age=3600 cf-ray 6ac66c585da95cb0-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expires Thu, 11 Nov 2021 10:16:41 GMT
GET H2	200	%D8%A7%D9%84%D8%B9%D8%B1%D8%A7%D9%82 livehd7.vip/wp-content/uploads/2021/10/ Redirect Chain https://www.livehd7.onl/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%B9%D8%B1%D8%A7%D9%82 https://livehd7.vip/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%B9%D8%B1%D8%A7%D9%82	5 KB 5 KB	67ms 66ms	Image application/octet-stream	2606:4700:3030::6815:1641 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://livehd7.vip/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%B9%D8%B1%D8%A7%D9%82 Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Server 2606:4700:3030::6815:1641 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3d2ff84f282acf57a96823d988b3aaed0ea0cdb0426af23bc0c243e8d8d22bd2 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT cf-cache-status DYNAMIC last-modified Thu, 07 Oct 2021 09:17:32 GMT server cloudflare etag "615ebb2c-125b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t76g1wqouu7waBxFNOpjzNmReSaUagrpiDcfFoAcI1%2BxGIGYcxq%2BQOSg6O8XRqHIlnAKBSKK4t2S%2FaAepg1c11ApiSok2cuYS5cBzgGY7wNORH66x8TzjLi7SBUijcsN%2F2VzpnjgVGPdzA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream accept-ranges bytes cf-ray 6ac66c58e92859e9-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 4699 Redirect headers date Thu, 11 Nov 2021 09:16:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IOKWTE2nj93O1oMhSP7p7TsvbZ7mrmeVXL0q3aZKkzXkfvSAImw3u7ZlwzXv5LKUfCxkfLvloMkJkqQG%2FtK0JxAcIZC4UagGgStK%2BWwQuzuluQZDIUSBi7JkyHyQ1nGCVtdKl9jo4rnBR1KJ7Fc%3D"}],"group":"cf-nel","max_age":604800} location https://livehd7.vip/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%B9%D8%B1%D8%A7%D9%82 cache-control max-age=3600 cf-ray 6ac66c585dab5cb0-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expires Thu, 11 Nov 2021 10:16:41 GMT
GET H2	200	%D8%B3%D9%88%D8%B1%D9%8A%D8%A7 livehd7.vip/wp-content/uploads/2021/10/ Redirect Chain https://www.livehd7.onl/wp-content/uploads/2021/10/%D8%B3%D9%88%D8%B1%D9%8A%D8%A7 https://livehd7.vip/wp-content/uploads/2021/10/%D8%B3%D9%88%D8%B1%D9%8A%D8%A7	4 KB 4 KB	61ms 60ms	Image application/octet-stream	2606:4700:3030::6815:1641 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://livehd7.vip/wp-content/uploads/2021/10/%D8%B3%D9%88%D8%B1%D9%8A%D8%A7 Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Server 2606:4700:3030::6815:1641 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 273abeffc139916ebed51ca83efd384b27829f822a3b49ff13a2f27294435776 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT cf-cache-status DYNAMIC last-modified Thu, 07 Oct 2021 09:43:50 GMT server cloudflare etag "615ec156-1086" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CqsQpYLLgoa0WMO22N9god%2Fi3EASIWw%2FwOKyCAX8DqDXQ4ULVZFd1rsX7yfFXS3mpS2Y8sYZ4A7y0YLfLtfsXAmnMa6R4erCIgWQ04vIh4RNERfgJrvd3kPPYU52uCyvQqLG%2FSdbIaw0rQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream accept-ranges bytes cf-ray 6ac66c58d91659e9-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 4230 Redirect headers date Thu, 11 Nov 2021 09:16:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BVHQnNaAHE8sXEYBARLRRCgTWXw1dR%2Fmwj6IC5O%2FG8VI1l2onFGOCo2UudvM7i18d2%2F4QrJ3ZfXPqIXlDUV%2FplFn1D%2BqGaQIfljq70wcpFdA3c%2FE5P%2BD87%2BFSWfTO7ewfOynl7Yrlz1a8iHvCus%3D"}],"group":"cf-nel","max_age":604800} location https://livehd7.vip/wp-content/uploads/2021/10/%D8%B3%D9%88%D8%B1%D9%8A%D8%A7 cache-control max-age=3600 cf-ray 6ac66c585dac5cb0-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expires Thu, 11 Nov 2021 10:16:41 GMT
GET H2	200	%D8%AC%D9%86%D9%88%D8%A8%20%D8%A5%D9%81%D8%B1%D9%8A%D9%82%D9%8A%D8%A7 livehd7.vip/wp-content/uploads/2021/11/	7 KB 7 KB	64ms 60ms	Image application/octet-stream	2606:4700:3030::6815:1641 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://livehd7.vip/wp-content/uploads/2021/11/%D8%AC%D9%86%D9%88%D8%A8%20%D8%A5%D9%81%D8%B1%D9%8A%D9%82%D9%8A%D8%A7 Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:1641 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4bfc1b8ccf8cf5c45f2071584ab7f1160d52789ffc3beb74dda5f2c36b17f273 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT cf-cache-status DYNAMIC last-modified Tue, 09 Nov 2021 23:52:32 GMT server cloudflare etag "618b09c0-1b36" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ngV1barwQGZRDXUw1VxW%2FAiT95mXV%2B2TbSvtHhSw%2B938PdYxXW4pXFjZLrDqgJAGWCGB3Md2dCKRwyKIwp9tHPG%2F31tkhNqVOxcwtJXmyvwUA8wYIv%2FdfmXaa3uWK%2BVNSQ6gkYQ%2FZf%2B1dQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream accept-ranges bytes cf-ray 6ac66c581f5b59e9-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 6966
GET H2	200	%D8%B2%D9%8A%D9%85%D8%A8%D8%A7%D8%A8%D9%88%D9%8A livehd7.vip/wp-content/uploads/2021/11/	6 KB 7 KB	64ms 60ms	Image application/octet-stream	2606:4700:3030::6815:1641 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://livehd7.vip/wp-content/uploads/2021/11/%D8%B2%D9%8A%D9%85%D8%A8%D8%A7%D8%A8%D9%88%D9%8A Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:1641 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b63c8e7c40d80a334035dc70acbae368fe2def8b653eeac7a0d2b6e7613ac95c Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT cf-cache-status DYNAMIC last-modified Tue, 09 Nov 2021 23:52:32 GMT server cloudflare etag "618b09c0-192f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9kzryOVTckDjGm39exreUXE0Xbu8s5mqoM8XCV5JfLPrrNB9uR6%2BCL2q1K2HCjEz4RW88A%2FKhVbQTctpUnTO2eaJka1jSZwH%2FmPrj8bau2CciWAfa%2FDSPzesYJt4DO54cGhdg7GwLsFvqw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream accept-ranges bytes cf-ray 6ac66c581f5d59e9-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 6447
GET H2	200	%D8%A3%D9%84%D9%85%D8%A7%D9%86%D9%8A%D8%A7 livehd7.vip/wp-content/uploads/2021/10/ Redirect Chain https://www.livehd7.onl/wp-content/uploads/2021/10/%D8%A3%D9%84%D9%85%D8%A7%D9%86%D9%8A%D8%A7 https://livehd7.vip/wp-content/uploads/2021/10/%D8%A3%D9%84%D9%85%D8%A7%D9%86%D9%8A%D8%A7	4 KB 5 KB	64ms 64ms	Image application/octet-stream	2606:4700:3030::6815:1641 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://livehd7.vip/wp-content/uploads/2021/10/%D8%A3%D9%84%D9%85%D8%A7%D9%86%D9%8A%D8%A7 Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Server 2606:4700:3030::6815:1641 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ce900327e8ebd1baf92f6b58706b88da43fa6d471acceb7681a4edfee5c24021 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT cf-cache-status DYNAMIC last-modified Thu, 07 Oct 2021 21:43:19 GMT server cloudflare etag "615f69f7-119c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oqirAthaM2Q57g%2FHBli%2FzTxWVU1IAAp3lJUW9rQHe8cdf7mQAp1DHfGdMHL7lcP512yJrOxz%2FTXHFZ%2Bs9Zr9Ks%2FC4sACIGCa2wxzBeOzjPSJP%2FwPWYyclSqzHW2Fj%2B0tQi%2FOZaWD1TLGsw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream accept-ranges bytes cf-ray 6ac66c58d90c59e9-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 4508 Redirect headers date Thu, 11 Nov 2021 09:16:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VT6GWM7gUodHIcM%2BY5gDeSt5qx%2BD0nK%2ByUPDMGwG9MI9VckSfV%2Fe8FT1BWLTW7a3V25dowHHpLxYHrIoYK6D5%2B3lea9gDWbJeGW%2BYiikBijyu%2B58rVPT0RH3BaH93kTbg5XyHcurJPvKmO1gJVo%3D"}],"group":"cf-nel","max_age":604800} location https://livehd7.vip/wp-content/uploads/2021/10/%D8%A3%D9%84%D9%85%D8%A7%D9%86%D9%8A%D8%A7 cache-control max-age=3600 cf-ray 6ac66c585dad5cb0-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expires Thu, 11 Nov 2021 10:16:41 GMT
GET H2	200	%D9%84%D9%8A%D8%AE%D8%AA%D9%86%D8%B4%D8%AA%D8%A7%D9%8A%D9%86 livehd7.vip/wp-content/uploads/2021/11/	7 KB 8 KB	64ms 61ms	Image application/octet-stream	2606:4700:3030::6815:1641 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://livehd7.vip/wp-content/uploads/2021/11/%D9%84%D9%8A%D8%AE%D8%AA%D9%86%D8%B4%D8%AA%D8%A7%D9%8A%D9%86 Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:1641 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e547d78ccf77ec0893d2af3eae31a542f3e4f3cbb742bb7f65a21b1b87897037 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT cf-cache-status DYNAMIC last-modified Tue, 09 Nov 2021 23:51:35 GMT server cloudflare etag "618b0987-1c84" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r2IW1E%2FVnnYxjwU32pTqnbXDTi%2Fk5GA4gx%2BiULP%2F8%2BpjdYyIBefPHnVJr%2BKTiQNpmDTDF1OqOWvABFkR2ChKLwbAsCFmzb64UjRoWnWu5sRnuDSuu2hP6u1h5HCA7SBEjKSVoErMIB78OA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream accept-ranges bytes cf-ray 6ac66c581f5f59e9-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 7300
GET H2	200	%D8%A3%D9%8A%D8%B1%D9%84%D9%86%D8%AF%D8%A7 livehd7.vip/wp-content/uploads/2021/10/ Redirect Chain https://www.livehd7.onl/wp-content/uploads/2021/10/%D8%A3%D9%8A%D8%B1%D9%84%D9%86%D8%AF%D8%A7 https://livehd7.vip/wp-content/uploads/2021/10/%D8%A3%D9%8A%D8%B1%D9%84%D9%86%D8%AF%D8%A7	4 KB 5 KB	63ms 63ms	Image application/octet-stream	2606:4700:3030::6815:1641 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://livehd7.vip/wp-content/uploads/2021/10/%D8%A3%D9%8A%D8%B1%D9%84%D9%86%D8%AF%D8%A7 Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Server 2606:4700:3030::6815:1641 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0e68e5ed55b33ca3e8f9487d4359a6c30f75b0047dc8b80737e9ff21e210450e Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT cf-cache-status DYNAMIC last-modified Mon, 11 Oct 2021 21:53:55 GMT server cloudflare etag "6164b273-1118" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gnrNxg%2FXBmhyY7XDuaNvYgqSnb0VSAcrFmCP0X1E%2Fh2e%2BRqpXoIgo24TfCP5sX5gPDYSY2XZnyoaA5xI%2BZ%2FFJf8LZgGV%2FvvcGP6Ws2sONF6fgTMphUuVnM8hd63h5mGqpg5v47mmductZw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream accept-ranges bytes cf-ray 6ac66c58d90d59e9-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 4376 Redirect headers date Thu, 11 Nov 2021 09:16:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QgaxrUizGuWXiH20%2F4%2FdIPI8TERLvC%2FdTJA8LBw6E%2B%2Fsp0EuhmRZ8xf0WaDihHyehGQEyKRl1Im63Zi7%2F4JSFHd0v71AZj4QE0zWnJtpA71VzCsPcIhQYm4TNqjuzjlY1LMzc9tU0C4n%2F3BUdmM%3D"}],"group":"cf-nel","max_age":604800} location https://livehd7.vip/wp-content/uploads/2021/10/%D8%A3%D9%8A%D8%B1%D9%84%D9%86%D8%AF%D8%A7 cache-control max-age=3600 cf-ray 6ac66c585dae5cb0-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expires Thu, 11 Nov 2021 10:16:41 GMT
GET H2	200	%D8%A7%D9%84%D8%A8%D8%B1%D8%AA%D8%BA%D8%A7%D9%84 livehd7.vip/wp-content/uploads/2021/10/ Redirect Chain https://www.livehd7.onl/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%A8%D8%B1%D8%AA%D8%BA%D8%A7%D9%84 https://livehd7.vip/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%A8%D8%B1%D8%AA%D8%BA%D8%A7%D9%84	7 KB 7 KB	63ms 61ms	Image application/octet-stream	2606:4700:3030::6815:1641 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://livehd7.vip/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%A8%D8%B1%D8%AA%D8%BA%D8%A7%D9%84 Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Server 2606:4700:3030::6815:1641 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 22228c7d1b06cc0faf375ef4b28244d43f802ebdafec72343f97303522e1ce62 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT cf-cache-status DYNAMIC last-modified Fri, 08 Oct 2021 21:13:59 GMT server cloudflare etag "6160b497-1a38" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zGz4cno5%2Bc9qnX9v%2B8sBW9oPSsT8aT4ds%2BIHNYB0XyfJ%2FDIeSAnKRk0byt0Yat26zKZcLptWmFa22A%2FgeRLnyL%2B1j%2FlDX582GBts5JayOf2loMD92BS8pikvZF8LKL2HuVcDpGKMYeEs8w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream accept-ranges bytes cf-ray 6ac66c58d91b59e9-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 6712 Redirect headers date Thu, 11 Nov 2021 09:16:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xlgBpAaRMBy%2FdcBBTlJfHPk7YKq6A%2FNLcypyYrOWVj%2F0%2FHPpB6vMRfxhfuro5G7SJu%2BXT8B8l0z8X8fhBPwLxpiRK3GfybIJ3xlLcP%2FLI2CQY9zjxFY%2F3mSK7c%2BJI8FoHbC5%2FH%2FqbHvzJivY%2BcE%3D"}],"group":"cf-nel","max_age":604800} location https://livehd7.vip/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%A8%D8%B1%D8%AA%D8%BA%D8%A7%D9%84 cache-control max-age=3600 cf-ray 6ac66c585db05cb0-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expires Thu, 11 Nov 2021 10:16:41 GMT
GET H2	200	/ livehd7.vip/ Redirect Chain https://livehd7.vip/wp-content/uploads/2021/11/%D8%A7%D9%84%D9%8A%D9%88%D9%86%D8%A7%D9%86 https://livehd7.vip/	64 KB 64 KB	66ms 66ms	Image text/html	2606:4700:3030::6815:1641 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://livehd7.vip/ Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Server 2606:4700:3030::6815:1641 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT content-encoding br cf-cache-status DYNAMIC last-modified Thu, 11 Nov 2021 08:56:36 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ukfkCYOFZgff59V0i4h87fItEbXSFlhih47hhS%2BmPxoRb37zrX8YQOLr6lT3NhQeGh8ivIyT0lzzoPVHh6A5x63v50LTDKgbai%2FOdBWU%2BvWVhUcF3lr9Fk1SDPuy4sfP2ELZ6FxrXKNAcw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html cf-ray 6ac66c58e93359e9-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Redirect headers date Thu, 11 Nov 2021 09:16:41 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gKnQLXK2mkqC%2BnHILD8leI9Q3Hnup0pAJWBngaYANrSBuwwz8dT1VwrvrOmtadKNz%2F87dGz0PL7W23WDZHswe7Ooh3YK8sGY%2FlM9miwY7DZvnAPp%2F3JAwrCALbEnu7TKioO5XVeqxMbLXw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 location https://livehd7.vip cache-control no-cache, must-revalidate, max-age=0 cf-ray 6ac66c582f7059e9-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	%D8%A5%D8%B3%D8%A8%D8%A7%D9%86%D9%8A%D8%A7 livehd7.vip/wp-content/uploads/2021/10/ Redirect Chain https://www.livehd7.onl/wp-content/uploads/2021/10/%D8%A5%D8%B3%D8%A8%D8%A7%D9%86%D9%8A%D8%A7 https://livehd7.vip/wp-content/uploads/2021/10/%D8%A5%D8%B3%D8%A8%D8%A7%D9%86%D9%8A%D8%A7	5 KB 5 KB	69ms 68ms	Image application/octet-stream	2606:4700:3030::6815:1641 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://livehd7.vip/wp-content/uploads/2021/10/%D8%A5%D8%B3%D8%A8%D8%A7%D9%86%D9%8A%D8%A7 Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Server 2606:4700:3030::6815:1641 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 57d5f44c21d569e674c60165e0d98ae6515d11447b2750c43ab3434694bb37ef Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT cf-cache-status DYNAMIC last-modified Mon, 04 Oct 2021 23:02:46 GMT server cloudflare etag "615b8816-13f2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dFX5LC9hFobOkwAYvXTfIT0r15dBoKLaabdhlpyjgmKlIWgXocfnelXx9zjwJDJg9eEgHF1aa%2B43eyjOwf5rVm2cXGuLiwHYyaRrYQ1WIIanwe1Cx%2B4XcbOh8EkGgew3r%2Fzt5A97W0ZB0Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream accept-ranges bytes cf-ray 6ac66c58e92e59e9-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 5106 Redirect headers date Thu, 11 Nov 2021 09:16:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AGjkP5%2Fdac1Zpx7zkpb2g%2BlhVoVswd6EjqHkSHvJ9CgXKcHdByvg1rqHJL2H3kzOvm7%2BLp6rpR5eoH52VlBhCddtcMjdrVVmYPVBmizUfmFIdi4%2BUVueGQZEhHXTzAK%2FPbTr7mZjI5QgJjZZ%2BUk%3D"}],"group":"cf-nel","max_age":604800} location https://livehd7.vip/wp-content/uploads/2021/10/%D8%A5%D8%B3%D8%A8%D8%A7%D9%86%D9%8A%D8%A7 cache-control max-age=3600 cf-ray 6ac66c585db15cb0-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expires Thu, 11 Nov 2021 10:16:41 GMT
GET H2	200	%D9%85%D8%A7%D9%84%D8%B7%D8%A7 livehd7.vip/wp-content/uploads/2021/11/	5 KB 5 KB	67ms 63ms	Image application/octet-stream	2606:4700:3030::6815:1641 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://livehd7.vip/wp-content/uploads/2021/11/%D9%85%D8%A7%D9%84%D8%B7%D8%A7 Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:1641 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c64265b979dfafe77c35e19eaaaa762b66e137f0ec9b7c384eab2c9388cfbe38 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT cf-cache-status DYNAMIC last-modified Tue, 09 Nov 2021 23:48:16 GMT server cloudflare etag "618b08c0-1406" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QUOndFygjiMs4TI8HGbBQ3%2BKhgrsgYCsDLQbXG%2BbG7M4DLmL2r2BeIj%2BuZFaB%2BLd7kdRC8P4nGOzzfymMLkRqlHxiztFuvAnde0E%2Bwk1DvuyvBr3pJ5bUbvgcH3eYuOcOzvO2BIkXu1TbQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream accept-ranges bytes cf-ray 6ac66c582f7159e9-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 5126
GET H2	200	%D9%83%D8%B1%D9%88%D8%A7%D8%AA%D9%8A%D8%A7 livehd7.vip/wp-content/uploads/2021/11/	6 KB 6 KB	67ms 64ms	Image application/octet-stream	2606:4700:3030::6815:1641 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://livehd7.vip/wp-content/uploads/2021/11/%D9%83%D8%B1%D9%88%D8%A7%D8%AA%D9%8A%D8%A7 Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:1641 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1515fc2a6b9b41ff0715ea746b09b7d7e513f6f437c6ead42324011d047a3628 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT cf-cache-status DYNAMIC last-modified Tue, 09 Nov 2021 23:48:16 GMT server cloudflare etag "618b08c0-16ec" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VA5xd9OjbJlGBhBfTE%2BKP6mnw3q89Ii9nyXVR3RUWek11F2XHMBJOJhBYTcR6LXRnB%2FDcCD8ZEVGCZS9Dj6zQ1a%2F9Jfgp2F9W7Phqzv1Hzu3oB%2BmkI8bh41QQ43d%2BsdRpjPELKrGfK988A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream accept-ranges bytes cf-ray 6ac66c582f7359e9-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 5868
GET H2	200	%D8%A7%D9%84%D8%A5%D9%83%D9%88%D8%A7%D8%AF%D9%88%D8%B1 livehd7.vip/wp-content/uploads/2021/10/ Redirect Chain https://www.livehd7.onl/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%A5%D9%83%D9%88%D8%A7%D8%AF%D9%88%D8%B1 https://livehd7.vip/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%A5%D9%83%D9%88%D8%A7%D8%AF%D9%88%D8%B1	8 KB 9 KB	64ms 63ms	Image application/octet-stream	2606:4700:3030::6815:1641 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://livehd7.vip/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%A5%D9%83%D9%88%D8%A7%D8%AF%D9%88%D8%B1 Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Server 2606:4700:3030::6815:1641 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fe6d3f26a9749524404bd3e7e268f791af04cc418b81980b11e8a7f702f2b415 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT cf-cache-status DYNAMIC last-modified Thu, 14 Oct 2021 19:44:12 GMT server cloudflare etag "6168888c-2097" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S7zRLpofg2GqRBRgUQ8Qi112bph3OOI1iAA7Rt%2FWqaWUhDcbbRmyz48d1g%2Bi%2FZvLaM28SjFtoKNe%2BAEXOdldueFUXgR4RXISgPwol0Z2eGPNv%2B3GW7dGJ4BIKtFHvfXkqKkkgfatJoWjuQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream accept-ranges bytes cf-ray 6ac66c58e92b59e9-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 8343 Redirect headers date Thu, 11 Nov 2021 09:16:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bi1tTh5t%2BL6Qs%2BpAMOql8K%2Fy8w6H3uzqB8jmWvZyaU7gBrMZrfritUmULDEFANT2TdC0Vg75VHwuTZzCggcnz%2BIqhHw6JCW8aHS8C4yTtArSRMF48k1Gx%2FTSEGsxFw5nvZXxWVlSQGeW%2B8orrcM%3D"}],"group":"cf-nel","max_age":604800} location https://livehd7.vip/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%A5%D9%83%D9%88%D8%A7%D8%AF%D9%88%D8%B1 cache-control max-age=3600 cf-ray 6ac66c585db25cb0-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expires Thu, 11 Nov 2021 10:16:41 GMT
GET H2	200	%D9%81%D9%86%D8%B2%D9%88%D9%8A%D9%84%D8%A7 livehd7.vip/wp-content/uploads/2021/10/ Redirect Chain https://www.livehd7.onl/wp-content/uploads/2021/10/%D9%81%D9%86%D8%B2%D9%88%D9%8A%D9%84%D8%A7 https://livehd7.vip/wp-content/uploads/2021/10/%D9%81%D9%86%D8%B2%D9%88%D9%8A%D9%84%D8%A7	7 KB 7 KB	60ms 59ms	Image application/octet-stream	2606:4700:3030::6815:1641 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://livehd7.vip/wp-content/uploads/2021/10/%D9%81%D9%86%D8%B2%D9%88%D9%8A%D9%84%D8%A7 Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Server 2606:4700:3030::6815:1641 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fd1ac3d77745171283b1d76bce66024916c8aa4fab2339b305c8a86c964296a9 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT cf-cache-status DYNAMIC last-modified Thu, 07 Oct 2021 21:39:24 GMT server cloudflare etag "615f690c-1bb8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eXZuAZt7b3QGbpIwprjLn6uYfy1DZohbGTh71WJ2IYHKxEMGDru9Y5sCi3weNqGIU5tsE6MucFzZI0upiLtYZ8VVE2n1CQTIlE%2Ffy8bP5H5jleyCIXKfu6OXM%2FDq7ETyG9d0lsWJkzncEA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream accept-ranges bytes cf-ray 6ac66c58e93159e9-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 7096 Redirect headers date Thu, 11 Nov 2021 09:16:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ha%2BDsqGy5v7YLvie1Ms%2Bwn7ZFusjhhWywF%2BvkYPX%2FmjfC9KcrTWKFsKunupmSilBtC2RBi29jl5dlir0H87ZoZbD33wwud1UeyQb7HiBkRmBXgEao4OMIb6hAFxI9OirrEl85TY604LBfoDZSTI%3D"}],"group":"cf-nel","max_age":604800} location https://livehd7.vip/wp-content/uploads/2021/10/%D9%81%D9%86%D8%B2%D9%88%D9%8A%D9%84%D8%A7 cache-control max-age=3600 cf-ray 6ac66c585db45cb0-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expires Thu, 11 Nov 2021 10:16:41 GMT
GET H2	200	014789-300x141.jpg livehd7.vip/wp-content/uploads/2021/11/	7 KB 7 KB	33ms 30ms	Image image/jpeg	2606:4700:3030::6815:1641 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://livehd7.vip/wp-content/uploads/2021/11/014789-300x141.jpg Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:1641 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0c92ff0ec9de47fa48cfbceea7220b7b8fe1a369ac3e02cc521f6b2c4d20582a Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2778 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 7257 last-modified Mon, 08 Nov 2021 15:47:47 GMT server cloudflare etag "618946a3-1c59" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BCD6Fyaixy%2Fpiy7fFrKO0JRsdCWmyoZndF2y3%2F3QuQyo1jriXVMOxE1pcWvwN486VxbkhYZ%2FwL%2BsBy5RxTfnHKnfw8CQqw0xAYdGqr6ruWLehMtVI%2FHNkRHtElR8VM82DdSCeG3ktYq2Aw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6ac66c582f7459e9-MXP
GET H2	200	00000000041214-300x141.jpg livehd7.vip/wp-content/uploads/2021/11/	7 KB 8 KB	34ms 30ms	Image image/jpeg	2606:4700:3030::6815:1641 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://livehd7.vip/wp-content/uploads/2021/11/00000000041214-300x141.jpg Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:1641 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 85f355f59837f1392941171e98a709f8d053c253d777e719f55790100fabdbb2 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2778 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 7631 last-modified Mon, 08 Nov 2021 15:47:47 GMT server cloudflare etag "618946a3-1dcf" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FgsSzIz0tTMh0bMwBz29S6LBmjm%2BEhCKpQ%2FdeqYpiQ8hGiSXio1kSWRdEq0bC%2BERjKLQqUioU9xhN8IXBpHiXDRJHeaVHzEziPT08%2Ftn%2B9CddnBxv%2FgrDyy6yOTk7x%2BhHhveMFFLTEL6Rg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6ac66c582f7559e9-MXP
GET H2	200	00000000000000000000111-300x141.jpg livehd7.vip/wp-content/uploads/2021/11/	7 KB 8 KB	33ms 29ms	Image image/jpeg	2606:4700:3030::6815:1641 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://livehd7.vip/wp-content/uploads/2021/11/00000000000000000000111-300x141.jpg Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:1641 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 05bc1c106f8ab8b998c4f87251edfe119fe4ea81a9b5db97ce865c583ed6bbe5 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6468 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 7666 last-modified Mon, 08 Nov 2021 15:47:47 GMT server cloudflare etag "618946a3-1df2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WE9lCnAJDVAwd%2B3l6vTc7as8EFauAS%2BKwa3bOsbpEhqtJDITmSH9ZHBvDVwIegJedIk2mQ%2FsE2pUuqXlSIla40tRk0Ok9TflKRFcGN09NHd3NPjkakaIXAX3Tcz62%2BsVqdScUTearj%2FsYQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6ac66c582f7659e9-MXP
GET H2	200	00000000000000000-300x141.jpg livehd7.vip/wp-content/uploads/2021/11/	8 KB 8 KB	35ms 31ms	Image image/jpeg	2606:4700:3030::6815:1641 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://livehd7.vip/wp-content/uploads/2021/11/00000000000000000-300x141.jpg Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:1641 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f202c648dc07c851f8f2402672c12cf53ecefa76ad4fbe0d2dfd1b45cc600053 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6468 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 7803 last-modified Mon, 08 Nov 2021 15:47:47 GMT server cloudflare etag "618946a3-1e7b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0CGoH1msFEbX48E26It8Y3pKxjO4ssbr6nrJLikdKADouFPamyK65EZPcVYep4d%2FnVKOvDN0c4gC0JBnMazYanuu3zdH6H1D9mDQ6jYLIxKvwYHP14%2FiBfhvybA0kIza0mT%2FvXszE6kGUQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6ac66c582f7759e9-MXP
GET H2	200	00000000-300x141.jpg livehd7.vip/wp-content/uploads/2021/11/	7 KB 8 KB	45ms 42ms	Image image/jpeg	2606:4700:3030::6815:1641 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://livehd7.vip/wp-content/uploads/2021/11/00000000-300x141.jpg Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:1641 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9bf0153b2b9396240ed5108e82c71a3bf9c13ee90af78c9220cdc4a1b6c91501 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4197 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 7647 last-modified Mon, 08 Nov 2021 15:47:47 GMT server cloudflare etag "618946a3-1ddf" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PE32%2FykbksyURYcq2xBnXJyF5wU5QNbCGbNx1SRJvLSmrKa4dO8ZG%2BeJuSPEhTMuY3CZvnEHHZD42xYSXxJBJjazPkXiaSrK%2BWqEIEfW3JV5awVfuGa%2FXbQjtkH8%2FJ1on2an3TCX41aVVQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6ac66c582f7859e9-MXP
GET H2	200	02514874-300x141.jpg livehd7.vip/wp-content/uploads/2021/10/	7 KB 8 KB	35ms 32ms	Image image/jpeg	2606:4700:3030::6815:1641 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://livehd7.vip/wp-content/uploads/2021/10/02514874-300x141.jpg Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:1641 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 858c2cd081a33ed38ee39fef504dca4713cacbcbc184d82b22fe87c75eb01993 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4197 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 7386 last-modified Mon, 08 Nov 2021 15:47:46 GMT server cloudflare etag "618946a2-1cda" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2FQo6LMOi7G9a3Qfa1%2BPi9vY9b1HnRevhDk2XXRujiBlyapYN4BwVjgajPC9O4DW6%2Bg3gyVY3eR3xOJXVR0B69g7GOMi2EjXWVizLesAH687h6xfbtpm%2FSCEMsSd2UIWq6oi1JsB0HFlWA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6ac66c582f7959e9-MXP
GET H2	200	012410-300x141.jpg livehd7.vip/wp-content/uploads/2021/10/	8 KB 8 KB	36ms 33ms	Image image/jpeg	2606:4700:3030::6815:1641 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://livehd7.vip/wp-content/uploads/2021/10/012410-300x141.jpg Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:1641 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e06032afe88f84e76529e6dc20fc9affa1a6568499b24b99c37ae28ad8ea5b66 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4197 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 7904 last-modified Mon, 08 Nov 2021 15:47:46 GMT server cloudflare etag "618946a2-1ee0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=psZGYjCEmRaVW8oHHRdZDVcTDtNVrKB3DiU%2Bin7DGqdCXT6fGYcq5CTSOBMIAXZTdAz%2BcIqSMOAfxY2EiNiktphVtDFXUqhmzq%2Bm3Mbc33yapBX4tFVF92wPHM6ot1CpYDp0vqi3Nb8bQg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6ac66c582f7a59e9-MXP
GET H2	200	0450-300x141.jpg livehd7.vip/wp-content/uploads/2021/10/	8 KB 8 KB	35ms 32ms	Image image/jpeg	2606:4700:3030::6815:1641 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://livehd7.vip/wp-content/uploads/2021/10/0450-300x141.jpg Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:1641 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 342fab0ca3ad4fc7804cad30b54e4d5d9dce06c1078c30fa4d928036c4486d29 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2778 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 7921 last-modified Mon, 08 Nov 2021 15:47:44 GMT server cloudflare etag "618946a0-1ef1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Ja4fL0DHLU6p8ppHxXitK1L%2FrhFQ5dwKU3rGYlP%2FA9p0t%2FTSy59O%2FOFuGDkpRlSrdRwHe67y6Q2I1%2FM14SQH84DLdfYZN6ThjAUZxLNqo3JQVx49eXbSUqY7%2FPTj5d%2BOcMGQFOV6bHrjg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6ac66c582f7b59e9-MXP
GET H2	200	365220-300x141.jpg livehd7.vip/wp-content/uploads/2021/10/	7 KB 8 KB	45ms 43ms	Image image/jpeg	2606:4700:3030::6815:1641 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://livehd7.vip/wp-content/uploads/2021/10/365220-300x141.jpg Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:1641 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 949044df45e57fdad1f50384a084a1a7e5d3bc83c0fd9e8ed5d6ef8854823b4c Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4197 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 7506 last-modified Mon, 08 Nov 2021 15:47:44 GMT server cloudflare etag "618946a0-1d52" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6TcaTZg38BU2kECPdu2LBwo3TXlRUSk3yoOAxO%2FQ72Oo5V%2FMvypJ2ornKC0bqvvwDoix7myADXO3kysqYwOGP0YjksJg9pdH3SlhpINsQzr0hp%2B8MB8Lamk6lqUzuUnLaC4kFs5b%2BoiYMA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6ac66c582f7c59e9-MXP
GET H2	200	00125-300x141.jpg livehd7.vip/wp-content/uploads/2021/10/	8 KB 8 KB	39ms 37ms	Image image/jpeg	2606:4700:3030::6815:1641 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://livehd7.vip/wp-content/uploads/2021/10/00125-300x141.jpg Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:1641 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4b48e3553734b4447f0242d7af081be49783793e01e546e4395632f8990c345a Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4197 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 7843 last-modified Mon, 08 Nov 2021 15:47:45 GMT server cloudflare etag "618946a1-1ea3" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TbbPmGR7cxl65waJnK4UJA%2BVjyRaRNqj9s6yXniw5arxwMr9qVm26oFqfyV85%2F5qCxvF7JxnaJEybc0W1AwTLPoGJFGrtF1udq4WPsBq%2BFV3d8Bly24DBZjWyFI4btekw0OjGaVfiP%2By8Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6ac66c582f7f59e9-MXP
GET H2	200	54123154-1-300x141.jpg livehd7.vip/wp-content/uploads/2021/10/	7 KB 8 KB	35ms 33ms	Image image/jpeg	2606:4700:3030::6815:1641 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://livehd7.vip/wp-content/uploads/2021/10/54123154-1-300x141.jpg Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:1641 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 60e93179004f7f62c35acbdb11675ce6886be7df575b142d509e3704ab244bf8 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4197 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 7389 last-modified Mon, 08 Nov 2021 15:47:45 GMT server cloudflare etag "618946a1-1cdd" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YzR7xGz99gfqNuATIu4CfYUS4jTbFpYSFdrTy6FPOYeNohW4ElG%2B9Bt6IcaB11t491nmwT8iGo9z3d2qwN0Q%2BPaQOSOc5t0Ucngwd23miZKsj6gM8WMHemSHid%2BwtDbxXmJo94O8L5axWw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6ac66c582f8059e9-MXP
GET H2	200	15642531-300x141.jpg livehd7.vip/wp-content/uploads/2021/10/	8 KB 8 KB	36ms 34ms	Image image/jpeg	2606:4700:3030::6815:1641 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://livehd7.vip/wp-content/uploads/2021/10/15642531-300x141.jpg Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:1641 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6eb2f54884dc67117054a3cd55a19a0ba4e1a34e25df105f550404ded02074c1 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4197 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 7798 last-modified Mon, 08 Nov 2021 15:47:45 GMT server cloudflare etag "618946a1-1e76" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HhHM1gCOxprK6wAbWVrfC0%2BCwMqOtogjy9ClHqFhN1Wt4wTIdDU%2Bz5B6doCjDQbkFR2N6JYrAV87sV3UZK4FpWH5ZPR0gA%2BSh8xNhPhP%2FeH0P9WMnY1US%2FcyPxPMVnnKofcb6OBPJpHDIQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6ac66c582f8159e9-MXP
GET H2	200	pro.min.css kit-pro.fontawesome.com/releases/v5.13.0/css/	303 KB 50 KB	119ms 41ms	Stylesheet text/css	2606:4700::6812:1734 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kit-pro.fontawesome.com/releases/v5.13.0/css/pro.min.css Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4ae8f940fe8cef8f2e3ba4790ac45afd5fb5016c502ca2f37bc835357ce8d113 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT content-encoding gzip cf-cache-status HIT last-modified Thu, 01 Jul 2021 19:42:29 GMT server cloudflare age 7312574 etag W/"f57f60748e19cd052e1a245c8c6ee24d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css cache-control public, max-age=31556926 cf-ray 6ac66c58d93a59fb-MXP x-amz-request-id BNX6434S6T7G2B5X x-amz-id-2 e9Z9l85rLU8vucADTdoNeb3eCeaClaOgm015/TGi9CQqb67MkUTK8BSWnU4WsW0pjIzuwPT4J5g= expires Fri, 11 Nov 2022 15:05:27 GMT
GET H2	200	mmt.js Show response livehd7.vip/wp-content/themes/YallaShoot/	50 KB 18 KB	45ms 43ms	Script application/javascript	2606:4700:3030::6815:1641 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://livehd7.vip/wp-content/themes/YallaShoot/mmt.js Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:1641 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 00611ab634229bce240792b312aa3fa195b521ad5d4307dc018d80a0150a06dc Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT content-encoding br cf-cache-status HIT last-modified Sun, 10 Oct 2021 01:34:25 GMT server cloudflare age 2779 etag W/"61624321-c9dd" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yNxLVTrPFEVbcgCxfwjqafNLhnVeaxXYWToPfQkZW4EO%2BqCZBzxHRGHYHKOoPNAoSYke9UzvxYiheXHKGZSptVIO9qFhyuE86Yq7MLtF1FvWrlvqNVLCIoekrMunkd6KDltFygbVNqupWQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6ac66c582f8259e9-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	timer.js Show response livehd7.vip/wp-content/themes/YallaShoot/	35 KB 6 KB	38ms 37ms	Script application/javascript	2606:4700:3030::6815:1641 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://livehd7.vip/wp-content/themes/YallaShoot/timer.js Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:1641 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d73608ed3204ea01800b3c9fa64620c15be5ebaf5ee2301a37a4b019c8877124 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT content-encoding br cf-cache-status HIT last-modified Sun, 10 Oct 2021 01:34:25 GMT server cloudflare age 2779 etag W/"61624321-8d6d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6GkbTLpUDbMoHhK9S2JNVn7ljJCO0aZ5ww8M0s2X5tR49A%2FZuxuXBbop6lRcPJ21TA59NXtN24N3%2Blg7rb2lMlaxeX%2B8X%2B6uJHzYwJNb91efC4fFz8d1jhAO03JYj%2FXTJswl0adbWdAbWQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6ac66c582f8359e9-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	hb_323303_12149.js Show response player.adtcdn.com/prebidlink/454617/	279 KB 83 KB	286ms 236ms	Script application/javascript	2606:4700:3032::ac43:c67b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://player.adtcdn.com/prebidlink/454617/hb_323303_12149.js Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:c67b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash da23cc6c1dabfec034032c78557e575ba43fc3fd05ab86b76fbb2975a1854b3a Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT content-encoding br cf-cache-status REVALIDATED last-modified Wed, 10 Nov 2021 10:59:29 GMT server cloudflare etag W/"618ba611-45c8d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qTWlinJbrY77FHNafyDKy85mFcW1y4fliYMORIEEGruHIwQm%2FJ1KKtp36UruHh7yzCibQTkeOwwrB3vKhwdPlK%2BznGfRWrf%2F7KA63piGJDEVhaQsNEw3cu%2FxA58LwFMyWKbkf7uPXLgTsT0Y%2B5W5sA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=345600 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6ac66c58bd41d600-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expires Thu, 11 Nov 2021 09:31:41 GMT
GET H2	200	wrapper_hb_323303_12149.js Show response player.adtcdn.com/prebidlink/454617/	958 B 1 KB	242ms 213ms	Script application/javascript	2606:4700:3032::ac43:c67b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://player.adtcdn.com/prebidlink/454617/wrapper_hb_323303_12149.js Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:c67b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5e0fae4107a7e3cf53b0a4cc2f0e31dbe7d8bda18ef65aa1c2ff67bd6a125829 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT content-encoding br cf-cache-status REVALIDATED last-modified Wed, 10 Nov 2021 16:00:29 GMT server cloudflare etag W/"618bec9d-3be" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qV9h4FRwqlfJTgcZ%2BlEMOjltsFZuiw5mnkPFqeW1PGdRotRjfIQoOTIMeWlPO0RDecIp%2FfgibfNZuUJ%2B1EyR3%2F2aWSKlbmgILvK76Ova%2FA1oo8l0s7iandituAUnD2ZPDeQskbrDlMt8AEymwoiilw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=345600 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6ac66c58bd42d600-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expires Thu, 11 Nov 2021 09:31:41 GMT
GET DATA	200 OK	truncated /	451 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
GET DATA	200 OK	truncated /	500 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
GET H2	200	NeoSansArabic.woff livehd7.vip/wp-content/themes/YallaShoot/UI/fonts/	56 KB 56 KB	25ms 20ms	Font font/woff	2606:4700:3030::6815:1641 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://livehd7.vip/wp-content/themes/YallaShoot/UI/fonts/NeoSansArabic.woff Requested by Host: livehd7.vip URL: https://livehd7.vip/wp-content/themes/YallaShoot/style.css?1285358574 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:1641 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6 Request headers Referer https://livehd7.vip/wp-content/themes/YallaShoot/style.css?1285358574 Origin https://livehd7.vip Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3687 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 57364 last-modified Mon, 04 Oct 2021 22:57:06 GMT server cloudflare etag "615b86c2-e014" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZxbvbBxQ8MBEGvlmchrymI5iz7sANxS%2FA69WpWDS%2BGB5WxW8XMXShrScN6j2kndNBYuaIINuQ1JGJtAAzl4usVWTfllniHLD1IcTs16b95JJbfsz0iY9FzqmngAZBe5iPg0Ma1cyfESl8w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff cache-control max-age=14400 accept-ranges bytes cf-ray 6ac66c584fd159e9-MXP
GET H2	200	pubads_impl_2021111001.js Show response securepubads.g.doubleclick.net/gpt/	342 KB 115 KB	19ms 15ms	Script text/javascript	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software sffe / Resource Hash 10149e81621b3a46836cd42ffe55748208254e3054a3013cbd6dc6b9d593521d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 117754 x-xss-protection 0 last-modified Wed, 10 Nov 2021 09:34:42 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Thu, 11 Nov 2021 09:16:41 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	66 B 95 B	33ms 16ms	XHR application/json	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=livehd7.vip Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash bc48ec6b76d6a64038d402c9d86ac158feb080c19203d812ed081a98988be707 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers timing-allow-origin * date Thu, 11 Nov 2021 09:16:41 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 70 x-xss-protection 0 expires Thu, 11 Nov 2021 09:16:41 GMT
GET H2	200	show_ads_impl_with_ama_fy2019.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/	267 KB 96 KB	69ms 47ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1410072543553213&plah=livehd7.vip&bust=31063681 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1410072543553213 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash fb94c266f9b7bdfcec7f2fcdb39082cb8ccbde9f45b58f102068196bb7478de2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 97992 x-xss-protection 0 server cafe etag 9027102883918313510 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Thu, 11 Nov 2021 09:16:41 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20211108/r20190131/ Frame 4886	11 KB 5 KB	32ms 7ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20211108/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1410072543553213 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9b84d38d0eab1b3f6cf6491ab4bb7ec35341f6664c10465a617bcfa7f69b6a74 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Wed, 10 Nov 2021 20:41:10 GMT expires Wed, 24 Nov 2021 20:41:10 GMT content-type text/html; charset=UTF-8 etag 4704609575283140419 x-content-type-options nosniff content-encoding gzip server cafe content-length 4891 x-xss-protection 0 age 45331 cache-control public, max-age=1209600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/	79 KB 27 KB	49ms 18ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: jscdn.greeter.me URL: https://jscdn.greeter.me/dynamicforall.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 67345f0c4d1527302f9c52a411cf952c7a284936ecda1fab99741947bcaad99e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1040 / 40 of 1000 / last-modified: 1636585547" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 26970 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Thu, 11 Nov 2021 09:16:41 GMT
GET H2	200	adipolo_logo.png adipolo.com/wp-content/uploads/2020/06/	7 KB 8 KB	89ms 33ms	Image image/png	2606:4700:3037::ac43:81bf CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://adipolo.com/wp-content/uploads/2020/06/adipolo_logo.png Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:81bf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2b071563c8b59cdc2b12b2703f3b5d147f555b1c41d83e5c5ef4a02395aed89c Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4635 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 7068 last-modified Tue, 02 Jun 2020 09:04:16 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b3H%2FT4kpvV2j2k%2Fqi%2B52Rj7TDRvvtBttQyqewjqyOQ%2BUT%2FVmaxz7fforo04guxU4jS7Te37QAW6eZkILS6S9lEU%2BXxJ2hPjOgPpTlpZyTTnm9Ih6ZmPBQd8Ng6vFzwzyON3EHKKhDZoqSA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control max-age=14400 accept-ranges bytes cf-ray 6ac66c59c9910e12-MXP
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	30ms 6ms	Script text/javascript	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-146139292-8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 4567 date Thu, 11 Nov 2021 08:00:34 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Thu, 11 Nov 2021 10:00:34 GMT
GET H2	200	pro-fa-brands-400-5.0.0.woff2 kit-pro.fontawesome.com/releases/v5.13.0/webfonts/	39 KB 40 KB	46ms 24ms	Font font/woff2	2606:4700::6812:1734 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kit-pro.fontawesome.com/releases/v5.13.0/webfonts/pro-fa-brands-400-5.0.0.woff2 Requested by Host: kit-pro.fontawesome.com URL: https://kit-pro.fontawesome.com/releases/v5.13.0/css/pro.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 974a8c374ba235b2233498953d36e59fd68c1d67589289ae738801e9f4b28fab Request headers Referer https://kit-pro.fontawesome.com/releases/v5.13.0/css/pro.min.css Origin https://livehd7.vip Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding cf-cache-status HIT age 1455054 cf-ray 6ac66c59dca6c2b3-FRA content-length 39964 x-amz-id-2 W70ohixj0IWtK0d9ogsM/v7y7IU6dEuj04iJzmQZmhoXZqe739R/c1wh2/7Q5+9Hk5LtPaycVBE= last-modified Thu, 01 Jul 2021 19:45:58 GMT server cloudflare etag "2888fa8cc3f4d21872ecf996eab7a5c4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 access-control-allow-methods GET x-amz-request-id 86WRNJ0485PQPABZ access-control-allow-origin * cache-control public, max-age=31556926 accept-ranges bytes content-type font/woff2 expires Fri, 11 Nov 2022 15:05:27 GMT
GET H2	200	pro-fa-brands-400-5.8.2.woff2 kit-pro.fontawesome.com/releases/v5.13.0/webfonts/	2 KB 3 KB	55ms 33ms	Font font/woff2	2606:4700::6812:1734 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kit-pro.fontawesome.com/releases/v5.13.0/webfonts/pro-fa-brands-400-5.8.2.woff2 Requested by Host: kit-pro.fontawesome.com URL: https://kit-pro.fontawesome.com/releases/v5.13.0/css/pro.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 38d4525609bbe431ff415b80d554023cb59129d1b27faf026a2039eee01f976a Request headers Referer https://kit-pro.fontawesome.com/releases/v5.13.0/css/pro.min.css Origin https://livehd7.vip Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding cf-cache-status HIT age 1135492 cf-ray 6ac66c59dca7c2b3-FRA content-length 2436 x-amz-id-2 o2IHGSUYY46Pq6DOju+FaeppPI9ETOEYb8MmkCx+lnD2Q+ApgsIg2WJxBZMVMb9g/7NLxJWrTfs= last-modified Thu, 01 Jul 2021 19:46:00 GMT server cloudflare etag "00b2cb5d0991003aed0400c860310c95" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 access-control-allow-methods GET x-amz-request-id YMH5PGWVSYNNNF2K access-control-allow-origin * cache-control public, max-age=31556926 accept-ranges bytes content-type font/woff2 expires Fri, 11 Nov 2022 15:05:27 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	1 B 203 B	15ms 14ms	XHR text/plain	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=782446249&t=pageview&_s=1&dl=https%3A%2F%2Flivehd7.vip%2F&ul=en-us&de=UTF-8&dt=%D8%A7%D9%84%D8%A7%D8%B3%D8%B7%D9%88%D8%B1%D8%A9%20%D9%84%D8%A8%D8%AB%20%D8%A7%D9%84%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%7C%20livehd7&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=308920506&gjid=1464488662&cid=430927257.1636622202&tid=UA-146139292-8&_gid=1670921663.1636622202&_r=1&gtm=2oub80&z=1362119463 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://livehd7.vip/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 11 Nov 2021 09:16:41 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://livehd7.vip cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	201 B 409 B	16ms 15ms	Script text/javascript	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=livehd7.vip&callback=_gfp_s_&client=ca-pub-1410072543553213 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1410072543553213&plah=livehd7.vip&bust=31063681 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash da2a67782c23a8cbbbf13f6dc7ad77e1ab5b14e18848f49948fa410a0a478aff Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:41 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 193 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 792 B	40ms 17ms	Script application/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=livehd7.vip Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1410072543553213&plah=livehd7.vip&bust=31063681 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers timing-allow-origin * date Thu, 11 Nov 2021 09:16:42 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 549 B	44ms 20ms	Script application/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=livehd7.vip Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1410072543553213&plah=livehd7.vip&bust=31063681 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers timing-allow-origin * date Thu, 11 Nov 2021 09:16:42 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame B83A	0 188 B	50ms 49ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1410072543553213&output=html&adk=1812271804&adf=3025194257&lmt=1636620996&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Flivehd7.vip%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636622201404&bpp=3&bdt=232&idt=175&shv=r20211108&mjsv=m202111040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=487512089204&frm=20&pv=2&ga_vid=430927257.1636622202&ga_sid=1636622202&ga_hid=782446249&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754332%2C21066430%2C31062422%2C31063354%2C31063681&oid=2&pvsid=2060382054072818&pem=42&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=192 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1410072543553213&plah=livehd7.vip&bust=31063681 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff date Thu, 11 Nov 2021 09:16:42 GMT server cafe content-length 0 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Thu, 11 Nov 2021 09:16:42 GMT cache-control private
GET H2	200	wrapper_hb_323303_12149.es6.js Show response player.adtelligent.com/prebidlink/454617/	72 KB 23 KB	35ms 7ms	Script application/javascript	213.174.135.1 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://player.adtelligent.com/prebidlink/454617/wrapper_hb_323303_12149.es6.js Requested by Host: player.adtcdn.com URL: https://player.adtcdn.com/prebidlink/454617/wrapper_hb_323303_12149.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash ae63a3a3cba569cb4c941899834a2d425925e2386ab5b9c13ccb159d7330eb15 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:42 GMT content-encoding gzip last-modified Wed, 10 Nov 2021 16:00:29 GMT server nginx/1.18.0 etag W/"618bec9d-1208a" content-type application/javascript; charset=utf-8 access-control-allow-origin * expires Thu, 11 Nov 2021 10:16:42 GMT cache-control max-age=3600 x-proxy-cache HIT
GET H2	200	config.json Show response player.adtelligent.com/exchange_rates/313490/	9 KB 4 KB	24ms 9ms	XHR application/json	213.174.135.1 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://player.adtelligent.com/exchange_rates/313490/config.json?cb=https%3A%2F%2Flivehd7.vip%2F Requested by Host: player.adtcdn.com URL: https://player.adtcdn.com/prebidlink/454617/hb_323303_12149.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash 00821e14a994d749df9b9314ecc946c9a950bf34bac4a5ab977e79e8522d219e Request headers Referer https://livehd7.vip/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type text/plain Response headers date Thu, 11 Nov 2021 09:16:42 GMT content-encoding gzip last-modified Thu, 11 Nov 2021 00:02:17 GMT server nginx/1.18.0 etag W/"618c5d89-2261" content-type application/json access-control-allow-origin https://livehd7.vip expires Thu, 11 Nov 2021 10:16:42 GMT cache-control max-age=3600 x-proxy-cache HIT
GET H/1.1	200 OK	/ Show response ghb.adtelligent.com/geo/	133 B 380 B	503ms 159ms	XHR application/json	209.58.175.20 LEASEWEB-APAC-SIN...
General Check archive.org Show headers Download Go to Full URL https://ghb.adtelligent.com/geo/ Requested by Host: player.adtelligent.com URL: https://player.adtelligent.com/prebidlink/454617/wrapper_hb_323303_12149.es6.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 209.58.175.20 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG), Reverse DNS Software VertaMedia 1.0 / Resource Hash 0e2577dac57c5e0ba04a19612ede2ff4ce568da6b4a7e65e28145f06ba33c7f7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Access-Control-Allow-Origin https://livehd7.vip Date Thu, 11 Nov 2021 09:16:42 GMT Access-Control-Allow-Credentials true Server VertaMedia 1.0 Connection Keep-Alive Content-Length 133 Content-Type application/json
GET H/1.1	200 OK	tracking Show response ghb.adtelligent.com/adunit/	43 B 413 B	504ms 161ms	XHR image/gif	209.58.175.20 LEASEWEB-APAC-SIN...
General Check archive.org Show headers Download Go to Full URL https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=323303&site_id=12149&full_page_url=https%3A%2F%2Flivehd7.vip%2F&adid=uqlovh.j1&vpbv=N005&lifecycle_tte=639 Requested by Host: player.adtelligent.com URL: https://player.adtelligent.com/prebidlink/454617/wrapper_hb_323303_12149.es6.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 209.58.175.20 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG), Reverse DNS Software VertaMedia 1.0 / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Access-Control-Allow-Origin https://livehd7.vip Date Thu, 11 Nov 2021 09:16:42 GMT Access-Control-Allow-Credentials true Server VertaMedia 1.0 Connection Keep-Alive Content-Length 43 Content-Type image/gif
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 165 B	321ms 18ms	Script application/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=livehd7.vip Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers timing-allow-origin * date Thu, 11 Nov 2021 09:16:42 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 165 B	17ms 16ms	Script application/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=livehd7.vip Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers timing-allow-origin * date Thu, 11 Nov 2021 09:16:42 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	116 KB 32 KB	455ms 455ms	XHR text/plain	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2060382054072818&correlator=2278491634603483&output=ldjh&impl=fifs&eid=31063136%2C31063213%2C31063705%2C44754276&vrg=2021111001&ptt=17&sc=1&sfv=1-0-38&ecs=20211111&iu_parts=21633152309%2Capl%2Cinter&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ists=1&fas=8&eri=1&cookie=ID%3Da97417d6f5e5de4c-2252a2c450cb0030%3AT%3D1636622201%3ART%3D1636622201%3AS%3DALNI_MZD_MbKumfSk3ztRijEBRBBGR8MUQ&bc=31&abxe=1&lmt=1636620996&dt=1636622201680&dlt=1636622201171&idt=360&frm=20&biw=1600&bih=1200&oid=2&adxs=-9&adys=-9&adks=135115514&ucis=1&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Flivehd7.vip%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=430927257.1636622202&ga_sid=1636622202&ga_hid=782446249&ga_fc=true&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash cc9508061f3c763c52499d9fd562911f8354b5bd1e78bde9ddf59ceddec5b42f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:42 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 32473 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://livehd7.vip cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response 2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3C8C	6 KB 4 KB	65ms 15ms	Document text/html	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin * content-length 3108 date Thu, 11 Nov 2021 09:16:42 GMT expires Fri, 11 Nov 2022 09:16:42 GMT cache-control public, immutable, max-age=31536000 last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	pubads_impl_page_level_ads_2021111001.js Show response securepubads.g.doubleclick.net/gpt/	36 KB 13 KB	16ms 16ms	Script text/javascript	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2021111001.js?cb=31063705 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software sffe / Resource Hash bfbea78c426825e6e56e322e4d1553d42613b699ab038fc717368f5808163109 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:42 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13477 x-xss-protection 0 last-modified Wed, 10 Nov 2021 09:34:42 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Thu, 11 Nov 2021 09:16:42 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	12 KB 9 KB	32ms 32ms	XHR application/json	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211108&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1410072543553213&plah=livehd7.vip&bust=31063681 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 417bf9a1b78cd5a97077f8f486b64581fcd226fbcf82ecb4bba1bb64e2df2e65 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers timing-allow-origin * date Thu, 11 Nov 2021 09:16:42 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9332 x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	144ms 115ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1410072543553213&plah=livehd7.vip&bust=31063681 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:42 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1624308425655142" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6467 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" expires Thu, 11 Nov 2021 09:16:42 GMT
GET H2	200	container.html Show response 2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CA10	6 KB 3 KB	309ms 8ms	Document text/html	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin * content-length 3108 date Thu, 11 Nov 2021 09:16:42 GMT expires Fri, 11 Nov 2022 09:16:42 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	ROS Show response pbjs.e-planning.net/hb/1/2e43c/1/livehd7.vip/ Redirect Chain https://pbjs.e-planning.net/pbjs/1/2e43c/1/livehd7.vip/ROS?rnd=0.31507611623927567&e=728x90_0%3A728x90%2C970x90%2C320x50%2C320x100&ur=https%3A%2F%2Flivehd7.vip%2F&pbv=5.20.0&ncb=1&vs=F&crs=UTF-8&fr... https://pbjs.e-planning.net/hb/1/2e43c/1/livehd7.vip/ROS?ct=1&r=pbjs&rnd=0.31507611623927567&e=728x90_0%3A728x90%2C970x90%2C320x50%2C320x100&ur=https%3A%2F%2Flivehd7.vip%2F&pbv=5.20.0&ncb=1&vs=F&cr...	656 B 1 KB	17ms 17ms	XHR application/json	5.178.65.245 SERVERIUS-AS
General Check archive.org Show headers Download Go to Full URL https://pbjs.e-planning.net/hb/1/2e43c/1/livehd7.vip/ROS?ct=1&r=pbjs&rnd=0.31507611623927567&e=728x90_0%3A728x90%2C970x90%2C320x50%2C320x100&ur=https%3A%2F%2Flivehd7.vip%2F&pbv=5.20.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Flivehd7.vip%2F&e_pubcid=83563767-d077-4dae-b285-962540d4c62d Protocol H2 Server 5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL), Reverse DNS ads.us.e-planning.net Software openresty / Resource Hash 790fba24911f4d1bfb255c29377cfd0d371a32197678b8cdba42c5a44492b77d Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:42 GMT server openresty p3p policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV" access-control-allow-origin https://livehd7.vip expires Thu, 11 Nov 2021 09:16:42 GMT cache-control max-age=0, no-cache access-control-allow-credentials true content-type application/json content-length 656 x-sid AMS-607 Redirect headers date Thu, 11 Nov 2021 09:16:42 GMT server openresty access-control-allow-origin https://livehd7.vip p3p policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV" location /hb/1/2e43c/1/livehd7.vip/ROS?ct=1&r=pbjs&rnd=0.31507611623927567&e=728x90_0%3A728x90%2C970x90%2C320x50%2C320x100&ur=https%3A%2F%2Flivehd7.vip%2F&pbv=5.20.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Flivehd7.vip%2F&e_pubcid=83563767-d077-4dae-b285-962540d4c62d access-control-allow-credentials true content-type text/html; charset=iso-8859-1 x-sid AMS-607
POST H/1.1	200 OK	/ Show response ghb.adtelligent.com/v2/auction/	566 B 627 B	325ms 324ms	XHR application/json	209.58.175.20 LEASEWEB-APAC-SIN...
General Check archive.org Show headers Download Go to Full URL https://ghb.adtelligent.com/v2/auction/ Requested by Host: player.adtcdn.com URL: https://player.adtcdn.com/prebidlink/454617/hb_323303_12149.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 209.58.175.20 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG), Reverse DNS Software VertaMedia 1.0 / Resource Hash 0d126c6158a325c2b974d9e5003b0d5fa29b6e5f921e3625ce5a78a3a72f4330 Request headers Referer https://livehd7.vip/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type text/plain Response headers Date Thu, 11 Nov 2021 09:16:42 GMT Content-Encoding gzip Server VertaMedia 1.0 Content-Type application/json; charset=UTF-8 Access-Control-Allow-Origin https://livehd7.vip Access-Control-Allow-Credentials true Connection Keep-Alive Content-Length 341
POST H2	200	hb Show response ssc.33across.com/api/v1/	65 B 294 B	132ms 103ms	XHR application/json	34.149.20.76 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ssc.33across.com/api/v1/hb?guid=bX9srg4dmr64KsaKjGFx_2 Requested by Host: player.adtcdn.com URL: https://player.adtcdn.com/prebidlink/454617/hb_323303_12149.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 76.20.149.34.bc.googleusercontent.com Software / 33Across Resource Hash 1ff99146fc581120c17750ba550843c629764cdb8bbf71b1d1ed031e99906e53 Request headers Referer https://livehd7.vip/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type text/plain Response headers date Thu, 11 Nov 2021 09:16:42 GMT content-encoding gzip status 200 OK x-powered-by 33Across vary Accept-Encoding, Origin content-type application/json; charset=utf-8 access-control-allow-origin https://livehd7.vip access-control-allow-credentials true alt-svc clear via 1.1 google
POST H2	200	prebid-request Show response onetag-sys.com/	15 B 367 B	39ms 13ms	XHR application/json	51.75.86.98 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/prebid-request Requested by Host: player.adtcdn.com URL: https://player.adtcdn.com/prebidlink/454617/hb_323303_12149.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.75.86.98 , France, ASN16276 (OVH, FR), Reverse DNS ip98.ip-51-75-86.eu Software / Resource Hash 663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://livehd7.vip/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type text/plain Response headers strict-transport-security max-age=15552000 content-encoding gzip p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' access-control-allow-origin https://livehd7.vip cache-control no-transform, no-cache access-control-allow-credentials true content-type application/json access-control-allow-headers content-type, origin, referer, user-agent content-length 41
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	145 B 1 KB	288ms 264ms	XHR application/json	37.252.172.249 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: player.adtcdn.com URL: https://player.adtcdn.com/prebidlink/454617/hb_323303_12149.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash e8e474b4a1aa465a7587091410750147c147acac06ca3351f3fb7d8cc771b446 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://livehd7.vip/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Thu, 11 Nov 2021 09:16:42 GMT X-Proxy-Origin 194.36.108.20; 194.36.108.20; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid 55f7333c-b0bc-4603-b5e8-0669fe30482c Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://livehd7.vip Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 145 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	204	c Show response prebid.a-mo.net/a/	0 375 B	400ms 201ms	XHR text/plain	147.75.38.124 PACKET
General Check archive.org Show headers Download Go to Full URL https://prebid.a-mo.net/a/c Requested by Host: player.adtcdn.com URL: https://player.adtcdn.com/prebidlink/454617/hb_323303_12149.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS Software envoy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://livehd7.vip/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://livehd7.vip date Thu, 11 Nov 2021 09:16:42 GMT cache-control max-age=0, private, must-revalidate access-control-allow-credentials true server envoy x-envoy-upstream-service-time 108 vary origin, Accept-Encoding
POST H2	200	prebid-request Show response onetag-sys.com/	15 B 367 B	37ms 15ms	XHR application/json	51.75.86.98 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/prebid-request Requested by Host: player.adtcdn.com URL: https://player.adtcdn.com/prebidlink/454617/hb_323303_12149.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.75.86.98 , France, ASN16276 (OVH, FR), Reverse DNS ip98.ip-51-75-86.eu Software / Resource Hash 663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://livehd7.vip/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type text/plain Response headers strict-transport-security max-age=15552000 content-encoding gzip p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' access-control-allow-origin https://livehd7.vip cache-control no-transform, no-cache access-control-allow-credentials true content-type application/json access-control-allow-headers content-type, origin, referer, user-agent content-length 41
POST H2	204	bids Show response prebid-eu.creativecdn.com/bidder/prebid/	0 173 B	52ms 16ms	XHR text/plain	185.184.8.65 RTB-HOUSE-AMS
General Check archive.org Show headers Download Go to Full URL https://prebid-eu.creativecdn.com/bidder/prebid/bids Requested by Host: player.adtcdn.com URL: https://player.adtcdn.com/prebidlink/454617/hb_323303_12149.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL), Reverse DNS ip-185-184-8-65.rtbhouse.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://livehd7.vip/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://livehd7.vip date Thu, 11 Nov 2021 09:16:42 GMT access-control-allow-credentials true access-control-max-age 3600 vary Origin access-control-allow-methods POST
POST H/1.1	200 OK	bid Show response ap.lijit.com/rtb/	24 B 516 B	54ms 16ms	XHR application/json	72.251.249.14 VOXEL-DOT-NET
General Check archive.org Show headers Download Go to Full URL https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.20.0 Requested by Host: player.adtcdn.com URL: https://player.adtcdn.com/prebidlink/454617/hb_323303_12149.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US), Reverse DNS Software / Resource Hash 0eb6371e9006792ce0f58b19ae6307bbf32c88dad51418d423d1920bcbf4329b Request headers Referer https://livehd7.vip/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type text/plain Response headers Date Thu, 11 Nov 2021 09:16:42 GMT Vary Accept-Encoding, User-Agent Access-Control-Allow-Methods GET, POST, DELETE, PUT Content-Type application/json Access-Control-Allow-Origin https://livehd7.vip Access-Control-Allow-Credentials true X-Sovrn-Pod ad_ap1ams1 Access-Control-Allow-Headers X-Requested-With, Content-Type Content-Length 24
GET H/1.1	200 OK	csyncs Show response ghb.adtelligent.com/	572 B 612 B	463ms 161ms	XHR application/json	209.58.175.20 LEASEWEB-APAC-SIN...
General Check archive.org Show headers Download Go to Full URL https://ghb.adtelligent.com/csyncs?aid1=664110&aid2=664111&aid3=undefined Requested by Host: player.adtelligent.com URL: https://player.adtelligent.com/prebidlink/454617/wrapper_hb_323303_12149.es6.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 209.58.175.20 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG), Reverse DNS Software VertaMedia 1.0 / Resource Hash 5aadedecf1dcbff2eb2aa1d35f53564dd8b2d50f23146cfcfe2d4278f0b7adae Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Thu, 11 Nov 2021 09:16:42 GMT Content-Encoding gzip Server VertaMedia 1.0 Content-Type application/json; charset=UTF-8 Access-Control-Allow-Origin https://livehd7.vip Access-Control-Allow-Credentials true Connection Keep-Alive Content-Length 326
GET H2	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/224/ Frame 1A7A	12 KB 5 KB	309ms 7ms	Document text/html	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-length 5029 date Thu, 11 Nov 2021 08:18:10 GMT expires Fri, 11 Nov 2022 08:18:10 GMT last-modified Wed, 02 Jun 2021 17:09:45 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 3512 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 177F	783 B 1 KB	38ms 17ms	Document text/html	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash c0dde4fc18a5ae6a8b62b8508d2639fcae691cc349e49c4c9c9bf99705fa621f Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-wPOr62T7sPURnzUd+pwTjQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} expires Thu, 11 Nov 2021 09:16:42 GMT date Thu, 11 Nov 2021 09:16:42 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-wPOr62T7sPURnzUd+pwTjQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 513 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	204	sodar pagead2.googlesyndication.com/pagead/ Frame 177F	0 0	55ms 55ms	Image text/html	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211108&jk=2060382054072818&rc= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers
GET H2	200	css2 fonts.googleapis.com/ Frame CA10	4 KB 706 B	42ms 18ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap Requested by Host: 2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com URL: https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 11 Nov 2021 08:01:40 GMT server ESF date Thu, 11 Nov 2021 09:16:42 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 11 Nov 2021 09:16:42 GMT
GET H2	200	css fonts.googleapis.com/ Frame 047F	3 KB 1 KB	23ms 16ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: 2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com URL: https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 11 Nov 2021 07:56:01 GMT server ESF date Thu, 11 Nov 2021 09:16:42 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 11 Nov 2021 09:16:42 GMT
GET H2	200	load_preloaded_resource_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 047F	1 KB 1 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/load_preloaded_resource_fy2019.js Requested by Host: 2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com URL: https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:08:05 GMT content-encoding gzip x-content-type-options nosniff age 517 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 853 x-xss-protection 0 server cafe etag 7170004918125193417 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 25 Nov 2021 09:08:05 GMT
GET H2	200	abg_lite_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211108/r20110914/ Frame 047F	19 KB 8 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/abg_lite_fy2019.js Requested by Host: 2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com URL: https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash cb80b0237cf3343b0495e0db33b4ccbbf005b6155bb62f53b9312c3ec7e9a3bb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:13:00 GMT content-encoding gzip x-content-type-options nosniff age 222 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7878 x-xss-protection 0 server cafe etag 10809069374711699201 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 25 Nov 2021 09:13:00 GMT
GET H2	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 047F	2 KB 1 KB	9ms 8ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/window_focus_fy2019.js Requested by Host: 2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com URL: https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9bc961b22032cf0f2172453970fa236676981a171bb2b46dae5cde1de946aab2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:15:11 GMT content-encoding gzip x-content-type-options nosniff age 91 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1337 x-xss-protection 0 server cafe etag 17605089983984592854 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 25 Nov 2021 09:15:11 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 047F	119 KB 37 KB	25ms 24ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com URL: https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:42 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37119 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1636547677202025" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Thu, 11 Nov 2021 09:16:42 GMT
GET H2	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 047F	15 KB 6 KB	9ms 8ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/qs_click_protection_fy2019.js Requested by Host: 2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com URL: https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9dcc85f59fe0fea452da8e3af9bc354752364edc4d6a32d5c2f875e174fb2c06 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:13:38 GMT content-encoding gzip x-content-type-options nosniff age 184 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6461 x-xss-protection 0 server cafe etag 1157727964977547826 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 25 Nov 2021 09:13:38 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame 047F	0 0	16ms 15ms	Image text/html	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaRwyRZ8M2z1QtVhRXMjxTR-n62EUvC8sOaqI8oGYcNRoX-oifvz7DCHY_bT-Q6Lsf_ZwnMlZKUV3HZm44b2imZZ20Z88w Requested by Host: 2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com URL: https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers
GET H2	200	c5d443f94f59031b290788a54ae3dbc2.js Show response www.gstatic.com/mysidia/ Frame 047F	27 KB 12 KB	36ms 8ms	Script text/javascript	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/c5d443f94f59031b290788a54ae3dbc2.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: 2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com URL: https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 01a10be28bdad9ed81f9a7f1e09f4913d314f13abc7a7bb2d52be9666eff599d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 00:41:01 GMT content-encoding gzip x-content-type-options nosniff age 117341 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11508 x-xss-protection 0 last-modified Tue, 09 Nov 2021 03:19:27 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Tue, 08 Feb 2022 00:41:01 GMT
GET H2	200	interstitial_ad_frame_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211108/r20110914/elements/html/ Frame CA10	18 KB 8 KB	9ms 8ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/elements/html/interstitial_ad_frame_fy2019.js Requested by Host: 2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com URL: https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ad286edc01d412b681126058e8943593d32b62b8dbacd2c901d9ee02cc2653b0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 08:47:59 GMT content-encoding gzip x-content-type-options nosniff age 1723 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8114 x-xss-protection 0 server cafe etag 920690405916455778 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 25 Nov 2021 08:47:59 GMT
GET H2	200	feedback_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame CA10	205 B 520 B	33ms 10ms	Image image/png	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png Requested by Host: 2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com URL: https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 08 Nov 2021 11:58:46 GMT x-content-type-options nosniff age 249476 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 205 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Tue, 08 Nov 2022 11:58:46 GMT
GET H2	200	settings_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame CA10	604 B 694 B	33ms 11ms	Image image/png	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png Requested by Host: 2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com URL: https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 08:16:56 GMT x-content-type-options nosniff age 3586 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 604 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Fri, 11 Nov 2022 08:16:56 GMT
GET H2	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame FFF0	143 B 222 B	7ms 7ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: 2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com URL: https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/ Response headers content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Thu, 11 Nov 2021 08:37:38 GMT server cafe content-length 145 x-xss-protection 0 cache-control public, max-age=3600 age 2344 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame FDB1	1 KB 845 B	7ms 7ms	Document text/html	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: 2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com URL: https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/ Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Wed, 10 Nov 2021 18:26:41 GMT expires Thu, 11 Nov 2021 18:26:41 GMT content-type text/html; charset=UTF-8 etag 48472445140208031 x-content-type-options nosniff content-encoding gzip server cafe content-length 724 x-xss-protection 0 age 53401 cache-control public, max-age=86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	NTNWKiBL7yBOt2fj16hs5kaKxvBgsSqcFBAD4a9zqo0.js Show response pagead2.googlesyndication.com/bg/ Frame 1A7A	35 KB 14 KB	10ms 8ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/NTNWKiBL7yBOt2fj16hs5kaKxvBgsSqcFBAD4a9zqo0.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3533562a204bef204eb767e3d7a86ce6468ac6f060b12a9c141003e1af73aa8d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 12:16:50 GMT content-encoding br x-content-type-options nosniff age 75592 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13531 x-xss-protection 0 last-modified Wed, 03 Nov 2021 08:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 10 Nov 2022 12:16:50 GMT
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 165 B	18ms 17ms	Script application/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=livehd7.vip Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers timing-allow-origin * date Thu, 11 Nov 2021 09:16:43 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 165 B	18ms 18ms	Script application/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=livehd7.vip Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers timing-allow-origin * date Thu, 11 Nov 2021 09:16:43 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	15 KB 8 KB	424ms 424ms	XHR text/plain	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2060382054072818&correlator=3807495466963180&output=ldjh&impl=fifs&eid=31063136%2C31063213%2C31063705%2C44754276&vrg=2021111001&ptt=17&sc=1&sfv=1-0-38&ecs=20211111&iu_parts=96374338%2Capllinkedtags%2Csticky&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x90%7C728x90%7C320x50%7C320x100&prev_scp=test%3Drefresh%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&cookie=ID%3Da97417d6f5e5de4c%3AT%3D1636622201%3AS%3DALNI_MbD6HxHrva5rY_MKezi3H2URadocA&bc=31&abxe=1&lmt=1636620996&dt=1636622202616&dlt=1636622201171&idt=360&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=1150&adks=3569025641&ucis=2&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Flivehd7.vip%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&ga_vid=430927257.1636622202&ga_sid=1636622202&ga_hid=782446249&ga_fc=true&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash 88750a1cc1b44bff62dc972942932a54b7aea39e8b6b7ecafeee73807a6d54dc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:43 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8608 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://livehd7.vip cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dpixel cms.quantserve.com/ Frame FDB1	35 B 464 B	36ms 9ms	Image image/gif	2620:116:800d:21:5a23:9c4e:e774:96c1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEL4y1bUpqy2x77CiPPkZkjs&google_cver=1&google_push=AYg5qPKeUumHWZMNBMnUROCKJx70Pka7Kb7L3DQOtCVSz8mRnbR6pBbvYLiDW0Ihi5Ke4bzabrkMJf_3ZRhC6W6FCf0lXOW17w Requested by Host: 2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com URL: https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:16:43 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" cache-control private, no-cache, no-store, proxy-revalidate content-type image/gif content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame FDB1 Redirect Chain https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMJo96Xl8wnKPHnxrpBl2o4&google_cve... https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMJo96Xl8wnKPHnxrpBl2o4&goog... https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aW5oWGZpTzIxTUw2Y2o1&google_gid=CAESEMJo96Xl8wnKPHnxrpBl2o4&google_cver=1&google_push=AYg5qPLs58jjKnfTmm9sWp7e33nEK95WnWMbY2Bw5BPkVWb...	170 B 188 B	39ms 25ms	Image image/png	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aW5oWGZpTzIxTUw2Y2o1&google_gid=CAESEMJo96Xl8wnKPHnxrpBl2o4&google_cver=1&google_push=AYg5qPLs58jjKnfTmm9sWp7e33nEK95WnWMbY2Bw5BPkVWb5wAhW-jwOJ10WZSgKO0ybI-MVVyZefTq9vp-i_0_UjxmFuKQHjjA Protocol H3 Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:16:43 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Thu, 11 Nov 2021 09:16:42 GMT Server PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-09c412c5345d1bfc7@eu-central-1a@dxedge-app-eu-central-1-prod-asg Strict-Transport-Security max-age=2592000; includeSubDomains P3P policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI" Location https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aW5oWGZpTzIxTUw2Y2o1&google_gid=CAESEMJo96Xl8wnKPHnxrpBl2o4&google_cver=1&google_push=AYg5qPLs58jjKnfTmm9sWp7e33nEK95WnWMbY2Bw5BPkVWb5wAhW-jwOJ10WZSgKO0ybI-MVVyZefTq9vp-i_0_UjxmFuKQHjjA Cache-Control no-cache, must-revalidate Connection keep-alive Content-Length 0 Expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame FDB1 Redirect Chain https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEN9MXK1Y4MXLO9ljrSI1GS0&google_cver=1&google_push=AYg5qPJWR1FLlfi5BwK5R7Arqelh1qJuRJdKFI1JXk3cOKkWArH3McVrI4JjBG4MMlL7Gs1c9OCtl-Ta1z2dV-1NXHg588hrEw https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJWR1FLlfi5BwK5R7Arqelh1qJuRJdKFI1JXk3cOKkWArH3McVrI4JjBG4MMlL7Gs1c9OCtl-Ta1z2dV-1NXHg588hrEw&google_hm=MTg2OTU0Nzk5Mjk3MDE4NjI%3D	170 B 188 B	24ms 24ms	Image image/png	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJWR1FLlfi5BwK5R7Arqelh1qJuRJdKFI1JXk3cOKkWArH3McVrI4JjBG4MMlL7Gs1c9OCtl-Ta1z2dV-1NXHg588hrEw&google_hm=MTg2OTU0Nzk5Mjk3MDE4NjI%3D Protocol H3 Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:16:43 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Thu, 11 Nov 2021 09:16:43 GMT referrer-policy strict-origin-when-cross-origin server ATS age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" strict-transport-security max-age=31536000 location https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJWR1FLlfi5BwK5R7Arqelh1qJuRJdKFI1JXk3cOKkWArH3McVrI4JjBG4MMlL7Gs1c9OCtl-Ta1z2dV-1NXHg588hrEw&google_hm=MTg2OTU0Nzk5Mjk3MDE4NjI%3D x-xss-protection 1; mode=block content-length 0 x-content-type-options nosniff
GET		pixel cm.g.doubleclick.net/ Frame FDB1 Redirect Chain https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_cver=1&googl... https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_push=AY... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_push=AYg5qPK1zpWvvuY8XdwX2zPbXFKHFEj01RCAgJKUfyXyWm9oRAY... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_push=AYg5qPK1zpWvvuY8XdwX2zPbXFKHFEj01RCAgJKUfyXyWm9oRAY... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_push=AYg5qPK1zpWvvuY8XdwX2zPbXFKHFEj01RCAgJKUfyXyWm9oRAY... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_push=AYg5qPK1zpWvvuY8XdwX2zPbXFKHFEj01RCAgJKUfyXyWm9oRAY... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_push=AYg5qPK1zpWvvuY8XdwX2zPbXFKHFEj01RCAgJKUfyXyWm9oRAY... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_push=AYg5qPK1zpWvvuY8XdwX2zPbXFKHFEj01RCAgJKUfyXyWm9oRAY... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_push=AYg5qPK1zpWvvuY8XdwX2zPbXFKHFEj01RCAgJKUfyXyWm9oRAY... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_push=AYg5qPK1zpWvvuY8XdwX2zPbXFKHFEj01RCAgJKUfyXyWm9oRAY... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_push=AYg5qPK1zpWvvuY8XdwX2zPbXFKHFEj01RCAgJKUfyXyWm9oRAY... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_push=AYg5qPK1zpWvvuY8XdwX2zPbXFKHFEj01RCAgJKUfyXyWm9oRAY... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_push=AYg5qPK1zpWvvuY8XdwX2zPbXFKHFEj01RCAgJKUfyXyWm9oRAY... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_push=AYg5qPK1zpWvvuY8XdwX2zPbXFKHFEj01RCAgJKUfyXyWm9oRAY... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_push=AYg5qPK1zpWvvuY8XdwX2zPbXFKHFEj01RCAgJKUfyXyWm9oRAY... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_push=AYg5qPK1zpWvvuY8XdwX2zPbXFKHFEj01RCAgJKUfyXyWm9oRAY... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_push=AYg5qPK1zpWvvuY8XdwX2zPbXFKHFEj01RCAgJKUfyXyWm9oRAY... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_push=AYg5qPK1zpWvvuY8XdwX2zPbXFKHFEj01RCAgJKUfyXyWm9oRAY... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_push=AYg5qPK1zpWvvuY8XdwX2zPbXFKHFEj01RCAgJKUfyXyWm9oRAY... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_push=AYg5qPK1zpWvvuY8XdwX2zPbXFKHFEj01RCAgJKUfyXyWm9oRAY... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_push=AYg5qPK1zpWvvuY8XdwX2zPbXFKHFEj01RCAgJKUfyXyWm9oRAY...	0 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame FDB1 Redirect Chain https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESED... https://sync.targeting.unrulymedia.com/csync/RX-ac0c83c9-4c8f-46e5-95fa-a62671373d12-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPLuBZi7VMvyrWXAFhlgH... https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLuBZi7VMvyrWXAFhlgHs8AjmjLTDm294Oe3r_U4G91-LtkF1HGxUgo3ekC4_ogUrwpPZUZoe_HWFVIzky8KIb_V5qiY1Q&google_hm=A6wMg8lMj0bllfqmJnE3PRI	170 B 188 B	18ms 17ms	Image image/png	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLuBZi7VMvyrWXAFhlgHs8AjmjLTDm294Oe3r_U4G91-LtkF1HGxUgo3ekC4_ogUrwpPZUZoe_HWFVIzky8KIb_V5qiY1Q&google_hm=A6wMg8lMj0bllfqmJnE3PRI Protocol H3 Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:16:43 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLuBZi7VMvyrWXAFhlgHs8AjmjLTDm294Oe3r_U4G91-LtkF1HGxUgo3ekC4_ogUrwpPZUZoe_HWFVIzky8KIb_V5qiY1Q&google_hm=A6wMg8lMj0bllfqmJnE3PRI date Thu, 11 Nov 2021 09:16:43 GMT server Tengine p3p CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why" etag RXac0c83c94c8f46e595faa62671373d12003 content-type text/html
GET H3	200	pixel cm.g.doubleclick.net/ Frame FDB1 Redirect Chain https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEOl-Mm4Z9NqKG4hCkyAIbtw&google_cver=1&google_push=AYg5qPLCWwyDxZ0T_cFShlliLXJ-4vVHAgK0JKmOJij8nAWnJD9YMBSkvbiRJPO1cHqJnVoxXFR1o7xc2Q84RzaPAckPrX8_iDE https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPLCWwyDxZ0T_cFShlliLXJ-4vVHAgK0JKmOJij8nAWnJD9YMBSkvbiRJPO1cHqJnVoxXFR1o7xc2Q84RzaPAckPrX8_iDE&googl... https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQ3NjAyNDg5OTc5NTMyNDczNQ%3D%3D&google_push=AYg5qPLCWwyDxZ0T_cFShlliLXJ-4vVHAgK0JKmOJij8nAWnJD9YMBSkvbiR...	170 B 188 B	41ms 26ms	Image image/png	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQ3NjAyNDg5OTc5NTMyNDczNQ%3D%3D&google_push=AYg5qPLCWwyDxZ0T_cFShlliLXJ-4vVHAgK0JKmOJij8nAWnJD9YMBSkvbiRJPO1cHqJnVoxXFR1o7xc2Q84RzaPAckPrX8_iDE Protocol H3 Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:16:43 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQ3NjAyNDg5OTc5NTMyNDczNQ%3D%3D&google_push=AYg5qPLCWwyDxZ0T_cFShlliLXJ-4vVHAgK0JKmOJij8nAWnJD9YMBSkvbiRJPO1cHqJnVoxXFR1o7xc2Q84RzaPAckPrX8_iDE date Thu, 11 Nov 2021 09:16:43 GMT cache-control no-cache, no-store, must-revalidate content-length 0 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H2	200	dot.gif s0.2mdn.net/ Frame FDB1	43 B 577 B	46ms 17ms	Image image/gif	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/dot.gif?google_gid=CAESEMSYJxzgCHNqG4rTy3VC3K8&google_cver=1&google_push=AYg5qPL3gxNYCMAxyWepzpYsMOmYLc9ocSVd3ShWQGiHiQ-XcN7lQnz4S6gq0dCu1Sy_V1aFeEInPbKVIJl6oiw0EubxYA2_yj-V Requested by Host: 2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com URL: https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:43 GMT x-content-type-options nosniff last-modified Sun, 01 Feb 2009 08:00:00 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/gif access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 43 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 12 Nov 2021 09:16:43 GMT
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame FDB1	0 223 B	43ms 15ms	Image text/html	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IQm3EnGuSnXTBRR1ahRi0fjQyybWCfGrb0iIiFby6EloXSplqUexKZritYI55almZqe6OoVA Requested by Host: 2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com URL: https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:43 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET H2	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame FFF0 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 158 B	112ms 112ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: 2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com URL: https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-type text/html; charset=UTF-8 x-content-type-options nosniff date Thu, 11 Nov 2021 09:16:43 GMT server cafe content-length 0 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Thu, 11 Nov 2021 09:16:43 GMT cache-control private Redirect headers location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA cache-control private content-type text/html; charset=UTF-8 x-content-type-options nosniff date Thu, 11 Nov 2021 09:16:43 GMT server cafe content-length 0 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET		csync sync.adtelligent.com/ Frame 08BB Redirect Chain https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=c342ab72-b0f3-4231-8c4e-48b3510c58f1	0 0
GET		csync sync.adtelligent.com/	0 0
GET H2	204	match dm.hybrid.ai/	0 238 B	180ms 58ms	Image text/plain	37.18.16.23 HYBRID-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dm.hybrid.ai/match?id=186&burl=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D324902%26extuid%3D%24%7BVID%7D Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.18.16.23 , Netherlands, ASN205675 (HYBRID-AS, RU), Reverse DNS Software Hybrid Web Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:16:43 GMT server Hybrid Web Server p3p CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC" access-control-allow-origin * cache-control no-cache, no-store x-mode 113 x-xss-protection 1; mode=block expires -1
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/	0 119 B	44ms 43ms	Image image/gif	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211108&jk=2060382054072818&bg=!qqmlqe3NAAYDGbPvAxk7ACkAdvg8WrBD0l_iIQQjIj5zonhNqniTmkmwBQcu3kzboqiWoMoQu8JC_QIAAABoUgAAAAtoAQcKAEE8Ol9jcSpSOorceFhMqaFbR6hQc5M7pIB_V5oWhRriCYdFnwuEG1M75rNU8i5jyzO0NM0DtnexHgzr9dOl4d-K8ZkCoRCjb36LzHgPO6gAkfgy4giCQnqWZCK3ACEGeOAdLOH2hv2DeN8zvTnB_GuQqnokS4cWxh4fsCWS1gW_Qz5zT2P88zSU7rVzq8IW5k2P5J_GKDykpy5ZBgK_tyIHhGmHsfo3uIHpjfQy0J2rZLibbtpmGSuY8IQJvPepQfjPSlMmPfvzt29cN8c2xEJkri6temneWOTvQkKnp9G4A5U5Te2EATQsLPngOBkZ1Qlzi0HePrqyOaqig_V4n_ooNWVQpvWUw8JxF_KofCp7qGRdgSPCfrEzCFtUoXJ5DJx4LBnyN0V9vHrAw9pVu19t36rGGYnEFeA15_-kH-hQQLFcYVPwrIApJ3PYrn0dxobt1zjiGihdM9X1nPMG_2DlOO0lz00zhHDKTBhJU3DZ56acJRLAqhN2RdU9sSHSCEb755LnL3gqxrNv_NFb4BGNkxTWVj75ghftB5gxa9moBHx8LJsQp8Bvfn6Pijk0gRfhqm43YJcgMgedhnaSRqVOwnmKgsaFDTE1m8rR5h0Xe-q8zhuKLgLPGbiUugJvYBXVYErOw_uPmC44G1QfLp3WtjyAItVxHNgm1yvprT6V_pfohALikYDsVDNz4LO2Us068b59HO0ESiI-qkJVYT5wieKLS2q8BGxAi_brsx6HhIQIQVJO_F6nCHYcQDPYQwg-CM4LxbNywr1tCql4NBh9NCPLcaqy6gUz2DHKWoy12Zte1DCZn-rVsu4wwsNrN1Fmf0VVT94bHCe7XjoObRcucZt1zOoX6F3DOlQR7-N4mbby8PIs-sWmOPa0Yqc-GTSNvu3Fu2_uuhAonjzt1iwg-kOFVzZxqmt23UcDefyQtTQL5EQ8EYl0NpapmNgcs_JfEyDIARL4FpdVxG4hGyrfhX65u3I Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:16:43 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response 2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B209	6 KB 3 KB	7ms 7ms	Document text/html	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin * content-length 3108 date Thu, 11 Nov 2021 09:16:42 GMT expires Fri, 11 Nov 2022 09:16:42 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame EE38	624 B 344 B	18ms 18ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARjV3L-6ATAB&v=APEucNWolDokb1fnWl_s4xZ8Aa7pJkYYclp0xyc1wiZAO2xcE32zrthQSTUOWVoFM2VtT3owpZUT9zEOA6efOcMyG-qVj_4W547eSC2J5-UJDs7XJLzlE1K_bYd5qSR7t0OxRjlQKHTYu04pbFn-f7g3OLWhwH4bq8ZVUT0I_KLmhkC1HVXQyTk Requested by Host: 2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com URL: https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Thu, 11 Nov 2021 09:16:43 GMT server cafe cache-control private content-length 276 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame B209	72 KB 31 KB	44ms 44ms	Script text/javascript	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CuK8zZnU8BvsKEuWMJhsCDd5H2VslrzSTXCLxPHucMdCDtDsB0SeNsbJDfjc9sLjTchkVElPArB-XwD6UdQMl8lJju3x5kxR6ZMqr_y7vFnYORWUVFLsAHBRwksDlRAJgInXzTawbKYtYK94TexhHOMkVNEQ&dbm_d=AKAmf-DQ2JG8jcUfUVjVkhfYCSHhf1gJUXjVriy7rT7_GhMxOskr4vx5jjR9YyBQETcv9WllcwP9CQfdvScfOAN4cqRmQ1mvyOYSOLkIk-vEB3TSDOShl5vB6homSVv6e9eOQIaAjakaeZszJlx0QNrjmPpZHxCWIAM7UkPcruNW_Fj-pHphr6mKXEqMzh3OAgfHcY4Oyoe0ITFbkVtjxr9cdjaQlBM0Xq637T62YQZILsN1vTWgbLCs19Pgq9jBwnX3-jNJg0n30TyJpmF3vq901TKDkRnwW83kpIwryGe5jjrFosye2UYnAPdVpj8F51DF29cR6_-GKNTOqC9zJKD4-ylE1LvYW9fIyXZ0Kg_2tWWOztpieSiMijkQwM6wWOyuz3bBpooP4vF7iy-sNep1Y5Ie6gK5i3WlC19fTotTvpuz3dy2KtQKVvap6YkLUp0s48P6YU-cJfXaXkhgaKCV-uLQQ1hkSdWPqPF6Fffr3_qjNy-gxQNaF-u_Inxk5LPiHGBg8IBALEa3kIFpV5DLB51QnnW1Bh03D0qQX7QjzqGsDR_T3_9RYyUwSCvVs3qz2RWnUbcE49Q7MD4UNtXBW06MHYDu-Z-m3ynUHvQ4FrHQOKGp3a0vJn2salyXHoGiCCETwTlrpoH0rP5prAIVWjZQ8O6L0atSe3y0BdpgLu4UQbor3qpe1VDwuSEpfyPvAcrwp3IkcBAAJHA0Xcx2MFTudLaH6gIl_WkeUlmH1d3ps_9ITFpt36sTAaFEshtUE406fAxBX2yVnKElUzNXhnJ6w-c1CLUeAR9bECutLsVdMYZoIaeMCrao5ois3SYyZ6Xfpq6JKzKtYtSE9DT0JYT9988tB6HSasC9UVBx512L0cjiJG_pcxzmAd8-PBiwJLd0R4bJMfK89RzfE04WxMq2L5UPuKmtXedYMAskDUbyx4an_w2nma7G75PFUm1otZ0ViY3UHmtZ0Sns27tzOZdHVejeMdcR0HCApO82ULkzpT3MFjS1vGbUJfReMi6vJZAhrtuUF7FdmOD0VUiqX21IU5TY7CI53b3otb9IfyZfCrw2SelJbyt93iWI7Q-uYzycVg-WIMPXAghdMWqK_kFVNgA1_ihqlpv9xkAFv2DzT36fMl5GLcQfLvXuB2q6W3j7kmxB_hci-dBNkZU30hykoSlnmU1ZmfuWlJzTN2Mv47q1kUYN41j6dhFBbRFfrFC3gbVVq7Pze_RICBL1Cbl1ejj4PxCwbR6FTryOgS3ygsEpu_1B7Iw8SRrr60unPLFmUzdOMpL8cwqWx2KXlKZRmEGV3T64F1oMW1yd2sr3nz_yR3t_3n9_CLQtXwaSprt71T5vy9sX_dj2wY7l6qq-bOfE7noDDrgbRWUyAIUt66LNrAakWLaIMHBC-S-Dm5OK2-FFTAql6SxT3SeRrBNGXStLBOyLONpNC4Xs72bWWt5uhWEH3XUjNCxtbVNvzbvTFHPAAeMzkAEWBD3RErZFzk_OqEuUzNv5k7PPOJlmFfnLusdN8yE2lD716bmGg3cxZeXnfU879EscYeD5yOoAQMP0fZGNKOuQYSft5t6itr9a0aLKKj-XIfUzsUa9ZfM9BW_h4l6fKecVjZBr1Zm9YOBpHA7yB9XfdLXyM38SRo4x2F2xCcvLi9FjKxxZZLvxSf5CgMM3Sf-yV7wPSpF46POLRQB0BNnIDenSHh5WNSJp24UYz1h2a0ocLFkHTXFNE8oFrFXzM3RjMT3IEWqPNze3tfCvp9APD1AVKjN4uvUvgcTCxVeKaYs0t-YNylsrP_WtxK0CQn6SNvAsardH5WTvqHm94S92QwE7Bc6eNnWcjm3gzBUdhVkNAzfSSD2ZVg1W2NI4dskkvZhkQFTApXIx_40sN3VwF2W5ZFsJ3yViryy2Rst1qAQp6W-8QoXd5dltUYlrrW3lVJGuhZvKR-OzGnrZSvGwig9K25Ph1LGDqzYlfe3QeqDdzG7h2zlFg1WHccvSd478FrP20Ev8q3l1Mcl4JyglHPV7ryWRhKqL1OCSTXemdRD45GJ-teA2yUJr7sJX8h7-Z6zZL9k4u5gkVaz-FmtT1S9D83kiK75RZTegQi0n9WNmfmLyTyR_9q6x7NTlU7tDcIRcR2Y93JwHcNgVLEGUAl1SszzLwY8Zxl6kz7Q5PyJDADdf2P6ch3A0F1XxUC1XM8xpN8G0YRS-wC_Fyybd1VPNZcUswfigpMxZaLRemTUKTFWAYK1n_5rpK9soCyBUBjGzTnKt5lx12BEh_TM0g8lIqQhbDYOcUsfxw-G3IcGPkafOLLH1H57ySEAMbT1kibFaIgqFOA9QIZzD6vSdgYtT0ySqtrK5aASpLcNj7WWScyeXoZl6iY5PRf_z7NkeSZJw0SgQXfwiG5GMqGW8fCVVuMI__kuIr0avxG-9sDm_QhJtQqL6QQR38UyWdhSf0d9Gb47gm2-gRfSJ24Bg2KO8xYhkdiUS8hbEs14EPgQB6apGioxXBwjwobzpkzAblEoTAQMgj-n6GjBWdgfz9w6r-FDo3tyiIleJxvYb6TpEfBXgftWHbLnt3s8Q7QOLsh8400UbBF4rH13PIHSN2JiQDnf0T02bKW1EZ2OYTN_2iV35V4Drb1rnfqs65OqobiwDUAfgxpB_OQAxje6W7XoF4B7qIP6PVPCrR7ZKePZlwjjD0tPFjdT20kIl76VaT0EaNECkqYH1cR5cA0QDRIJF17snts3VZQ1GVMWcBWmyOTiq4h4_gPZyzxdmvA04993kNpNK_LnRC7Ep9BK22yvDm0eJNymwlDyWtDAWPbxTp8nQRGAebOLU9fXeBTZuB_b2cvQVimwYQlTUUd0yUzjJfDPGvjsuUSpZdj0IcRd_dCcCPlDJraag2DoReTBy7Yi9WILEKmpBeuwVY4jr1LMoncFajM8RdENpBfBURXA838K53EjNqMSmUG3twQbbObF5qvPJ-MZBN8CKDfRK_zakkCBB-4MBpZORxeP0Q8P_B9h9ULp61XE3UfqQMeo-nspmik4V8IjVOQIZLyg2ogY3TxMfg156Ld-JT20Ws0GB_amHHGb94xOYFAogmrulqxzqaEioPKXZ6BuSaYCXde7D15AB3uFyBIcVQUpWih4GdUrJvO1ip6238aBNwQipMwFk6gWLmKnSAA&cid=CAASEuRox9ymb-FflZTu1Tq5pH_jww&rfl=1%2Chttps%253A%252F%252Flivehd7.vip%252F%240 Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5512fb6489eeb95a0a805fa4a9349ced39934b0187f614ecd876050b12b08e11 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:16:43 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 31214 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame B209	42 B 110 B	43ms 42ms	Image image/gif	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BCalK8qX3EGakV2E72XuLL1UBPO34koJa2qXVIAaE4xqRBSM628n3y2CLfQmyQkteJaOTV8OEuN3HQg2NjIzs0Wh--MwSev7rzo3tMZvYsUuWyEkI Requested by Host: 2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com URL: https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:16:43 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame B209	2 KB 1 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/window_focus_fy2019.js Requested by Host: 2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com URL: https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9bc961b22032cf0f2172453970fa236676981a171bb2b46dae5cde1de946aab2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:15:11 GMT content-encoding gzip x-content-type-options nosniff age 92 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1337 x-xss-protection 0 server cafe etag 17605089983984592854 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 25 Nov 2021 09:15:11 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame B209	119 KB 36 KB	25ms 24ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com URL: https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:43 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37119 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1636547677202025" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Thu, 11 Nov 2021 09:16:43 GMT
GET H2	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame B209	15 KB 6 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/qs_click_protection_fy2019.js Requested by Host: 2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com URL: https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9dcc85f59fe0fea452da8e3af9bc354752364edc4d6a32d5c2f875e174fb2c06 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:13:38 GMT content-encoding gzip x-content-type-options nosniff age 185 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6461 x-xss-protection 0 server cafe etag 1157727964977547826 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 25 Nov 2021 09:13:38 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame B209	0 0	14ms 14ms	Image text/html	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaRBcYmbck53a1l1z0kraJIy1niPfRxsYM21iPVl_jlUJyGP_7DW_JpDq0CNImE0lHJBk_pAj6-tnfSmJGatqlCN1HPrUg Requested by Host: 2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com URL: https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame EE38 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHZaFJ86__h35Pz_wrRrHTc&google_cver=1	43 B 894 B	78ms 37ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHZaFJ86__h35Pz_wrRrHTc&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARjV3L-6ATAB&v=APEucNWolDokb1fnWl_s4xZ8Aa7pJkYYclp0xyc1wiZAO2xcE32zrthQSTUOWVoFM2VtT3owpZUT9zEOA6efOcMyG-qVj_4W547eSC2J5-UJDs7XJLzlE1K_bYd5qSR7t0OxRjlQKHTYu04pbFn-f7g3OLWhwH4bq8ZVUT0I_KLmhkC1HVXQyTk Protocol HTTP/1.1 Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Pragma no-cache Date Thu, 11 Nov 2021 09:16:43 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Thu, 11 Nov 2021 09:16:43 GMT Redirect headers pragma no-cache date Thu, 11 Nov 2021 09:16:43 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHZaFJ86__h35Pz_wrRrHTc&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame EE38 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYzfe7TxljIHqFA6n-QHzgAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHZaFJ86__h35Pz_wrRrHTc&google_cver=1	43 B 894 B	25ms 25ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHZaFJ86__h35Pz_wrRrHTc&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARjV3L-6ATAB&v=APEucNWolDokb1fnWl_s4xZ8Aa7pJkYYclp0xyc1wiZAO2xcE32zrthQSTUOWVoFM2VtT3owpZUT9zEOA6efOcMyG-qVj_4W547eSC2J5-UJDs7XJLzlE1K_bYd5qSR7t0OxRjlQKHTYu04pbFn-f7g3OLWhwH4bq8ZVUT0I_KLmhkC1HVXQyTk Protocol HTTP/1.1 Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Pragma no-cache Date Thu, 11 Nov 2021 09:16:43 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Thu, 11 Nov 2021 09:16:43 GMT Redirect headers pragma no-cache date Thu, 11 Nov 2021 09:16:43 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHZaFJ86__h35Pz_wrRrHTc&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame EE38 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEGFTn7V6C8nznS7rc0t4V3c&google_cver=1	43 B 1004 B	9ms 8ms	Image image/gif	37.252.172.249 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEGFTn7V6C8nznS7rc0t4V3c&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARjV3L-6ATAB&v=APEucNWolDokb1fnWl_s4xZ8Aa7pJkYYclp0xyc1wiZAO2xcE32zrthQSTUOWVoFM2VtT3owpZUT9zEOA6efOcMyG-qVj_4W547eSC2J5-UJDs7XJLzlE1K_bYd5qSR7t0OxRjlQKHTYu04pbFn-f7g3OLWhwH4bq8ZVUT0I_KLmhkC1HVXQyTk Protocol HTTP/1.1 Server 37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Pragma no-cache Date Thu, 11 Nov 2021 09:16:43 GMT X-Proxy-Origin 194.36.108.20; 194.36.108.20; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid 02d97db7-9202-4ec7-ba33-a995ce0c3e75 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Thu, 11 Nov 2021 09:16:43 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ib.adnxs.com/setuid?entity=101&code=CAESEGFTn7V6C8nznS7rc0t4V3c&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame EE38 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQyMTIwOTQxMjcyNjkzMTA0NQ%3D%3D	170 B 188 B	27ms 27ms	Image image/png	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQyMTIwOTQxMjcyNjkzMTA0NQ%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARjV3L-6ATAB&v=APEucNWolDokb1fnWl_s4xZ8Aa7pJkYYclp0xyc1wiZAO2xcE32zrthQSTUOWVoFM2VtT3owpZUT9zEOA6efOcMyG-qVj_4W547eSC2J5-UJDs7XJLzlE1K_bYd5qSR7t0OxRjlQKHTYu04pbFn-f7g3OLWhwH4bq8ZVUT0I_KLmhkC1HVXQyTk Protocol H3 Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:16:43 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Thu, 11 Nov 2021 09:16:43 GMT X-Proxy-Origin 194.36.108.20; 194.36.108.20; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid 01a5230a-1afb-4fb4-9087-52b0ccb2eaad Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQyMTIwOTQxMjcyNjkzMTA0NQ%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	html_inpage_rendering_lib_200_275.js Show response s0.2mdn.net/879366/ Frame B209	169 KB 59 KB	336ms 11ms	Script text/javascript	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/ Origin https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 00:41:16 GMT content-encoding gzip x-content-type-options nosniff age 30927 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 60173 x-xss-protection 0 last-modified Mon, 27 Sep 2021 18:44:51 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 12 Nov 2021 00:41:16 GMT
GET H2	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/elements/html/ Frame B209	8 KB 3 KB	8ms 8ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CuK8zZnU8BvsKEuWMJhsCDd5H2VslrzSTXCLxPHucMdCDtDsB0SeNsbJDfjc9sLjTchkVElPArB-XwD6UdQMl8lJju3x5kxR6ZMqr_y7vFnYORWUVFLsAHBRwksDlRAJgInXzTawbKYtYK94TexhHOMkVNEQ&dbm_d=AKAmf-DQ2JG8jcUfUVjVkhfYCSHhf1gJUXjVriy7rT7_GhMxOskr4vx5jjR9YyBQETcv9WllcwP9CQfdvScfOAN4cqRmQ1mvyOYSOLkIk-vEB3TSDOShl5vB6homSVv6e9eOQIaAjakaeZszJlx0QNrjmPpZHxCWIAM7UkPcruNW_Fj-pHphr6mKXEqMzh3OAgfHcY4Oyoe0ITFbkVtjxr9cdjaQlBM0Xq637T62YQZILsN1vTWgbLCs19Pgq9jBwnX3-jNJg0n30TyJpmF3vq901TKDkRnwW83kpIwryGe5jjrFosye2UYnAPdVpj8F51DF29cR6_-GKNTOqC9zJKD4-ylE1LvYW9fIyXZ0Kg_2tWWOztpieSiMijkQwM6wWOyuz3bBpooP4vF7iy-sNep1Y5Ie6gK5i3WlC19fTotTvpuz3dy2KtQKVvap6YkLUp0s48P6YU-cJfXaXkhgaKCV-uLQQ1hkSdWPqPF6Fffr3_qjNy-gxQNaF-u_Inxk5LPiHGBg8IBALEa3kIFpV5DLB51QnnW1Bh03D0qQX7QjzqGsDR_T3_9RYyUwSCvVs3qz2RWnUbcE49Q7MD4UNtXBW06MHYDu-Z-m3ynUHvQ4FrHQOKGp3a0vJn2salyXHoGiCCETwTlrpoH0rP5prAIVWjZQ8O6L0atSe3y0BdpgLu4UQbor3qpe1VDwuSEpfyPvAcrwp3IkcBAAJHA0Xcx2MFTudLaH6gIl_WkeUlmH1d3ps_9ITFpt36sTAaFEshtUE406fAxBX2yVnKElUzNXhnJ6w-c1CLUeAR9bECutLsVdMYZoIaeMCrao5ois3SYyZ6Xfpq6JKzKtYtSE9DT0JYT9988tB6HSasC9UVBx512L0cjiJG_pcxzmAd8-PBiwJLd0R4bJMfK89RzfE04WxMq2L5UPuKmtXedYMAskDUbyx4an_w2nma7G75PFUm1otZ0ViY3UHmtZ0Sns27tzOZdHVejeMdcR0HCApO82ULkzpT3MFjS1vGbUJfReMi6vJZAhrtuUF7FdmOD0VUiqX21IU5TY7CI53b3otb9IfyZfCrw2SelJbyt93iWI7Q-uYzycVg-WIMPXAghdMWqK_kFVNgA1_ihqlpv9xkAFv2DzT36fMl5GLcQfLvXuB2q6W3j7kmxB_hci-dBNkZU30hykoSlnmU1ZmfuWlJzTN2Mv47q1kUYN41j6dhFBbRFfrFC3gbVVq7Pze_RICBL1Cbl1ejj4PxCwbR6FTryOgS3ygsEpu_1B7Iw8SRrr60unPLFmUzdOMpL8cwqWx2KXlKZRmEGV3T64F1oMW1yd2sr3nz_yR3t_3n9_CLQtXwaSprt71T5vy9sX_dj2wY7l6qq-bOfE7noDDrgbRWUyAIUt66LNrAakWLaIMHBC-S-Dm5OK2-FFTAql6SxT3SeRrBNGXStLBOyLONpNC4Xs72bWWt5uhWEH3XUjNCxtbVNvzbvTFHPAAeMzkAEWBD3RErZFzk_OqEuUzNv5k7PPOJlmFfnLusdN8yE2lD716bmGg3cxZeXnfU879EscYeD5yOoAQMP0fZGNKOuQYSft5t6itr9a0aLKKj-XIfUzsUa9ZfM9BW_h4l6fKecVjZBr1Zm9YOBpHA7yB9XfdLXyM38SRo4x2F2xCcvLi9FjKxxZZLvxSf5CgMM3Sf-yV7wPSpF46POLRQB0BNnIDenSHh5WNSJp24UYz1h2a0ocLFkHTXFNE8oFrFXzM3RjMT3IEWqPNze3tfCvp9APD1AVKjN4uvUvgcTCxVeKaYs0t-YNylsrP_WtxK0CQn6SNvAsardH5WTvqHm94S92QwE7Bc6eNnWcjm3gzBUdhVkNAzfSSD2ZVg1W2NI4dskkvZhkQFTApXIx_40sN3VwF2W5ZFsJ3yViryy2Rst1qAQp6W-8QoXd5dltUYlrrW3lVJGuhZvKR-OzGnrZSvGwig9K25Ph1LGDqzYlfe3QeqDdzG7h2zlFg1WHccvSd478FrP20Ev8q3l1Mcl4JyglHPV7ryWRhKqL1OCSTXemdRD45GJ-teA2yUJr7sJX8h7-Z6zZL9k4u5gkVaz-FmtT1S9D83kiK75RZTegQi0n9WNmfmLyTyR_9q6x7NTlU7tDcIRcR2Y93JwHcNgVLEGUAl1SszzLwY8Zxl6kz7Q5PyJDADdf2P6ch3A0F1XxUC1XM8xpN8G0YRS-wC_Fyybd1VPNZcUswfigpMxZaLRemTUKTFWAYK1n_5rpK9soCyBUBjGzTnKt5lx12BEh_TM0g8lIqQhbDYOcUsfxw-G3IcGPkafOLLH1H57ySEAMbT1kibFaIgqFOA9QIZzD6vSdgYtT0ySqtrK5aASpLcNj7WWScyeXoZl6iY5PRf_z7NkeSZJw0SgQXfwiG5GMqGW8fCVVuMI__kuIr0avxG-9sDm_QhJtQqL6QQR38UyWdhSf0d9Gb47gm2-gRfSJ24Bg2KO8xYhkdiUS8hbEs14EPgQB6apGioxXBwjwobzpkzAblEoTAQMgj-n6GjBWdgfz9w6r-FDo3tyiIleJxvYb6TpEfBXgftWHbLnt3s8Q7QOLsh8400UbBF4rH13PIHSN2JiQDnf0T02bKW1EZ2OYTN_2iV35V4Drb1rnfqs65OqobiwDUAfgxpB_OQAxje6W7XoF4B7qIP6PVPCrR7ZKePZlwjjD0tPFjdT20kIl76VaT0EaNECkqYH1cR5cA0QDRIJF17snts3VZQ1GVMWcBWmyOTiq4h4_gPZyzxdmvA04993kNpNK_LnRC7Ep9BK22yvDm0eJNymwlDyWtDAWPbxTp8nQRGAebOLU9fXeBTZuB_b2cvQVimwYQlTUUd0yUzjJfDPGvjsuUSpZdj0IcRd_dCcCPlDJraag2DoReTBy7Yi9WILEKmpBeuwVY4jr1LMoncFajM8RdENpBfBURXA838K53EjNqMSmUG3twQbbObF5qvPJ-MZBN8CKDfRK_zakkCBB-4MBpZORxeP0Q8P_B9h9ULp61XE3UfqQMeo-nspmik4V8IjVOQIZLyg2ogY3TxMfg156Ld-JT20Ws0GB_amHHGb94xOYFAogmrulqxzqaEioPKXZ6BuSaYCXde7D15AB3uFyBIcVQUpWih4GdUrJvO1ip6238aBNwQipMwFk6gWLmKnSAA&cid=CAASEuRox9ymb-FflZTu1Tq5pH_jww&rfl=1%2Chttps%253A%252F%252Flivehd7.vip%252F%240 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:14:14 GMT content-encoding gzip x-content-type-options nosniff age 149 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3140 x-xss-protection 0 server cafe etag 17163059639670574047 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 25 Nov 2021 09:14:14 GMT
GET H2	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/ Frame B209	24 KB 9 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CuK8zZnU8BvsKEuWMJhsCDd5H2VslrzSTXCLxPHucMdCDtDsB0SeNsbJDfjc9sLjTchkVElPArB-XwD6UdQMl8lJju3x5kxR6ZMqr_y7vFnYORWUVFLsAHBRwksDlRAJgInXzTawbKYtYK94TexhHOMkVNEQ&dbm_d=AKAmf-DQ2JG8jcUfUVjVkhfYCSHhf1gJUXjVriy7rT7_GhMxOskr4vx5jjR9YyBQETcv9WllcwP9CQfdvScfOAN4cqRmQ1mvyOYSOLkIk-vEB3TSDOShl5vB6homSVv6e9eOQIaAjakaeZszJlx0QNrjmPpZHxCWIAM7UkPcruNW_Fj-pHphr6mKXEqMzh3OAgfHcY4Oyoe0ITFbkVtjxr9cdjaQlBM0Xq637T62YQZILsN1vTWgbLCs19Pgq9jBwnX3-jNJg0n30TyJpmF3vq901TKDkRnwW83kpIwryGe5jjrFosye2UYnAPdVpj8F51DF29cR6_-GKNTOqC9zJKD4-ylE1LvYW9fIyXZ0Kg_2tWWOztpieSiMijkQwM6wWOyuz3bBpooP4vF7iy-sNep1Y5Ie6gK5i3WlC19fTotTvpuz3dy2KtQKVvap6YkLUp0s48P6YU-cJfXaXkhgaKCV-uLQQ1hkSdWPqPF6Fffr3_qjNy-gxQNaF-u_Inxk5LPiHGBg8IBALEa3kIFpV5DLB51QnnW1Bh03D0qQX7QjzqGsDR_T3_9RYyUwSCvVs3qz2RWnUbcE49Q7MD4UNtXBW06MHYDu-Z-m3ynUHvQ4FrHQOKGp3a0vJn2salyXHoGiCCETwTlrpoH0rP5prAIVWjZQ8O6L0atSe3y0BdpgLu4UQbor3qpe1VDwuSEpfyPvAcrwp3IkcBAAJHA0Xcx2MFTudLaH6gIl_WkeUlmH1d3ps_9ITFpt36sTAaFEshtUE406fAxBX2yVnKElUzNXhnJ6w-c1CLUeAR9bECutLsVdMYZoIaeMCrao5ois3SYyZ6Xfpq6JKzKtYtSE9DT0JYT9988tB6HSasC9UVBx512L0cjiJG_pcxzmAd8-PBiwJLd0R4bJMfK89RzfE04WxMq2L5UPuKmtXedYMAskDUbyx4an_w2nma7G75PFUm1otZ0ViY3UHmtZ0Sns27tzOZdHVejeMdcR0HCApO82ULkzpT3MFjS1vGbUJfReMi6vJZAhrtuUF7FdmOD0VUiqX21IU5TY7CI53b3otb9IfyZfCrw2SelJbyt93iWI7Q-uYzycVg-WIMPXAghdMWqK_kFVNgA1_ihqlpv9xkAFv2DzT36fMl5GLcQfLvXuB2q6W3j7kmxB_hci-dBNkZU30hykoSlnmU1ZmfuWlJzTN2Mv47q1kUYN41j6dhFBbRFfrFC3gbVVq7Pze_RICBL1Cbl1ejj4PxCwbR6FTryOgS3ygsEpu_1B7Iw8SRrr60unPLFmUzdOMpL8cwqWx2KXlKZRmEGV3T64F1oMW1yd2sr3nz_yR3t_3n9_CLQtXwaSprt71T5vy9sX_dj2wY7l6qq-bOfE7noDDrgbRWUyAIUt66LNrAakWLaIMHBC-S-Dm5OK2-FFTAql6SxT3SeRrBNGXStLBOyLONpNC4Xs72bWWt5uhWEH3XUjNCxtbVNvzbvTFHPAAeMzkAEWBD3RErZFzk_OqEuUzNv5k7PPOJlmFfnLusdN8yE2lD716bmGg3cxZeXnfU879EscYeD5yOoAQMP0fZGNKOuQYSft5t6itr9a0aLKKj-XIfUzsUa9ZfM9BW_h4l6fKecVjZBr1Zm9YOBpHA7yB9XfdLXyM38SRo4x2F2xCcvLi9FjKxxZZLvxSf5CgMM3Sf-yV7wPSpF46POLRQB0BNnIDenSHh5WNSJp24UYz1h2a0ocLFkHTXFNE8oFrFXzM3RjMT3IEWqPNze3tfCvp9APD1AVKjN4uvUvgcTCxVeKaYs0t-YNylsrP_WtxK0CQn6SNvAsardH5WTvqHm94S92QwE7Bc6eNnWcjm3gzBUdhVkNAzfSSD2ZVg1W2NI4dskkvZhkQFTApXIx_40sN3VwF2W5ZFsJ3yViryy2Rst1qAQp6W-8QoXd5dltUYlrrW3lVJGuhZvKR-OzGnrZSvGwig9K25Ph1LGDqzYlfe3QeqDdzG7h2zlFg1WHccvSd478FrP20Ev8q3l1Mcl4JyglHPV7ryWRhKqL1OCSTXemdRD45GJ-teA2yUJr7sJX8h7-Z6zZL9k4u5gkVaz-FmtT1S9D83kiK75RZTegQi0n9WNmfmLyTyR_9q6x7NTlU7tDcIRcR2Y93JwHcNgVLEGUAl1SszzLwY8Zxl6kz7Q5PyJDADdf2P6ch3A0F1XxUC1XM8xpN8G0YRS-wC_Fyybd1VPNZcUswfigpMxZaLRemTUKTFWAYK1n_5rpK9soCyBUBjGzTnKt5lx12BEh_TM0g8lIqQhbDYOcUsfxw-G3IcGPkafOLLH1H57ySEAMbT1kibFaIgqFOA9QIZzD6vSdgYtT0ySqtrK5aASpLcNj7WWScyeXoZl6iY5PRf_z7NkeSZJw0SgQXfwiG5GMqGW8fCVVuMI__kuIr0avxG-9sDm_QhJtQqL6QQR38UyWdhSf0d9Gb47gm2-gRfSJ24Bg2KO8xYhkdiUS8hbEs14EPgQB6apGioxXBwjwobzpkzAblEoTAQMgj-n6GjBWdgfz9w6r-FDo3tyiIleJxvYb6TpEfBXgftWHbLnt3s8Q7QOLsh8400UbBF4rH13PIHSN2JiQDnf0T02bKW1EZ2OYTN_2iV35V4Drb1rnfqs65OqobiwDUAfgxpB_OQAxje6W7XoF4B7qIP6PVPCrR7ZKePZlwjjD0tPFjdT20kIl76VaT0EaNECkqYH1cR5cA0QDRIJF17snts3VZQ1GVMWcBWmyOTiq4h4_gPZyzxdmvA04993kNpNK_LnRC7Ep9BK22yvDm0eJNymwlDyWtDAWPbxTp8nQRGAebOLU9fXeBTZuB_b2cvQVimwYQlTUUd0yUzjJfDPGvjsuUSpZdj0IcRd_dCcCPlDJraag2DoReTBy7Yi9WILEKmpBeuwVY4jr1LMoncFajM8RdENpBfBURXA838K53EjNqMSmUG3twQbbObF5qvPJ-MZBN8CKDfRK_zakkCBB-4MBpZORxeP0Q8P_B9h9ULp61XE3UfqQMeo-nspmik4V8IjVOQIZLyg2ogY3TxMfg156Ld-JT20Ws0GB_amHHGb94xOYFAogmrulqxzqaEioPKXZ6BuSaYCXde7D15AB3uFyBIcVQUpWih4GdUrJvO1ip6238aBNwQipMwFk6gWLmKnSAA&cid=CAASEuRox9ymb-FflZTu1Tq5pH_jww&rfl=1%2Chttps%253A%252F%252Flivehd7.vip%252F%240 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7b0a1683702d854c16cffb91d10f500cf10018eacf0c2b4c939293dea961e1f4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:13:37 GMT content-encoding gzip x-content-type-options nosniff age 186 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9506 x-xss-protection 0 server cafe etag 11173536317444432557 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 25 Nov 2021 09:13:37 GMT
GET H2	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame B209	41 KB 15 KB	9ms 7ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: 2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com URL: https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 00:41:17 GMT content-encoding gzip x-content-type-options nosniff age 117326 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" expires Thu, 10 Nov 2022 00:41:17 GMT
GET H2	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 85D9	1 KB 788 B	7ms 7ms	Document text/html	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: 2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com URL: https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/ Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Wed, 10 Nov 2021 18:26:41 GMT expires Thu, 11 Nov 2021 18:26:41 GMT content-type text/html; charset=UTF-8 etag 48472445140208031 x-content-type-options nosniff content-encoding gzip server cafe content-length 724 x-xss-protection 0 age 53402 cache-control public, max-age=86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET DATA	200 OK	truncated / Frame B209	217 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 42f475226e267cf911fcbdd6bb30435217267b5985d4a37a4b96f4283306d5fb Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Type image/png
POST H/1.1	204 No Content	multitracking Show response ghb.adtelligent.com/adunit/	0 202 B	167ms 167ms	XHR text/plain	209.58.175.20 LEASEWEB-APAC-SIN...
General Check archive.org Show headers Download Go to Full URL https://ghb.adtelligent.com/adunit/multitracking Requested by Host: player.adtelligent.com URL: https://player.adtelligent.com/prebidlink/454617/wrapper_hb_323303_12149.es6.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 209.58.175.20 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG), Reverse DNS Software VertaMedia 1.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://livehd7.vip/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Access-Control-Allow-Origin https://livehd7.vip Date Thu, 11 Nov 2021 09:16:43 GMT Access-Control-Allow-Credentials true Server VertaMedia 1.0 Connection Keep-Alive
GET H2	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 93F1	22 KB 8 KB	7ms 6ms	Document text/html	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} timing-allow-origin * content-length 8395 date Wed, 10 Nov 2021 00:41:17 GMT expires Thu, 10 Nov 2022 00:41:17 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 117326 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	pixel cm.g.doubleclick.net/ Frame 85D9 Redirect Chain https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMJo96Xl8wnKPHnxrpBl2o4&google_cve... https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aW5oWGZpTzIxTUw2Y2o1&google_gid=CAESEMJo96Xl8wnKPHnxrpBl2o4&google_cver=1&google_push=AYg5qPIGQYcAQuknRZHnDb6hkTS-KG54g5NYrN0T9k9AZJy...	170 B 188 B	18ms 17ms	Image image/png	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aW5oWGZpTzIxTUw2Y2o1&google_gid=CAESEMJo96Xl8wnKPHnxrpBl2o4&google_cver=1&google_push=AYg5qPIGQYcAQuknRZHnDb6hkTS-KG54g5NYrN0T9k9AZJynQKJHRHPzhkkr_-et7PxjrCjpqWCPaMnb8Aqq3AbwQswDjO-nudnS Requested by Host: 2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com URL: https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:16:43 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Thu, 11 Nov 2021 09:16:43 GMT Server PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-00eeed23208b59ecc@eu-central-1b@dxedge-app-eu-central-1-prod-asg Strict-Transport-Security max-age=2592000; includeSubDomains P3P policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI" Location https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aW5oWGZpTzIxTUw2Y2o1&google_gid=CAESEMJo96Xl8wnKPHnxrpBl2o4&google_cver=1&google_push=AYg5qPIGQYcAQuknRZHnDb6hkTS-KG54g5NYrN0T9k9AZJynQKJHRHPzhkkr_-et7PxjrCjpqWCPaMnb8Aqq3AbwQswDjO-nudnS Cache-Control no-cache, must-revalidate Connection keep-alive Content-Length 0 Expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 85D9 Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEOVTFIXdcr47PrKWTU2snLU&google_cver=1&google_push=AYg5qPJnUI4H9qDQjhw_x9TmCtajqs9Qi1FOMmcn_fM6uBnearwSUPcAnxulwLJ8OqWFXh-KLiDQ0iS1wzJV3M4L... https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJnUI4H9qDQjhw_x9TmCtajqs9Qi1FOMmcn_fM6uBnearwSUPcAnxulwLJ8OqWFXh-KLiDQ0iS1wzJV3M4LNCpMzd-eEKg	170 B 188 B	23ms 23ms	Image image/png	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJnUI4H9qDQjhw_x9TmCtajqs9Qi1FOMmcn_fM6uBnearwSUPcAnxulwLJ8OqWFXh-KLiDQ0iS1wzJV3M4LNCpMzd-eEKg Requested by Host: 2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com URL: https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:16:43 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Thu, 11 Nov 2021 09:16:43 GMT Server MT3 4067 88cc6bf master cdg-pixel-x2 config:1.0.0 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJnUI4H9qDQjhw_x9TmCtajqs9Qi1FOMmcn_fM6uBnearwSUPcAnxulwLJ8OqWFXh-KLiDQ0iS1wzJV3M4LNCpMzd-eEKg Cache-Control no-cache Connection keep-alive Content-Type image/gif Keep-Alive timeout=360 Content-Length 0 Expires Thu, 11 Nov 2021 09:16:42 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 85D9 Redirect Chain https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAlTPomIkG16yG_C__PVXFM&google_cver=1&google_push=AYg5qPI5WJ7-Jx0dQ588tXfKnrXAQ2Z-0RfNmdZEG-tTplnJAIHsxlSvxIHdI7oz8FL6tCbDojhFE7OrfW74iI... https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyOTIzODgzNzgwNTExOTY0Mw%3D%3D&google_push=AYg5qPI5WJ7-Jx0dQ588tXfKnrXAQ2Z-0RfNmdZEG-tTplnJAIHsxlSvxIHdI7oz8FL6tCbDojhFE7OrfW74iIrZwc...	170 B 188 B	24ms 24ms	Image image/png	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyOTIzODgzNzgwNTExOTY0Mw%3D%3D&google_push=AYg5qPI5WJ7-Jx0dQ588tXfKnrXAQ2Z-0RfNmdZEG-tTplnJAIHsxlSvxIHdI7oz8FL6tCbDojhFE7OrfW74iIrZwcEKQT0ZfXoUng Requested by Host: 2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com URL: https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:16:43 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyOTIzODgzNzgwNTExOTY0Mw%3D%3D&google_push=AYg5qPI5WJ7-Jx0dQ588tXfKnrXAQ2Z-0RfNmdZEG-tTplnJAIHsxlSvxIHdI7oz8FL6tCbDojhFE7OrfW74iIrZwcEKQT0ZfXoUng Date Thu, 11 Nov 2021 09:16:43 GMT Server nginx Connection keep-alive Transfer-Encoding chunked p3p policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame 85D9	0 12 B	22ms 22ms	Image text/html	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LILGz7izwCpUCZ0UpejX3zsJx24jTJujBF-88vfNvP0w Requested by Host: 2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com URL: https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:43 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET H2	200	NTNWKiBL7yBOt2fj16hs5kaKxvBgsSqcFBAD4a9zqo0.js Show response pagead2.googlesyndication.com/bg/ Frame 93F1	35 KB 13 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/NTNWKiBL7yBOt2fj16hs5kaKxvBgsSqcFBAD4a9zqo0.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3533562a204bef204eb767e3d7a86ce6468ac6f060b12a9c141003e1af73aa8d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 12:16:50 GMT content-encoding br x-content-type-options nosniff age 75593 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13531 x-xss-protection 0 last-modified Wed, 03 Nov 2021 08:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 10 Nov 2022 12:16:50 GMT
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 93F1	0 56 B	46ms 44ms	Image image/gif	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BRvENe9-MYYnoHcjKgAfnwJXwCwAAAAA4AeAEAg&bg=!qKulq-_NAAYDGbPvAxk7ACkAdvg8WtzcoNQhVIG92a1z9pJTYhKlm51FzY4epfmai53OYQBYkf4RoQIAAABiUgAAAAxoAQcKACwHR--4p07eJka6lMxEVUc1yPzqIkQYmBCLzRnHP7D2tq81DmMZPbKBHQtlrJkDAKcvtgiwHTX7fZL-JgRfiQpvHg-XDXL7ism0lDwULm6EMSguSUz4lVSjQ6EbNrSpj6-ZnhgtB_TU1zbcMPvZzi9hQFJam5bRituJOQwcH8h8wG22RxfDLjDUFDm1ooEsGka6J-SxszG58spLkuqWo3oUCFaaGr8_ILSTBt8WbKM6icRzoX6b2wpRO7fzXcXjn1fWl_hNsgveA7gWSQ7V3k6C6k27KzkjAmBf5wsfkZXC7IaNhImFW_8-kTUv6mKpRE3TbacNb9oz17iPMHIHU6dPhIv7IiwNJkoXdvOIy0iRdlc3241LdDHiKiEii6xR1BYeBYOYQgzv9WXmN1yJJbFbM2EanyRdtFasRzWn4ZxqIs6fzpj9DATPoIZwZ5JwYIiI01pomNOm0iRUN_76sRx6NYKz6pvayc7QfzmmUssDFegPHop67ah2hQ6RFr1PP91OpQy-aU7vCtxuOeTA5wJ5gFrjuNlC5hrMSgKDpFgFWRyUDKti92DHSBsub3LkbufB-KpaK8Lf2Figc-8_iSz4NAm2ddtcIvj_2BX5H90-B5Yc4pkHqVqMo3D7JDKaVIaUutltpHoZV9bb5poFO8EYE4oOldUjdsvwcpYS3xYHMZMe90v-5Hs9RREdm5phkoNRTWvKTma6sK4B9ifOqsJUZsee0Ph7lCNbh_iZRPHJmLC7kDgoB5He4jm_VYwdTxYhyEak0uDleh2hd8xvPRNbACdGGkfb4lXrFVItpRuWeTbQHsbrBTVrYG9ULdH0LRwjZ77-1XyXIza-S9q2EV3yXjAdZpWx59ehETUkl-OOkJ-X0f1GfD0euozdfve-QueiUkrzwAmrYzi8ZMBUoaKcqwdwMJbt4zJ5epqp1YZze-Lw_7GbUggh2d6YI4J3pF5zzALz7cyBYsdJT_gakT4k-lIRcLCxC6Ue1diVs5d9-A8zJw4m9ayMyCYuQaW7iY99xXlhMDVK7qVDosq1iLnQkDEdUd5gu6hTWYXsQElRC54QRPY25rODojKqEz93Ag Requested by Host: 2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com URL: https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:16:43 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 165 B	17ms 16ms	Script application/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=livehd7.vip Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers timing-allow-origin * date Thu, 11 Nov 2021 09:16:43 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 165 B	17ms 17ms	Script application/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=livehd7.vip Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers timing-allow-origin * date Thu, 11 Nov 2021 09:16:43 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	18 KB 9 KB	282ms 281ms	XHR text/plain	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2060382054072818&correlator=303416540655786&output=ldjh&impl=fifs&eid=31063136%2C31063213%2C31063705%2C44754276&vrg=2021111001&ptt=17&sc=1&sfv=1-0-38&ecs=20211111&iu_parts=21633152309%2Capldynamicforall%2Cdynamic&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600&prev_scp=refresh%3Dtrue%26test%3Devent%26excl_cat%3DPREPOST&eri=1&cookie=ID%3Da97417d6f5e5de4c%3AT%3D1636622201%3AS%3DALNI_MbD6HxHrva5rY_MKezi3H2URadocA&bc=31&abxe=1&lmt=1636620996&dt=1636622203437&dlt=1636622201171&idt=360&frm=20&biw=1600&bih=1200&oid=2&adxs=-300&adys=601&adks=2873352456&ucis=3&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Flivehd7.vip%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=430927257.1636622202&ga_sid=1636622202&ga_hid=782446249&ga_fc=true&fws=516&ohw=300&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash 56204d767882116c07071f84378bda3beb6a1d7cf614fa127805ab41f11cabaf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:44 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9552 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://livehd7.vip cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	index.html Show response s0.2mdn.net/ads/richmedia/studio/pv2/61936385/20211027065029898/ Frame 3A8B	4 KB 1 KB	16ms 15ms	Document text/html	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61936385/20211027065029898/index.html?e=69&leftOffset=0&topOffset=0&c=j5UJeaiULP&t=1&renderingType=2 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f148daed7af927b5236037ec768efcc12b26cca6261c1748d48f0a886633e79b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html access-control-allow-origin * cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} timing-allow-origin * content-length 991 date Thu, 11 Nov 2021 09:16:43 GMT expires Fri, 12 Nov 2021 09:16:43 GMT cache-control public, max-age=86400 last-modified Wed, 27 Oct 2021 13:50:29 GMT x-content-type-options nosniff server sffe x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H2	200	view googleads4.g.doubleclick.net/pcs/ Frame B209	0 571 B	93ms 53ms	Ping image/gif	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssV7ZoR0NBchy2z7bL5Ad6uVzLCjMQLSKsKslS00dI4tzWktJbvio63pv2-eF3zB1TtRSbh70-rIRnROomPaNMFPiccalmL8DZUO8wLYrMUQB6g7L495lE_iLAy70CARCwjRWAUhznxpI5xys_pIVAOse7uz4_qMQGmWRxsGGPJCRsckWS_qrtyuBMz71XqUnt10ZLxLS1FPLm80qlwkwcHX-hhBQwgfhzh8Rlc7MGXH9LODbrnwq71gLSHJU3CDVixJpGz9Pf_ass2epAlkm0qOu10hcrWz_CcV2bxZLrtlMchsppIZLv-M2q-dxk8mWipq4qdvhSbbVUjwPXRHbPEtMuFeOn43VSHfT-By0oOQO9Q5PKwzKQBI6DcCH8BBu1URyuYDnxLcTNPHlLOZ4Sw7xl4sY2wI6Qlnrvb-2XvDWb41G43n7PSV4-w6MxGmuWJhcNypmkNrQ2N3vx_XYOkG-uzrnBmijfSWwjhnF7FdYWWTUDTIMQ_ihBPW6-L04K3OY-uomMaDkXQKd34sKdwUM_Ns9nAUdwE3MkzUBa3ov1_IQmeOwqwpoB8QmCBTqwL8gsf5bzRDoPt4xYzsfprQ3Ls6ioVQjfsdkuGGlPPCsopqCIBe-uxb31ToVY1R2gKEh33GHKK5x8ZCQRB63UQp7OWl9KQLxRrIlQjnDV4l7wfFZjLIT8O-HJkETjnaaT53g5L1GQ1PMZ-y6lZpvpzmEciBu2vSfQNbelALPNcHUWSc6Y9ECh1QG_ajCjWOn3EinEMM80eumyg6Nd0KPCZHrJQtdAOIrnLnexLqiQsOb3icp8JmIZYxdl6EPWTCn6MTSX2COu9oZIGs0a5ExcYQ_49KNLJgUcDlXnmNlksZscMo11nwYeYRQSqgVvp2frBl5hWj_sxjBWalnwv0s2-A6gAXgGRwxrmK5Kx5Q4Srg6PSOUkgLZy0DJcyH1JavR24WrfcGCAUBAZBUbSHZjvVXj9q-wyyQIBpStEkXg6_mbfQerruXZMIxxJyVLAfQpZb2xyjD71AdFRDcLLHq1tzvXG6-3LFbq_W1AwJRFEaRzSxd4smL4OUIIVDNmpRJvUcxLYoC4K8bgFOC7sR0KY1uW-NTNXKxPJVwxmplqgWKum8hteERsRBuPG89sFNrheBVlaW22_v3evtfMqNUS5SuqNUeRpdVLrjLXWxjT1CHQoycynEMRBbfDl4HPYCJZZvAQjXkVh5RcPCV_yx1XqWubmFaCOd0X93g&sai=AMfl-YRyJoY_bA6wWgo5LNw9yRTQ2B7E_vfoeo41V-5kDGq0YBLmdVJF4KC02vXNBzrlX4p5ADExQDbgc7_2p6n5hMJDIc0zP3nWRWKFDXiXv3FFuSCu63HXDaOu0jC8AuVFPZqLOlHneAmfYC_oV5nuAEuRiqSCYw&sig=Cg0ArKJSzGqyC8nP8H4NEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=379&cbvp=1&cstd=372&cisv=r20211108.63721&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl= Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version date Thu, 11 Nov 2021 09:16:43 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H2	200	hp_styles.css s0.2mdn.net/ads/richmedia/studio/pv2/61936385/20211027065029898/ Frame 3A8B	3 KB 929 B	17ms 16ms	Stylesheet text/css	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61936385/20211027065029898/hp_styles.css Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61936385/20211027065029898/index.html?e=69&leftOffset=0&topOffset=0&c=j5UJeaiULP&t=1&renderingType=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9a031af36b45c2786203313f1243e9cedd55b3e7689be271e18e5ca941284e61 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61936385/20211027065029898/index.html?e=69&leftOffset=0&topOffset=0&c=j5UJeaiULP&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 23:03:29 GMT content-encoding gzip x-content-type-options nosniff age 36794 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 828 x-xss-protection 0 last-modified Wed, 27 Oct 2021 13:50:29 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/css access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 11 Nov 2021 23:03:29 GMT
GET H2	200	tweenmax_2.1.2_min.js Show response s0.2mdn.net/ads/studio/cached_libs/ Frame 3A8B	113 KB 39 KB	18ms 17ms	Script text/javascript	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.1.2_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61936385/20211027065029898/index.html?e=69&leftOffset=0&topOffset=0&c=j5UJeaiULP&t=1&renderingType=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61936385/20211027065029898/index.html?e=69&leftOffset=0&topOffset=0&c=j5UJeaiULP&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:43 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39910 x-xss-protection 0 last-modified Mon, 11 Mar 2019 14:29:26 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 11 Nov 2021 09:16:43 GMT
GET H2	200	Enabler_01_247.js Show response s0.2mdn.net/879366/ Frame 3A8B	118 KB 40 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/Enabler_01_247.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61936385/20211027065029898/index.html?e=69&leftOffset=0&topOffset=0&c=j5UJeaiULP&t=1&renderingType=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61936385/20211027065029898/index.html?e=69&leftOffset=0&topOffset=0&c=j5UJeaiULP&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 15:17:46 GMT content-encoding gzip x-content-type-options nosniff age 64737 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 41099 x-xss-protection 0 last-modified Mon, 27 Sep 2021 18:45:07 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 11 Nov 2021 15:17:46 GMT
GET H2	200	hp_main.js Show response s0.2mdn.net/ads/richmedia/studio/pv2/61936385/20211027065029898/ Frame 3A8B	5 KB 1016 B	16ms 16ms	Script text/javascript	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61936385/20211027065029898/hp_main.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61936385/20211027065029898/index.html?e=69&leftOffset=0&topOffset=0&c=j5UJeaiULP&t=1&renderingType=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7f877bd6b334855b1ee1611a8365c1420ef8dfe88bff4b1ab71f633fc87d760a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61936385/20211027065029898/index.html?e=69&leftOffset=0&topOffset=0&c=j5UJeaiULP&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 23:03:29 GMT content-encoding gzip x-content-type-options nosniff age 36794 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 950 x-xss-protection 0 last-modified Wed, 27 Oct 2021 13:50:29 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 11 Nov 2021 23:03:29 GMT
GET H2	200	rtl-logo.png s0.2mdn.net/ads/richmedia/studio/pv2/61936385/20211027065029898/ Frame 3A8B	5 KB 5 KB	9ms 9ms	Image image/png	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61936385/20211027065029898/rtl-logo.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61936385/20211027065029898/hp_styles.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 440368bf494a3545eda46d4b9a6d1ad45be7b1e43e83358407c25e39bc0fa3c6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61936385/20211027065029898/hp_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 23:03:29 GMT x-content-type-options nosniff age 36794 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4858 x-xss-protection 0 last-modified Wed, 27 Oct 2021 13:50:29 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 11 Nov 2021 23:03:29 GMT
GET H2	200	bgImg1.jpg s0.2mdn.net/ads/richmedia/studio/pv2/61936385/20211027065029898/ Frame 3A8B	20 KB 20 KB	11ms 10ms	Image image/jpeg	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61936385/20211027065029898/bgImg1.jpg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61936385/20211027065029898/hp_styles.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f77ffc22f8604ab69c37ae509c82409027d98328287628ca70f20b216b7719d0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61936385/20211027065029898/hp_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 23:03:29 GMT x-content-type-options nosniff age 36794 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20732 x-xss-protection 0 last-modified Wed, 27 Oct 2021 13:50:29 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 11 Nov 2021 23:03:29 GMT
GET H2	200	txt_sprite01.png s0.2mdn.net/ads/richmedia/studio/pv2/61936385/20211027065029898/ Frame 3A8B	3 KB 3 KB	10ms 9ms	Image image/png	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61936385/20211027065029898/txt_sprite01.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61936385/20211027065029898/hp_styles.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 441d2f70848b672c415dabdb42af2aa260a5e5ccffda1efe864115dc68d0dba3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61936385/20211027065029898/hp_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 23:03:29 GMT x-content-type-options nosniff age 36794 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3141 x-xss-protection 0 last-modified Wed, 27 Oct 2021 13:50:29 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 11 Nov 2021 23:03:29 GMT
GET H2	200	txt_sprite02.png s0.2mdn.net/ads/richmedia/studio/pv2/61936385/20211027065029898/ Frame 3A8B	4 KB 4 KB	10ms 10ms	Image image/png	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61936385/20211027065029898/txt_sprite02.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61936385/20211027065029898/hp_styles.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 472e9b47abe2c617d1243cba7940fb41ffa20facffdd9bf294fba77e2739bce9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61936385/20211027065029898/hp_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 23:03:29 GMT x-content-type-options nosniff age 36794 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4475 x-xss-protection 0 last-modified Wed, 27 Oct 2021 13:50:29 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 11 Nov 2021 23:03:29 GMT
GET H2	200	cta_01.png s0.2mdn.net/ads/richmedia/studio/pv2/61936385/20211027065029898/ Frame 3A8B	2 KB 2 KB	12ms 11ms	Image image/png	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61936385/20211027065029898/cta_01.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61936385/20211027065029898/hp_styles.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fc224aa0a538570958d14afb8e67e22c604e39555d97fa69f22a824657b59135 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61936385/20211027065029898/hp_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 23:03:29 GMT x-content-type-options nosniff age 36794 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2323 x-xss-protection 0 last-modified Wed, 27 Oct 2021 13:50:29 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 11 Nov 2021 23:03:29 GMT
GET H2	200	cta_02.png s0.2mdn.net/ads/richmedia/studio/pv2/61936385/20211027065029898/ Frame 3A8B	2 KB 2 KB	12ms 12ms	Image image/png	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61936385/20211027065029898/cta_02.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61936385/20211027065029898/hp_styles.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 18a44a1e1636dbf604f42ed54b080f9367e18338fb9ffeaf165b49c1a099b0d6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61936385/20211027065029898/hp_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 23:03:29 GMT x-content-type-options nosniff age 36794 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2329 x-xss-protection 0 last-modified Wed, 27 Oct 2021 13:50:29 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 11 Nov 2021 23:03:29 GMT
GET H2	200	logo_ende.png s0.2mdn.net/ads/richmedia/studio/pv2/61936385/20211027065029898/ Frame 3A8B	985 B 1 KB	11ms 10ms	Image image/png	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61936385/20211027065029898/logo_ende.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61936385/20211027065029898/hp_styles.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0e2b6a86fe57356f993b6dcd619316082972e06828eda2bb0db62672a0b2f7f6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61936385/20211027065029898/hp_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 23:03:29 GMT x-content-type-options nosniff age 36794 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 985 x-xss-protection 0 last-modified Wed, 27 Oct 2021 13:50:29 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 11 Nov 2021 23:03:29 GMT
POST H2	200	view googleads4.g.doubleclick.net/pcs/ Frame B209	0 60 B	45ms 44ms	Ping image/gif	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssV7ZoR0NBchy2z7bL5Ad6uVzLCjMQLSKsKslS00dI4tzWktJbvio63pv2-eF3zB1TtRSbh70-rIRnROomPaNMFPiccalmL8DZUO8wLYrMUQB6g7L495lE_iLAy70CARCwjRWAUhznxpI5xys_pIVAOse7uz4_qMQGmWRxsGGPJCRsckWS_qrtyuBMz71XqUnt10ZLxLS1FPLm80qlwkwcHX-hhBQwgfhzh8Rlc7MGXH9LODbrnwq71gLSHJU3CDVixJpGz9Pf_ass2epAlkm0qOu10hcrWz_CcV2bxZLrtlMchsppIZLv-M2q-dxk8mWipq4qdvhSbbVUjwPXRHbPEtMuFeOn43VSHfT-By0oOQO9Q5PKwzKQBI6DcCH8BBu1URyuYDnxLcTNPHlLOZ4Sw7xl4sY2wI6Qlnrvb-2XvDWb41G43n7PSV4-w6MxGmuWJhcNypmkNrQ2N3vx_XYOkG-uzrnBmijfSWwjhnF7FdYWWTUDTIMQ_ihBPW6-L04K3OY-uomMaDkXQKd34sKdwUM_Ns9nAUdwE3MkzUBa3ov1_IQmeOwqwpoB8QmCBTqwL8gsf5bzRDoPt4xYzsfprQ3Ls6ioVQjfsdkuGGlPPCsopqCIBe-uxb31ToVY1R2gKEh33GHKK5x8ZCQRB63UQp7OWl9KQLxRrIlQjnDV4l7wfFZjLIT8O-HJkETjnaaT53g5L1GQ1PMZ-y6lZpvpzmEciBu2vSfQNbelALPNcHUWSc6Y9ECh1QG_ajCjWOn3EinEMM80eumyg6Nd0KPCZHrJQtdAOIrnLnexLqiQsOb3icp8JmIZYxdl6EPWTCn6MTSX2COu9oZIGs0a5ExcYQ_49KNLJgUcDlXnmNlksZscMo11nwYeYRQSqgVvp2frBl5hWj_sxjBWalnwv0s2-A6gAXgGRwxrmK5Kx5Q4Srg6PSOUkgLZy0DJcyH1JavR24WrfcGCAUBAZBUbSHZjvVXj9q-wyyQIBpStEkXg6_mbfQerruXZMIxxJyVLAfQpZb2xyjD71AdFRDcLLHq1tzvXG6-3LFbq_W1AwJRFEaRzSxd4smL4OUIIVDNmpRJvUcxLYoC4K8bgFOC7sR0KY1uW-NTNXKxPJVwxmplqgWKum8hteERsRBuPG89sFNrheBVlaW22_v3evtfMqNUS5SuqNUeRpdVLrjLXWxjT1CHQoycynEMRBbfDl4HPYCJZZvAQjXkVh5RcPCV_yx1XqWubmFaCOd0X93g&sai=AMfl-YRyJoY_bA6wWgo5LNw9yRTQ2B7E_vfoeo41V-5kDGq0YBLmdVJF4KC02vXNBzrlX4p5ADExQDbgc7_2p6n5hMJDIc0zP3nWRWKFDXiXv3FFuSCu63HXDaOu0jC8AuVFPZqLOlHneAmfYC_oV5nuAEuRiqSCYw&sig=Cg0ArKJSzGqyC8nP8H4NEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=465&vt=11&dtpt=86&dett=3&cstd=372&cisv=r20211108.63721&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl= Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Thu, 11 Nov 2021 09:16:44 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame 3A8B	7 KB 5 KB	26ms 26ms	XHR application/json	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_247.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 280913e7aeeec857748e3d2894a59671eece0b1f8ed43248d7ec5cacab3d9e9a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers timing-allow-origin * date Thu, 11 Nov 2021 09:16:44 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5266 x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame 3A8B	17 KB 6 KB	19ms 19ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_247.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:44 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1624308425655142" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6467 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" expires Thu, 11 Nov 2021 09:16:44 GMT
GET H2	200	NTNWKiBL7yBOt2fj16hs5kaKxvBgsSqcFBAD4a9zqo0.js Show response pagead2.googlesyndication.com/bg/ Frame 60BA	35 KB 13 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/NTNWKiBL7yBOt2fj16hs5kaKxvBgsSqcFBAD4a9zqo0.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3533562a204bef204eb767e3d7a86ce6468ac6f060b12a9c141003e1af73aa8d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 12:16:50 GMT content-encoding br x-content-type-options nosniff age 75594 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13531 x-xss-protection 0 last-modified Wed, 03 Nov 2021 08:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 10 Nov 2022 12:16:50 GMT
GET H2	200	container.html Show response 2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 715B	6 KB 3 KB	7ms 7ms	Document text/html	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin * content-length 3108 date Thu, 11 Nov 2021 09:16:42 GMT expires Fri, 11 Nov 2022 09:16:42 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 2 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 6D49	640 B 363 B	27ms 26ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARj227-6ATAB&v=APEucNXTFzeBXF94H9ryU-bjti548w-YlPlg-cZtg7FXzFAm1eS976gfHGnfzuCLMpXfIe54FNjaGX32xJRo66ukEAcyNBToPcYRHCuaQYhLbLz_0y5ka_2zhoFSPqRrnNdhU1WIfJ4xN8vzaq609dcqbwMjhygetfnofH3dKNqP790okImf9ik Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Thu, 11 Nov 2021 09:16:44 GMT server cafe cache-control private content-length 295 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 832F	72 KB 30 KB	50ms 50ms	Script text/javascript	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BWjl5y2nlO0xkA5lsXma9r5PGOHy4NW_qUsrzQ4ZHo6mKoSwYU6ZDWDxt9LdaL_5nrXLnWzosS0Nbm_SYLC-DE_Q12r4qn09ROH5HGVuaLuVFwzROcY7vY27a6ROf0xU8_XURkJvreRcJhTzgDMy9Ep1mG0A&dbm_d=AKAmf-APnQ9PghDId8g7HhVCR1iz1msvV_qXdhEYVC--ybTaa0AjB1iejMOmQXpzEg_Wa1HanxS0SKYe7KLsJBNPPKJXoYQuvDu0R7fJyPsax5n4Jk-N_UUTBVhDn3nZbO1ZabyBl_wzX1JdUMl3FPBA-jZjNZQKy8UkvxBuwcFKbfL8M3FPv5tOcuYIxXZMrY39EjQuvN7uRU5BQ5EBwZpku050SU7QcB0oWL4MEOTKs7qf6zUIhuJ5GKsE8s8jpe_AtpdeERnXxHN6nygpLoN8qmBxm78unAcrtCymZF1YVAtBgDkCo2wNcnJKY9RnpTe29yBb1Rl5xRp5ff6ys-8Xm2N6m8FXkH8kefRoO-0dZaAFA7i8wdL0Mv1Gmlt9xq8CNa5lIKraKysUt6Xszq1LN3ytaWJzTz_gpxK5n-B05Yel9dRjFLq0Or_QTb3Zj5UbN7PgonOCzNUmynko3yde4kWg9M0wDUXwjkS_bCD89GY8CGJt52Th36eU1AC4hMqYB9kBlWpOekGuutKjmf0mcAf7Fz1T1NEGbn8dpZN_NEca1ACDdM4C5XXS3peItc4EL9unBoqoK8ZtU-HfTEWDqT_-Ki9zTS2MaUFyMvXesArZYryDelQEV7Dfj2f2PG_e6BikNGsnPiMcgR2eyNfhBKFWg4jfKWdpyIrdUGOKC9Clsy4H84p9AEoxWd4wnes0b9llU5mj2ephISA02KyOZf5UIpVyd1FiRdJcs-XT3GLomSPq8wgJjz35qOZmMnFWpvT9PgBsk2l5Lrugd8z-l60sINkXxybSNRImTMKOX8Dh5SdCMO3Cl_jX53NoG0tbWRvLxd5fMUzu10Wui2oD5UflApPSF0EESKQoLckTveB4Mo8TStAK-Tc9gZKT75if5RXYw8V2X2E_uVnIwndYi1ZDxJ1JCyqzSunTai-qK4s3jZP1g375SArG3QxFm3T7fpNY0dsX4l_aJOw84_gbfiIn0tmhjnLxeDyRolyTbutgD5zjiUbFsYD1R1yQWeXvy9C1PPqxTvvvN0neabe84KYN4SMARsPYHhfpGMx1Nz9zGn-8KmZ4a7LWbqaDx1BMvz3cQdLRg4DxOwEh20gJ9S60xddfAWwRqqGSqdeB-r7XBdax0tlHGHCL58Z9kur0XcvoKj35iEx-dNIFgZ6epUalZVUe8ZkUwsAcohnhQjk0J-0DahD2PlRoJer30OsxDK7Bg3gIAkXM5cds2H2TCkXiv53HM8OlMT70R54dcOLw8MwNC738mIq9D3qcVNNxwB6vkLfllgbp3z0sKLmmPUJugJV6QX9ba4VzdZcNV8OwcGnS5p-zqM9QJSV5a62efX4lMy4ugzFAe9zCxszPG9ZjcLcdw1WY5Xo_YG7GzsqlTw5K1_BsIvoo-_RmMhheoGO-0dOibmN3Ev77YRQSKep5jTi0wrT-7G8KbakHyo91jSVuyMXKQXDeJaMmotMaMW65cz53DZa7LVEYPPtROQ5jRQBsQbL8oe3cDlWCcZyk2h_Y8lud80EovGZShjecYE0ViQwR4FmOC-qmjWHR6no-vQZv5cPM909dlnWVgnr2qCnJyE2_c6nkHPWCgIVrkYolyE4FlNIrGAc5U2EiEclyi6-opZ_Y9hxRo6cfe5aPJs2zBxcMtHtAnq01LV3awrLS_KnJos3JHw1JO-Zjei_Y2wAAJzlstgM15i0hhJWvnSFPPwQoa6uJtt070dLMAvHgFrILBmtRIxLYs2Aw27gp3FKL8UfGwb0TxZRGorY-BCd7njkHOx8h86Fr3oPgWpYvpZjMuKJWJsfNpYAaAPds4QTAhkYsoXq13_wdOCiy_m8agHUVTyaZqKi6rKLzIldV_DAZltBjmVczxeONVcbUwV2Zx6x2K981bpJuYlW5_dhrKIkMJEDcNUq5hlavYeUQW73BSuRn5vI8F0jTAyGsy9BP8a1NxUQCg5VSE452M_kjY5Ob047sjTVWuPa-fi84Emgt5QLOnKTHngcVy-qeYvaX-o3aL2mbW8Zi5Hmh15Vgf24kbmkcMy1lkT7VR4DsaAlF0IIKIufJm957wjVwo-JOgUlCPsjTVN0YtVj5yMlgvdOd3VvmNEA3vzQ2X0rYBQoSRvq43CuKSZyxR7ERwp0NhlSpM2KQPI35pEJf2Y6vMfYQtbqgk7VLLRnhUg2ah5Nca6_5NVtVM6uWLrS5W9tmMWX6M4JWDAv-cwa6fC9Qx3U_AMBSDgOhIMtUr1EJPjeaPfxzuc0Di9rIo4hx-f6N0NfjEbeWCgRTZuNQnXi_O49rlvwKyS0P8yhpEiG8tQJWtYfwMo03ACy9vVj70EXJa90w-lgD2BvatZJ6JMd5LK65taZbKsVUynwvESwd9WlvK8ZzT4a1zM8UWERh0NmKPS7652FuRuEYxeHe9gD7cAdfpfg2qcZdxnhvqPISFVBL8oQSxGR4RjZGkf9c5VZBdL2tkdaUyjisUa7yfumz7mou0LTo1ugw32O6gprmITd1f2qogRr1NAfaSQkMmT-BDoyNk8bnuYJ6BgpzS5qPSs5f1ndGlZyuuMnkFuTsliWP88TNug1F6RiOj5jYZFwVru_HSpvfUN40Ys_IMvNjNJPe0fdl53mKUE0kCImONhzGPrVVrEx4uCmqd48J9FbX1KRnRdl71cBZawmeho3WtC8vEEP8ku_rJUhNxrbxVgME9L6gF5x8BQiVlRZkct3_1RzNwralqnWQDPDWrf2k90lrIyx6OM7YuvMgqhwOU2ZbSA24y_yna1K-Ndja53trrV-q3k0Lj7yQ8qGNnoVHGp6nSNhHzOaLS-aKbn-nwqjrCPwJL1rV-HlPly8u7xYNyl4q4sOnzTWKacFA772Kh3GuAqNYUyolySTeEBCALeF8tWskjS4-VO231vlTZaIwgiyncEM-hjVo_q_v-97NojSsP7NyyfSFbxruBd_g_bML68rbFyMVHCTRNHMiBP7Pby-Td8X9kJx1hjBpARhlgqubOMDlj-rUCqPyiNAAVq9sGSFOUAQ3bD7bh2Ex06ereJx7cy4JlbpoTrp452STyQF2DUETVtp7T0_cz45Agodg8bAbWXVcQDfA6qidwQ9jBCBWjP4pWRKBzQpN71FAGD1SS54VfqJjG54F_TL1CyOvqFj-BOvX3Vsd_zS-xP4txA&cid=CAASEuRo-WauCMsnl21oZRrY-3FOfA&rfl=2%2Chttps%253A%252F%252Flivehd7.vip%252F%240 Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b25b9093661528e386735cb8c6c9dd8e4cc8145147bb291ea653c12a099327ae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:16:44 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 31089 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 832F	2 KB 1 KB	13ms 12ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/window_focus_fy2019.js Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9bc961b22032cf0f2172453970fa236676981a171bb2b46dae5cde1de946aab2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:15:11 GMT content-encoding gzip x-content-type-options nosniff age 93 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1337 x-xss-protection 0 server cafe etag 17605089983984592854 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 25 Nov 2021 09:15:11 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 832F	119 KB 36 KB	33ms 32ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:44 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37119 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1636547677202025" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Thu, 11 Nov 2021 09:16:44 GMT
GET H2	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 832F	15 KB 6 KB	13ms 13ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/qs_click_protection_fy2019.js Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9dcc85f59fe0fea452da8e3af9bc354752364edc4d6a32d5c2f875e174fb2c06 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:13:38 GMT content-encoding gzip x-content-type-options nosniff age 186 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6461 x-xss-protection 0 server cafe etag 1157727964977547826 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 25 Nov 2021 09:13:38 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame 832F	0 0	19ms 19ms	Image text/html	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaStjlv3cpmQzu2XY68OykgdBpw6tne526m0P9mWc-zzFXUtjPMpPrHGtdh_YKh3WUwqXIR6JvObAC40hlAwYew4SN7Ogg Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers
GET H2	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 832F	42 B 107 B	46ms 46ms	Image image/gif	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AWyr3Y0kSrTI9ylo74IjU9_WUW7vJuFp5h2CgSVEszuD4C-RVmivpUiZ2phPAMC2f1KivjaAlQ-Q0Niyt3JWw6vfG-dwjbv-LW8d4hydXBMjtlPt4 Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:16:44 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sd us-u.openx.net/w/1.0/ Frame 6D49 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO4laFtxEDsAtXotUJ-ZCb4&google_cver=1 https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEO4laFtxEDsAtXotUJ-ZCb4&google_cver=1	43 B 180 B	22ms 22ms	Image image/gif	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEO4laFtxEDsAtXotUJ-ZCb4&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARj227-6ATAB&v=APEucNXTFzeBXF94H9ryU-bjti548w-YlPlg-cZtg7FXzFAm1eS976gfHGnfzuCLMpXfIe54FNjaGX32xJRo66ukEAcyNBToPcYRHCuaQYhLbLz_0y5ka_2zhoFSPqRrnNdhU1WIfJ4xN8vzaq609dcqbwMjhygetfnofH3dKNqP790okImf9ik Protocol H2 Server 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/16.218.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:16:44 GMT via 1.1 google server OXGW/16.218.0 vary Accept p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache content-type image/gif alt-svc clear content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers location https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEO4laFtxEDsAtXotUJ-ZCb4&google_cver=1 date Thu, 11 Nov 2021 09:16:44 GMT via 1.1 google server OXGW/16.218.0 alt-svc clear content-length 0 p3p CP="CUR ADM OUR NOR STA NID"
GET H3	200	pixel cm.g.doubleclick.net/ Frame 6D49 Redirect Chain https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZGE5YTY2N2EtMWUwZS0yNWI2LWQ2YWQtY2Q2YzA0NjE0MGQw	170 B 188 B	24ms 24ms	Image image/png	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZGE5YTY2N2EtMWUwZS0yNWI2LWQ2YWQtY2Q2YzA0NjE0MGQw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARj227-6ATAB&v=APEucNXTFzeBXF94H9ryU-bjti548w-YlPlg-cZtg7FXzFAm1eS976gfHGnfzuCLMpXfIe54FNjaGX32xJRo66ukEAcyNBToPcYRHCuaQYhLbLz_0y5ka_2zhoFSPqRrnNdhU1WIfJ4xN8vzaq609dcqbwMjhygetfnofH3dKNqP790okImf9ik Protocol H3 Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:16:45 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Thu, 11 Nov 2021 09:16:45 GMT content-encoding gzip server OXGW/16.218.0 vary Accept, Accept-Encoding p3p CP="CUR ADM OUR NOR STA NID" location https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZGE5YTY2N2EtMWUwZS0yNWI2LWQ2YWQtY2Q2YzA0NjE0MGQw content-type image/gif alt-svc clear content-length 0 via 1.1 google
GET H2	200	um sync.teads.tv/ Frame 6D49 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm https://sync.teads.tv/um?eid=3&uid=CAESELZJSxuVu6Y4Il5XFIbvm4c&google_cver=1	23 B 172 B	97ms 43ms	Image image/gif	104.111.242.245 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.teads.tv/um?eid=3&uid=CAESELZJSxuVu6Y4Il5XFIbvm4c&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARj227-6ATAB&v=APEucNXTFzeBXF94H9ryU-bjti548w-YlPlg-cZtg7FXzFAm1eS976gfHGnfzuCLMpXfIe54FNjaGX32xJRo66ukEAcyNBToPcYRHCuaQYhLbLz_0y5ka_2zhoFSPqRrnNdhU1WIfJ4xN8vzaq609dcqbwMjhygetfnofH3dKNqP790okImf9ik Protocol H2 Server 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-242-245.deploy.static.akamaitechnologies.com Software akka-http/10.2.6 / Resource Hash 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:16:44 GMT cache-control max-age=0, no-cache, no-store expires Thu, 11 Nov 2021 09:16:44 GMT server akka-http/10.2.6 content-length 23 content-type image/gif Redirect headers pragma no-cache date Thu, 11 Nov 2021 09:16:44 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://sync.teads.tv/um?eid=3&uid=CAESELZJSxuVu6Y4Il5XFIbvm4c&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 281 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	um sync.teads.tv/ Frame 6D49	23 B 172 B	126ms 44ms	Image image/gif	104.111.242.245 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARj227-6ATAB&v=APEucNXTFzeBXF94H9ryU-bjti548w-YlPlg-cZtg7FXzFAm1eS976gfHGnfzuCLMpXfIe54FNjaGX32xJRo66ukEAcyNBToPcYRHCuaQYhLbLz_0y5ka_2zhoFSPqRrnNdhU1WIfJ4xN8vzaq609dcqbwMjhygetfnofH3dKNqP790okImf9ik Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-242-245.deploy.static.akamaitechnologies.com Software akka-http/10.2.6 / Resource Hash 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:16:44 GMT cache-control max-age=0, no-cache, no-store expires Thu, 11 Nov 2021 09:16:44 GMT server akka-http/10.2.6 content-length 23 content-type image/gif
GET H2	200	html_inpage_rendering_lib_200_275.js Show response s0.2mdn.net/879366/ Frame 832F	169 KB 59 KB	10ms 10ms	Script text/javascript	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/ Origin https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 00:41:16 GMT content-encoding gzip x-content-type-options nosniff age 30928 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 60173 x-xss-protection 0 last-modified Mon, 27 Sep 2021 18:44:51 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 12 Nov 2021 00:41:16 GMT
GET H2	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/elements/html/ Frame 832F	8 KB 3 KB	9ms 9ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BWjl5y2nlO0xkA5lsXma9r5PGOHy4NW_qUsrzQ4ZHo6mKoSwYU6ZDWDxt9LdaL_5nrXLnWzosS0Nbm_SYLC-DE_Q12r4qn09ROH5HGVuaLuVFwzROcY7vY27a6ROf0xU8_XURkJvreRcJhTzgDMy9Ep1mG0A&dbm_d=AKAmf-APnQ9PghDId8g7HhVCR1iz1msvV_qXdhEYVC--ybTaa0AjB1iejMOmQXpzEg_Wa1HanxS0SKYe7KLsJBNPPKJXoYQuvDu0R7fJyPsax5n4Jk-N_UUTBVhDn3nZbO1ZabyBl_wzX1JdUMl3FPBA-jZjNZQKy8UkvxBuwcFKbfL8M3FPv5tOcuYIxXZMrY39EjQuvN7uRU5BQ5EBwZpku050SU7QcB0oWL4MEOTKs7qf6zUIhuJ5GKsE8s8jpe_AtpdeERnXxHN6nygpLoN8qmBxm78unAcrtCymZF1YVAtBgDkCo2wNcnJKY9RnpTe29yBb1Rl5xRp5ff6ys-8Xm2N6m8FXkH8kefRoO-0dZaAFA7i8wdL0Mv1Gmlt9xq8CNa5lIKraKysUt6Xszq1LN3ytaWJzTz_gpxK5n-B05Yel9dRjFLq0Or_QTb3Zj5UbN7PgonOCzNUmynko3yde4kWg9M0wDUXwjkS_bCD89GY8CGJt52Th36eU1AC4hMqYB9kBlWpOekGuutKjmf0mcAf7Fz1T1NEGbn8dpZN_NEca1ACDdM4C5XXS3peItc4EL9unBoqoK8ZtU-HfTEWDqT_-Ki9zTS2MaUFyMvXesArZYryDelQEV7Dfj2f2PG_e6BikNGsnPiMcgR2eyNfhBKFWg4jfKWdpyIrdUGOKC9Clsy4H84p9AEoxWd4wnes0b9llU5mj2ephISA02KyOZf5UIpVyd1FiRdJcs-XT3GLomSPq8wgJjz35qOZmMnFWpvT9PgBsk2l5Lrugd8z-l60sINkXxybSNRImTMKOX8Dh5SdCMO3Cl_jX53NoG0tbWRvLxd5fMUzu10Wui2oD5UflApPSF0EESKQoLckTveB4Mo8TStAK-Tc9gZKT75if5RXYw8V2X2E_uVnIwndYi1ZDxJ1JCyqzSunTai-qK4s3jZP1g375SArG3QxFm3T7fpNY0dsX4l_aJOw84_gbfiIn0tmhjnLxeDyRolyTbutgD5zjiUbFsYD1R1yQWeXvy9C1PPqxTvvvN0neabe84KYN4SMARsPYHhfpGMx1Nz9zGn-8KmZ4a7LWbqaDx1BMvz3cQdLRg4DxOwEh20gJ9S60xddfAWwRqqGSqdeB-r7XBdax0tlHGHCL58Z9kur0XcvoKj35iEx-dNIFgZ6epUalZVUe8ZkUwsAcohnhQjk0J-0DahD2PlRoJer30OsxDK7Bg3gIAkXM5cds2H2TCkXiv53HM8OlMT70R54dcOLw8MwNC738mIq9D3qcVNNxwB6vkLfllgbp3z0sKLmmPUJugJV6QX9ba4VzdZcNV8OwcGnS5p-zqM9QJSV5a62efX4lMy4ugzFAe9zCxszPG9ZjcLcdw1WY5Xo_YG7GzsqlTw5K1_BsIvoo-_RmMhheoGO-0dOibmN3Ev77YRQSKep5jTi0wrT-7G8KbakHyo91jSVuyMXKQXDeJaMmotMaMW65cz53DZa7LVEYPPtROQ5jRQBsQbL8oe3cDlWCcZyk2h_Y8lud80EovGZShjecYE0ViQwR4FmOC-qmjWHR6no-vQZv5cPM909dlnWVgnr2qCnJyE2_c6nkHPWCgIVrkYolyE4FlNIrGAc5U2EiEclyi6-opZ_Y9hxRo6cfe5aPJs2zBxcMtHtAnq01LV3awrLS_KnJos3JHw1JO-Zjei_Y2wAAJzlstgM15i0hhJWvnSFPPwQoa6uJtt070dLMAvHgFrILBmtRIxLYs2Aw27gp3FKL8UfGwb0TxZRGorY-BCd7njkHOx8h86Fr3oPgWpYvpZjMuKJWJsfNpYAaAPds4QTAhkYsoXq13_wdOCiy_m8agHUVTyaZqKi6rKLzIldV_DAZltBjmVczxeONVcbUwV2Zx6x2K981bpJuYlW5_dhrKIkMJEDcNUq5hlavYeUQW73BSuRn5vI8F0jTAyGsy9BP8a1NxUQCg5VSE452M_kjY5Ob047sjTVWuPa-fi84Emgt5QLOnKTHngcVy-qeYvaX-o3aL2mbW8Zi5Hmh15Vgf24kbmkcMy1lkT7VR4DsaAlF0IIKIufJm957wjVwo-JOgUlCPsjTVN0YtVj5yMlgvdOd3VvmNEA3vzQ2X0rYBQoSRvq43CuKSZyxR7ERwp0NhlSpM2KQPI35pEJf2Y6vMfYQtbqgk7VLLRnhUg2ah5Nca6_5NVtVM6uWLrS5W9tmMWX6M4JWDAv-cwa6fC9Qx3U_AMBSDgOhIMtUr1EJPjeaPfxzuc0Di9rIo4hx-f6N0NfjEbeWCgRTZuNQnXi_O49rlvwKyS0P8yhpEiG8tQJWtYfwMo03ACy9vVj70EXJa90w-lgD2BvatZJ6JMd5LK65taZbKsVUynwvESwd9WlvK8ZzT4a1zM8UWERh0NmKPS7652FuRuEYxeHe9gD7cAdfpfg2qcZdxnhvqPISFVBL8oQSxGR4RjZGkf9c5VZBdL2tkdaUyjisUa7yfumz7mou0LTo1ugw32O6gprmITd1f2qogRr1NAfaSQkMmT-BDoyNk8bnuYJ6BgpzS5qPSs5f1ndGlZyuuMnkFuTsliWP88TNug1F6RiOj5jYZFwVru_HSpvfUN40Ys_IMvNjNJPe0fdl53mKUE0kCImONhzGPrVVrEx4uCmqd48J9FbX1KRnRdl71cBZawmeho3WtC8vEEP8ku_rJUhNxrbxVgME9L6gF5x8BQiVlRZkct3_1RzNwralqnWQDPDWrf2k90lrIyx6OM7YuvMgqhwOU2ZbSA24y_yna1K-Ndja53trrV-q3k0Lj7yQ8qGNnoVHGp6nSNhHzOaLS-aKbn-nwqjrCPwJL1rV-HlPly8u7xYNyl4q4sOnzTWKacFA772Kh3GuAqNYUyolySTeEBCALeF8tWskjS4-VO231vlTZaIwgiyncEM-hjVo_q_v-97NojSsP7NyyfSFbxruBd_g_bML68rbFyMVHCTRNHMiBP7Pby-Td8X9kJx1hjBpARhlgqubOMDlj-rUCqPyiNAAVq9sGSFOUAQ3bD7bh2Ex06ereJx7cy4JlbpoTrp452STyQF2DUETVtp7T0_cz45Agodg8bAbWXVcQDfA6qidwQ9jBCBWjP4pWRKBzQpN71FAGD1SS54VfqJjG54F_TL1CyOvqFj-BOvX3Vsd_zS-xP4txA&cid=CAASEuRo-WauCMsnl21oZRrY-3FOfA&rfl=2%2Chttps%253A%252F%252Flivehd7.vip%252F%240 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:14:14 GMT content-encoding gzip x-content-type-options nosniff age 150 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3140 x-xss-protection 0 server cafe etag 17163059639670574047 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 25 Nov 2021 09:14:14 GMT
GET H2	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/ Frame 832F	24 KB 9 KB	9ms 8ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BWjl5y2nlO0xkA5lsXma9r5PGOHy4NW_qUsrzQ4ZHo6mKoSwYU6ZDWDxt9LdaL_5nrXLnWzosS0Nbm_SYLC-DE_Q12r4qn09ROH5HGVuaLuVFwzROcY7vY27a6ROf0xU8_XURkJvreRcJhTzgDMy9Ep1mG0A&dbm_d=AKAmf-APnQ9PghDId8g7HhVCR1iz1msvV_qXdhEYVC--ybTaa0AjB1iejMOmQXpzEg_Wa1HanxS0SKYe7KLsJBNPPKJXoYQuvDu0R7fJyPsax5n4Jk-N_UUTBVhDn3nZbO1ZabyBl_wzX1JdUMl3FPBA-jZjNZQKy8UkvxBuwcFKbfL8M3FPv5tOcuYIxXZMrY39EjQuvN7uRU5BQ5EBwZpku050SU7QcB0oWL4MEOTKs7qf6zUIhuJ5GKsE8s8jpe_AtpdeERnXxHN6nygpLoN8qmBxm78unAcrtCymZF1YVAtBgDkCo2wNcnJKY9RnpTe29yBb1Rl5xRp5ff6ys-8Xm2N6m8FXkH8kefRoO-0dZaAFA7i8wdL0Mv1Gmlt9xq8CNa5lIKraKysUt6Xszq1LN3ytaWJzTz_gpxK5n-B05Yel9dRjFLq0Or_QTb3Zj5UbN7PgonOCzNUmynko3yde4kWg9M0wDUXwjkS_bCD89GY8CGJt52Th36eU1AC4hMqYB9kBlWpOekGuutKjmf0mcAf7Fz1T1NEGbn8dpZN_NEca1ACDdM4C5XXS3peItc4EL9unBoqoK8ZtU-HfTEWDqT_-Ki9zTS2MaUFyMvXesArZYryDelQEV7Dfj2f2PG_e6BikNGsnPiMcgR2eyNfhBKFWg4jfKWdpyIrdUGOKC9Clsy4H84p9AEoxWd4wnes0b9llU5mj2ephISA02KyOZf5UIpVyd1FiRdJcs-XT3GLomSPq8wgJjz35qOZmMnFWpvT9PgBsk2l5Lrugd8z-l60sINkXxybSNRImTMKOX8Dh5SdCMO3Cl_jX53NoG0tbWRvLxd5fMUzu10Wui2oD5UflApPSF0EESKQoLckTveB4Mo8TStAK-Tc9gZKT75if5RXYw8V2X2E_uVnIwndYi1ZDxJ1JCyqzSunTai-qK4s3jZP1g375SArG3QxFm3T7fpNY0dsX4l_aJOw84_gbfiIn0tmhjnLxeDyRolyTbutgD5zjiUbFsYD1R1yQWeXvy9C1PPqxTvvvN0neabe84KYN4SMARsPYHhfpGMx1Nz9zGn-8KmZ4a7LWbqaDx1BMvz3cQdLRg4DxOwEh20gJ9S60xddfAWwRqqGSqdeB-r7XBdax0tlHGHCL58Z9kur0XcvoKj35iEx-dNIFgZ6epUalZVUe8ZkUwsAcohnhQjk0J-0DahD2PlRoJer30OsxDK7Bg3gIAkXM5cds2H2TCkXiv53HM8OlMT70R54dcOLw8MwNC738mIq9D3qcVNNxwB6vkLfllgbp3z0sKLmmPUJugJV6QX9ba4VzdZcNV8OwcGnS5p-zqM9QJSV5a62efX4lMy4ugzFAe9zCxszPG9ZjcLcdw1WY5Xo_YG7GzsqlTw5K1_BsIvoo-_RmMhheoGO-0dOibmN3Ev77YRQSKep5jTi0wrT-7G8KbakHyo91jSVuyMXKQXDeJaMmotMaMW65cz53DZa7LVEYPPtROQ5jRQBsQbL8oe3cDlWCcZyk2h_Y8lud80EovGZShjecYE0ViQwR4FmOC-qmjWHR6no-vQZv5cPM909dlnWVgnr2qCnJyE2_c6nkHPWCgIVrkYolyE4FlNIrGAc5U2EiEclyi6-opZ_Y9hxRo6cfe5aPJs2zBxcMtHtAnq01LV3awrLS_KnJos3JHw1JO-Zjei_Y2wAAJzlstgM15i0hhJWvnSFPPwQoa6uJtt070dLMAvHgFrILBmtRIxLYs2Aw27gp3FKL8UfGwb0TxZRGorY-BCd7njkHOx8h86Fr3oPgWpYvpZjMuKJWJsfNpYAaAPds4QTAhkYsoXq13_wdOCiy_m8agHUVTyaZqKi6rKLzIldV_DAZltBjmVczxeONVcbUwV2Zx6x2K981bpJuYlW5_dhrKIkMJEDcNUq5hlavYeUQW73BSuRn5vI8F0jTAyGsy9BP8a1NxUQCg5VSE452M_kjY5Ob047sjTVWuPa-fi84Emgt5QLOnKTHngcVy-qeYvaX-o3aL2mbW8Zi5Hmh15Vgf24kbmkcMy1lkT7VR4DsaAlF0IIKIufJm957wjVwo-JOgUlCPsjTVN0YtVj5yMlgvdOd3VvmNEA3vzQ2X0rYBQoSRvq43CuKSZyxR7ERwp0NhlSpM2KQPI35pEJf2Y6vMfYQtbqgk7VLLRnhUg2ah5Nca6_5NVtVM6uWLrS5W9tmMWX6M4JWDAv-cwa6fC9Qx3U_AMBSDgOhIMtUr1EJPjeaPfxzuc0Di9rIo4hx-f6N0NfjEbeWCgRTZuNQnXi_O49rlvwKyS0P8yhpEiG8tQJWtYfwMo03ACy9vVj70EXJa90w-lgD2BvatZJ6JMd5LK65taZbKsVUynwvESwd9WlvK8ZzT4a1zM8UWERh0NmKPS7652FuRuEYxeHe9gD7cAdfpfg2qcZdxnhvqPISFVBL8oQSxGR4RjZGkf9c5VZBdL2tkdaUyjisUa7yfumz7mou0LTo1ugw32O6gprmITd1f2qogRr1NAfaSQkMmT-BDoyNk8bnuYJ6BgpzS5qPSs5f1ndGlZyuuMnkFuTsliWP88TNug1F6RiOj5jYZFwVru_HSpvfUN40Ys_IMvNjNJPe0fdl53mKUE0kCImONhzGPrVVrEx4uCmqd48J9FbX1KRnRdl71cBZawmeho3WtC8vEEP8ku_rJUhNxrbxVgME9L6gF5x8BQiVlRZkct3_1RzNwralqnWQDPDWrf2k90lrIyx6OM7YuvMgqhwOU2ZbSA24y_yna1K-Ndja53trrV-q3k0Lj7yQ8qGNnoVHGp6nSNhHzOaLS-aKbn-nwqjrCPwJL1rV-HlPly8u7xYNyl4q4sOnzTWKacFA772Kh3GuAqNYUyolySTeEBCALeF8tWskjS4-VO231vlTZaIwgiyncEM-hjVo_q_v-97NojSsP7NyyfSFbxruBd_g_bML68rbFyMVHCTRNHMiBP7Pby-Td8X9kJx1hjBpARhlgqubOMDlj-rUCqPyiNAAVq9sGSFOUAQ3bD7bh2Ex06ereJx7cy4JlbpoTrp452STyQF2DUETVtp7T0_cz45Agodg8bAbWXVcQDfA6qidwQ9jBCBWjP4pWRKBzQpN71FAGD1SS54VfqJjG54F_TL1CyOvqFj-BOvX3Vsd_zS-xP4txA&cid=CAASEuRo-WauCMsnl21oZRrY-3FOfA&rfl=2%2Chttps%253A%252F%252Flivehd7.vip%252F%240 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7b0a1683702d854c16cffb91d10f500cf10018eacf0c2b4c939293dea961e1f4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:13:37 GMT content-encoding gzip x-content-type-options nosniff age 187 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9506 x-xss-protection 0 server cafe etag 11173536317444432557 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 25 Nov 2021 09:13:37 GMT
GET H2	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 832F	41 KB 15 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: 2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com URL: https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 00:41:17 GMT content-encoding gzip x-content-type-options nosniff age 117327 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" expires Thu, 10 Nov 2022 00:41:17 GMT
GET H2	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 6B61	1 KB 788 B	7ms 7ms	Document text/html	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: 2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com URL: https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/ Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Wed, 10 Nov 2021 18:26:41 GMT expires Thu, 11 Nov 2021 18:26:41 GMT content-type text/html; charset=UTF-8 etag 48472445140208031 x-content-type-options nosniff content-encoding gzip server cafe content-length 724 x-xss-protection 0 age 53403 cache-control public, max-age=86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET DATA	200 OK	truncated / Frame 832F	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4b55960d7b6129b52ef0e468fecc04218e605770bd916e67e6ded9b7f5115f5a Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Type image/png
GET H2	200	index.html Show response s0.2mdn.net/ads/richmedia/studio/pv2/61947054/20211027065038112/ Frame CE1D	4 KB 1 KB	16ms 16ms	Document text/html	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61947054/20211027065038112/index.html?e=69&leftOffset=0&topOffset=0&c=uY8xh0vRIH&t=1&renderingType=2 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cc7501289a5288c6c1c6335e8051d32d0b645860fc617c4cfb264afcbf9b2fa1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html access-control-allow-origin * cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} timing-allow-origin * content-length 999 date Thu, 11 Nov 2021 09:16:44 GMT expires Fri, 12 Nov 2021 09:16:44 GMT cache-control public, max-age=86400 last-modified Wed, 27 Oct 2021 13:50:38 GMT x-content-type-options nosniff server sffe x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H3	200	view googleads4.g.doubleclick.net/pcs/ Frame 832F	0 24 B	62ms 47ms	Ping image/gif	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssKrK8VACf0Pq1GUK51-2FwQIs1pNH9L6YV1VWtBugRZgmUafR-qn0c-bNsnPXmjKYk4RsusHS76JPQeByKYrUA4_BHzhoVnRxvhuO5_JKARlmvuw041ihTwo6n5VzgwfgEVCdFL95KpLvnBpPyJ-wvIwekSeSrzDIzBV41rfwgZdaEriz_igM7LB3jtli2zPhFZiIqt9veYjFKJ-th2jX-uTZAxw8Sq-y3HXBntglj7wgux041VbSn0sE1PDpdDuM42Q-QjasNDhg6Yzie4UaBHLuTjQGGaQ5SL-_lPBlbHncre-os7CpBraeHaCHteH1O0Taavet8P-3U3JVOGcjNcq8y4Jz2jlABDw2IG13Ctsq5nfo1zhUs5dSTPtZmdqVursx2KeRtGDs4biMkrwHbSaOza0a_aVgL8lNlq16A2vcSIo0j-s3nPzLDpu_oxqEUv0B5w5TdW4aBBjXmza8813R3ylvTh3kgzRH6fHYOubZEVn07CUfqgbKrECAijPhr5YaUfNtyDlUt_Bmc66EKqnSolNRQH2KwAHSND9soqQhnmY60yuGI82W64c7xiTD6OA0qnB2ZeOB9Wr80Mz_3ruYhMn4bwr4onBQ80SKa6kUgLbi3_HjnJ52E41Qpoyn9B4gFlBn0XkVWXk4BoT9mRk4z6uknnXKzQGh4JQnz6uyvrUrsdBHrJs25gIUtLxD9B_skOxbI8gbUraEhBsgLIG8YnQJUyew8wDYCQ4ggTKaB8v5X6uQH3W9YNrijSGRq_kiAQRoV94gnUs0iuML6bGbMkNMly-hQSXYxlTY08rDJultga7hQJlsptzNSgCwd6nvyjh7BxKZLZDD0PBACeSIdPOMPvKp_okWmefl0MttiHmC5udpgvvQowGIjxQE6C-iLLs_qOfEEa6ERawtaWgP1eWnGKwfA5cL-9c_kA7NLIVYXuEgSXIyGSNdHAisUSTYL_y_RWe2StpCrzJf6r32fxszBV0jBGSTTz-r6Z01L3WP-XBZBjdKemXYwmDiHbCO8dBasxFefxltBJxxAE2fwrtqRqwhv0N0wMcV3D9dQuVpsA3Dc9HIy3tJSjOdQV1k7LO-vS0Evt-pFrAWjQGji-6bqWgVF1lGGdbo5FAbES1WaSMA218IVhuCiKUEMSBU2LjaNvHMAnMo3YHjJImZsqNzPWbNY4AlzvqyGRnH_iWPWSCSrfZa376aRmVW25cnbFixaL6lVPNfE2C0iZX_tRznLPJWJ4Q&sai=AMfl-YTCnOIUP2r098ivRETkBWwy4plIKpoQZo7Zm5pvV57fKUjxGUWXVGgqkL36Gpsqns8oOSPjJsueDRBL-j3XuJD7ui3PfwalwVWTXXM1a0qYUmNGZ2Rn7n6m0TupUBZ_wW8-BrdfEC6SBgEGEE56bpzkUhCBuA&sig=Cg0ArKJSzKDdCHfwM9bmEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=60&cbvp=1&cstd=53&cisv=r20211108.29247&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl= Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version date Thu, 11 Nov 2021 09:16:44 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H2	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 783C	22 KB 8 KB	7ms 7ms	Document text/html	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} timing-allow-origin * content-length 8395 date Wed, 10 Nov 2021 00:41:17 GMT expires Thu, 10 Nov 2022 00:41:17 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 117327 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	pixel cm.g.doubleclick.net/ Frame 6B61 Redirect Chain https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJst5uwvPQ7waSmNrUH5h8SAg-dQPwM_GMrY_R... https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVl6ZmZBQUFCWVVZdDIzSg&google_push=AYg5qPJst5uwvPQ7waSmNrUH5h8SAg-dQPwM_GMrY_RfIY3CfWfCetaad1izapUjQH0BQ-3Ot4h7Z6n3polTUYQCRJmGj7j6V8A	170 B 188 B	27ms 27ms	Image image/png	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVl6ZmZBQUFCWVVZdDIzSg&google_push=AYg5qPJst5uwvPQ7waSmNrUH5h8SAg-dQPwM_GMrY_RfIY3CfWfCetaad1izapUjQH0BQ-3Ot4h7Z6n3polTUYQCRJmGj7j6V8A Requested by Host: 2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com URL: https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:16:44 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVl6ZmZBQUFCWVVZdDIzSg&google_push=AYg5qPJst5uwvPQ7waSmNrUH5h8SAg-dQPwM_GMrY_RfIY3CfWfCetaad1izapUjQH0BQ-3Ot4h7Z6n3polTUYQCRJmGj7j6V8A Date Thu, 11 Nov 2021 09:16:44 GMT Server Apache Connection keep-alive Content-Length 390 Content-Type text/html; charset=iso-8859-1
GET H3	200	pixel cm.g.doubleclick.net/ Frame 6B61 Redirect Chain https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE... https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJXSObuFtn4DhOoMSfcyeLI&google_push=AYg5qPKojrOgkwePXUBM8M4lMr4PC6zaGmE1VYqzHvwiiBfa0DkghdPvjg...	170 B 188 B	25ms 24ms	Image image/png	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJXSObuFtn4DhOoMSfcyeLI&google_push=AYg5qPKojrOgkwePXUBM8M4lMr4PC6zaGmE1VYqzHvwiiBfa0DkghdPvjgbMWzZX4ShQaXJsp_9MGAMAACTXQtem4HeDZbR5OfU Requested by Host: 2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com URL: https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:16:44 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Thu, 11 Nov 2021 09:16:44 GMT via 1.1 varnish server Jetty(9.4.35.v20201120) x-timer S1636622204.364767,VS0,VE80 x-served-by cache-cdg20726-CDG x-cache MISS p3p CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM" location https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJXSObuFtn4DhOoMSfcyeLI&google_push=AYg5qPKojrOgkwePXUBM8M4lMr4PC6zaGmE1VYqzHvwiiBfa0DkghdPvjgbMWzZX4ShQaXJsp_9MGAMAACTXQtem4HeDZbR5OfU cache-control no-cache accept-ranges bytes access-control-allow-origin * content-length 0 x-cache-hits 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 6B61 Redirect Chain https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEChPr0nAsNZXJowiNp9f7tQ&google_cver=1&google_push=AYg5qPL6Ij6ckk32exMBZkAgCwSYgvf9G2cGR0PZ_heAsvjpDmfQWRO-wfR2f... https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEChPr0nAsNZXJowiNp9f7tQ&google_cver=1&google_push=AYg5qPL6Ij6ckk32exMBZkAgCwSYgvf9G2cGR0PZ_heAsvjpDmfQWRO-wfR2f... https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=jqVTxAxBi_pGnqkAX04ZWQ&google_push=AYg5qPL6Ij6ckk32exMBZkAgCwSYgvf9G2cGR0PZ_heAsvjpDmfQWRO-wfR2fKYd1U37L0vzoM1aTm3xP...	170 B 188 B	22ms 22ms	Image image/png	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=jqVTxAxBi_pGnqkAX04ZWQ&google_push=AYg5qPL6Ij6ckk32exMBZkAgCwSYgvf9G2cGR0PZ_heAsvjpDmfQWRO-wfR2fKYd1U37L0vzoM1aTm3xPXt_XS10zJBlIiAHknaE Requested by Host: 2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com URL: https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:16:44 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Thu, 11 Nov 2021 09:16:44 GMT Server nginx Vary Accept P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Location https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=jqVTxAxBi_pGnqkAX04ZWQ&google_push=AYg5qPL6Ij6ckk32exMBZkAgCwSYgvf9G2cGR0PZ_heAsvjpDmfQWRO-wfR2fKYd1U37L0vzoM1aTm3xPXt_XS10zJBlIiAHknaE Connection close Content-Type text/plain; charset=utf-8 Content-Length 238
GET		google pix.impdesk.com/csync/ Frame 6B61	0 0
GET		pixel cm.g.doubleclick.net/ Frame 6B61 Redirect Chain https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_cver=1&googl... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_push=AYg5qPKS48pECzd-bnWvgcq2eCXwvC1N9zAo-o2toXi2LKujLZgbe6NjGdm38Py9ZvC0wmaIWs0AKWoI1henx_Zhdi... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_push=AYg5qPKS48pECzd-bnWvgcq2eCXwvC1N9zAo-o2toXi2LKujLZgbe6NjGdm38Py9ZvC0wmaIWs0AKWoI1henx_Zhdi... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_push=AYg5qPKS48pECzd-bnWvgcq2eCXwvC1N9zAo-o2toXi2LKujLZgbe6NjGdm38Py9ZvC0wmaIWs0AKWoI1henx_Zhdi... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_push=AYg5qPKS48pECzd-bnWvgcq2eCXwvC1N9zAo-o2toXi2LKujLZgbe6NjGdm38Py9ZvC0wmaIWs0AKWoI1henx_Zhdi... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_push=AYg5qPKS48pECzd-bnWvgcq2eCXwvC1N9zAo-o2toXi2LKujLZgbe6NjGdm38Py9ZvC0wmaIWs0AKWoI1henx_Zhdi... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_push=AYg5qPKS48pECzd-bnWvgcq2eCXwvC1N9zAo-o2toXi2LKujLZgbe6NjGdm38Py9ZvC0wmaIWs0AKWoI1henx_Zhdi... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_push=AYg5qPKS48pECzd-bnWvgcq2eCXwvC1N9zAo-o2toXi2LKujLZgbe6NjGdm38Py9ZvC0wmaIWs0AKWoI1henx_Zhdi... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_push=AYg5qPKS48pECzd-bnWvgcq2eCXwvC1N9zAo-o2toXi2LKujLZgbe6NjGdm38Py9ZvC0wmaIWs0AKWoI1henx_Zhdi... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_push=AYg5qPKS48pECzd-bnWvgcq2eCXwvC1N9zAo-o2toXi2LKujLZgbe6NjGdm38Py9ZvC0wmaIWs0AKWoI1henx_Zhdi... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_push=AYg5qPKS48pECzd-bnWvgcq2eCXwvC1N9zAo-o2toXi2LKujLZgbe6NjGdm38Py9ZvC0wmaIWs0AKWoI1henx_Zhdi... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_push=AYg5qPKS48pECzd-bnWvgcq2eCXwvC1N9zAo-o2toXi2LKujLZgbe6NjGdm38Py9ZvC0wmaIWs0AKWoI1henx_Zhdi... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_push=AYg5qPKS48pECzd-bnWvgcq2eCXwvC1N9zAo-o2toXi2LKujLZgbe6NjGdm38Py9ZvC0wmaIWs0AKWoI1henx_Zhdi... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_push=AYg5qPKS48pECzd-bnWvgcq2eCXwvC1N9zAo-o2toXi2LKujLZgbe6NjGdm38Py9ZvC0wmaIWs0AKWoI1henx_Zhdi... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_push=AYg5qPKS48pECzd-bnWvgcq2eCXwvC1N9zAo-o2toXi2LKujLZgbe6NjGdm38Py9ZvC0wmaIWs0AKWoI1henx_Zhdi... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_push=AYg5qPKS48pECzd-bnWvgcq2eCXwvC1N9zAo-o2toXi2LKujLZgbe6NjGdm38Py9ZvC0wmaIWs0AKWoI1henx_Zhdi... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_push=AYg5qPKS48pECzd-bnWvgcq2eCXwvC1N9zAo-o2toXi2LKujLZgbe6NjGdm38Py9ZvC0wmaIWs0AKWoI1henx_Zhdi... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_push=AYg5qPKS48pECzd-bnWvgcq2eCXwvC1N9zAo-o2toXi2LKujLZgbe6NjGdm38Py9ZvC0wmaIWs0AKWoI1henx_Zhdi... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_push=AYg5qPKS48pECzd-bnWvgcq2eCXwvC1N9zAo-o2toXi2LKujLZgbe6NjGdm38Py9ZvC0wmaIWs0AKWoI1henx_Zhdi... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_push=AYg5qPKS48pECzd-bnWvgcq2eCXwvC1N9zAo-o2toXi2LKujLZgbe6NjGdm38Py9ZvC0wmaIWs0AKWoI1henx_Zhdi... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_push=AYg5qPKS48pECzd-bnWvgcq2eCXwvC1N9zAo-o2toXi2LKujLZgbe6NjGdm38Py9ZvC0wmaIWs0AKWoI1henx_Zhdi...	0 0
GET H/1.1	200 OK	sync ssbsync.smartadserver.com/api/ Frame 6B61	0 75 B	99ms 17ms	Image text/plain	185.86.137.108 SMARTADSERVER
General Check archive.org Show headers Download Go to Show image Full URL https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEAx1sR7tC8MF3PIYIknQVoM&google_cver=1&google_push=AYg5qPK9_TebcqZrFgn6pbZ4eAbcgIiJVhV8sLUezwUpnN_gXW-ZaxI8mSuBxSGqIdh8gfPEdI0gSr5glxUoL22PZEf2WCrw-Syf Requested by Host: 2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com URL: https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.86.137.108 , France, ASN201081 (SMARTADSERVER, FR), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:43 GMT content-length 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 6B61 Redirect Chain https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJf4FIqYDx4SV2LE6VmXFrw&google_cver=1&google_push=AYg5qPI_l2UdumaiNnAz99bPPHVs6Fa7XdZcTLu5IFwQjkv1jNbyr3LSeuLrHt6pBTPdidazRQ... https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1SSGtDbVVORTJ1RWprLkkya0gwRWtSVVZ4bWpmYXFiZn5B&google_push=AYg5qPI_l2UdumaiNnAz99bPPHVs6Fa7XdZcTLu5IFwQjkv1jNbyr3LSe...	170 B 188 B	25ms 25ms	Image image/png	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1SSGtDbVVORTJ1RWprLkkya0gwRWtSVVZ4bWpmYXFiZn5B&google_push=AYg5qPI_l2UdumaiNnAz99bPPHVs6Fa7XdZcTLu5IFwQjkv1jNbyr3LSeuLrHt6pBTPdidazRQt1jkAdQOCmn1qQG0ZqUxlRaRUK Requested by Host: 2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com URL: https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:16:44 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1SSGtDbVVORTJ1RWprLkkya0gwRWtSVVZ4bWpmYXFiZn5B&google_push=AYg5qPI_l2UdumaiNnAz99bPPHVs6Fa7XdZcTLu5IFwQjkv1jNbyr3LSeuLrHt6pBTPdidazRQt1jkAdQOCmn1qQG0ZqUxlRaRUK date Thu, 11 Nov 2021 09:16:44 GMT server ATS/9.1.0.33 age 0 content-length 0 strict-transport-security max-age=31536000 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame 6B61	0 12 B	15ms 15ms	Image text/html	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I5IVjm9jNiE_D-J_1zd_Py4tvxKQUQBCxkLXhQ5i16eksJwk78tHH989CAEd43GKiuxmehAA Requested by Host: 2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com URL: https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:44 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET H2	200	hp_styles.css s0.2mdn.net/ads/richmedia/studio/pv2/61947054/20211027065038112/ Frame CE1D	3 KB 927 B	14ms 13ms	Stylesheet text/css	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61947054/20211027065038112/hp_styles.css Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61947054/20211027065038112/index.html?e=69&leftOffset=0&topOffset=0&c=uY8xh0vRIH&t=1&renderingType=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 81d554f2080c5ff85db7741a59e31c55b64fa7f1e2e0e42b2c48dc6d611815f5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61947054/20211027065038112/index.html?e=69&leftOffset=0&topOffset=0&c=uY8xh0vRIH&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 23:15:31 GMT content-encoding gzip x-content-type-options nosniff age 36073 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 833 x-xss-protection 0 last-modified Wed, 27 Oct 2021 13:50:38 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/css access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 11 Nov 2021 23:15:31 GMT
GET H2	200	tweenmax_2.1.2_min.js Show response s0.2mdn.net/ads/studio/cached_libs/ Frame CE1D	113 KB 39 KB	18ms 18ms	Script text/javascript	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.1.2_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61947054/20211027065038112/index.html?e=69&leftOffset=0&topOffset=0&c=uY8xh0vRIH&t=1&renderingType=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61947054/20211027065038112/index.html?e=69&leftOffset=0&topOffset=0&c=uY8xh0vRIH&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:44 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39910 x-xss-protection 0 last-modified Mon, 11 Mar 2019 14:29:26 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 11 Nov 2021 09:16:44 GMT
GET H2	200	Enabler_01_247.js Show response s0.2mdn.net/879366/ Frame CE1D	118 KB 40 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/Enabler_01_247.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61947054/20211027065038112/index.html?e=69&leftOffset=0&topOffset=0&c=uY8xh0vRIH&t=1&renderingType=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61947054/20211027065038112/index.html?e=69&leftOffset=0&topOffset=0&c=uY8xh0vRIH&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 15:17:46 GMT content-encoding gzip x-content-type-options nosniff age 64738 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 41099 x-xss-protection 0 last-modified Mon, 27 Sep 2021 18:45:07 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 11 Nov 2021 15:17:46 GMT
GET H2	200	hp_main.js Show response s0.2mdn.net/ads/richmedia/studio/pv2/61947054/20211027065038112/ Frame CE1D	5 KB 1006 B	14ms 14ms	Script text/javascript	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61947054/20211027065038112/hp_main.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61947054/20211027065038112/index.html?e=69&leftOffset=0&topOffset=0&c=uY8xh0vRIH&t=1&renderingType=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 15b8f8934f34b0c8d91f304c45561a5f4f27c84b6ab4629f7b01f775032f1355 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61947054/20211027065038112/index.html?e=69&leftOffset=0&topOffset=0&c=uY8xh0vRIH&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 23:15:31 GMT content-encoding gzip x-content-type-options nosniff age 36073 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 940 x-xss-protection 0 last-modified Wed, 27 Oct 2021 13:50:38 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 11 Nov 2021 23:15:31 GMT
GET H2	200	NTNWKiBL7yBOt2fj16hs5kaKxvBgsSqcFBAD4a9zqo0.js Show response pagead2.googlesyndication.com/bg/ Frame 783C	35 KB 13 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/NTNWKiBL7yBOt2fj16hs5kaKxvBgsSqcFBAD4a9zqo0.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3533562a204bef204eb767e3d7a86ce6468ac6f060b12a9c141003e1af73aa8d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 12:16:50 GMT content-encoding br x-content-type-options nosniff age 75594 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13531 x-xss-protection 0 last-modified Wed, 03 Nov 2021 08:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 10 Nov 2022 12:16:50 GMT
GET H2	200	rtl-logo.png s0.2mdn.net/ads/richmedia/studio/pv2/61947054/20211027065038112/ Frame CE1D	7 KB 7 KB	10ms 9ms	Image image/png	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61947054/20211027065038112/rtl-logo.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61947054/20211027065038112/hp_styles.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5774bdf4e6b2687da595a90319b30b6d04405279ae8059202cc06b310aba44d2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61947054/20211027065038112/hp_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 23:15:31 GMT x-content-type-options nosniff age 36073 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7086 x-xss-protection 0 last-modified Wed, 27 Oct 2021 13:50:38 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 11 Nov 2021 23:15:31 GMT
GET H2	200	bgImg1.jpg s0.2mdn.net/ads/richmedia/studio/pv2/61947054/20211027065038112/ Frame CE1D	32 KB 32 KB	10ms 10ms	Image image/jpeg	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61947054/20211027065038112/bgImg1.jpg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61947054/20211027065038112/hp_styles.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 44f363232e671cb6aff6e0cc3f1d7018f548914b4c8b4bfdc7eba2cac67789fe Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61947054/20211027065038112/hp_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 23:15:31 GMT x-content-type-options nosniff age 36073 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 32294 x-xss-protection 0 last-modified Wed, 27 Oct 2021 13:50:38 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 11 Nov 2021 23:15:31 GMT
GET H2	200	txt_sprite01.png s0.2mdn.net/ads/richmedia/studio/pv2/61947054/20211027065038112/ Frame CE1D	4 KB 4 KB	14ms 14ms	Image image/png	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61947054/20211027065038112/txt_sprite01.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61947054/20211027065038112/hp_styles.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2b2f92fc61b2d1c008e6507cc01f6c8e1897174fe6150eff058f6a3aa4e5fcc7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61947054/20211027065038112/hp_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 23:15:31 GMT x-content-type-options nosniff age 36073 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4175 x-xss-protection 0 last-modified Wed, 27 Oct 2021 13:50:38 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 11 Nov 2021 23:15:31 GMT
GET H2	200	txt_sprite02.png s0.2mdn.net/ads/richmedia/studio/pv2/61947054/20211027065038112/ Frame CE1D	6 KB 6 KB	14ms 14ms	Image image/png	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61947054/20211027065038112/txt_sprite02.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61947054/20211027065038112/hp_styles.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d7dd910aee09cc9e6a36874be439c596fb0dd0125e3f7cd23784ddf7a29777d3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61947054/20211027065038112/hp_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 23:15:31 GMT x-content-type-options nosniff age 36073 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5814 x-xss-protection 0 last-modified Wed, 27 Oct 2021 13:50:38 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 11 Nov 2021 23:15:31 GMT
GET H2	200	cta_01.png s0.2mdn.net/ads/richmedia/studio/pv2/61947054/20211027065038112/ Frame CE1D	2 KB 2 KB	13ms 13ms	Image image/png	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61947054/20211027065038112/cta_01.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61947054/20211027065038112/hp_styles.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fc532b862f1293ba8828145d9590d8cd8728976cb26f6ada4e33ad71adf649b6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61947054/20211027065038112/hp_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 23:15:31 GMT x-content-type-options nosniff age 36073 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2140 x-xss-protection 0 last-modified Wed, 27 Oct 2021 13:50:38 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 11 Nov 2021 23:15:31 GMT
GET H2	200	cta_02.png s0.2mdn.net/ads/richmedia/studio/pv2/61947054/20211027065038112/ Frame CE1D	2 KB 2 KB	15ms 14ms	Image image/png	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61947054/20211027065038112/cta_02.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61947054/20211027065038112/hp_styles.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d31872073e36d062fab678c1339ca6f5de3c14f4d4fffc2ffd7213a3ffa3f1be Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61947054/20211027065038112/hp_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 23:15:31 GMT x-content-type-options nosniff age 36073 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2128 x-xss-protection 0 last-modified Wed, 27 Oct 2021 13:50:38 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 11 Nov 2021 23:15:31 GMT
GET H2	200	logo_ende.png s0.2mdn.net/ads/richmedia/studio/pv2/61947054/20211027065038112/ Frame CE1D	1 KB 1 KB	14ms 14ms	Image image/png	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61947054/20211027065038112/logo_ende.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61947054/20211027065038112/hp_styles.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4a26b5a9ff8a0fedc4429f460f3e206053b84602717713d0b685650575ecfe53 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61947054/20211027065038112/hp_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 23:15:31 GMT x-content-type-options nosniff age 36073 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1107 x-xss-protection 0 last-modified Wed, 27 Oct 2021 13:50:38 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 11 Nov 2021 23:15:31 GMT
POST H3	200	view googleads4.g.doubleclick.net/pcs/ Frame 832F	0 23 B	44ms 44ms	Ping image/gif	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssKrK8VACf0Pq1GUK51-2FwQIs1pNH9L6YV1VWtBugRZgmUafR-qn0c-bNsnPXmjKYk4RsusHS76JPQeByKYrUA4_BHzhoVnRxvhuO5_JKARlmvuw041ihTwo6n5VzgwfgEVCdFL95KpLvnBpPyJ-wvIwekSeSrzDIzBV41rfwgZdaEriz_igM7LB3jtli2zPhFZiIqt9veYjFKJ-th2jX-uTZAxw8Sq-y3HXBntglj7wgux041VbSn0sE1PDpdDuM42Q-QjasNDhg6Yzie4UaBHLuTjQGGaQ5SL-_lPBlbHncre-os7CpBraeHaCHteH1O0Taavet8P-3U3JVOGcjNcq8y4Jz2jlABDw2IG13Ctsq5nfo1zhUs5dSTPtZmdqVursx2KeRtGDs4biMkrwHbSaOza0a_aVgL8lNlq16A2vcSIo0j-s3nPzLDpu_oxqEUv0B5w5TdW4aBBjXmza8813R3ylvTh3kgzRH6fHYOubZEVn07CUfqgbKrECAijPhr5YaUfNtyDlUt_Bmc66EKqnSolNRQH2KwAHSND9soqQhnmY60yuGI82W64c7xiTD6OA0qnB2ZeOB9Wr80Mz_3ruYhMn4bwr4onBQ80SKa6kUgLbi3_HjnJ52E41Qpoyn9B4gFlBn0XkVWXk4BoT9mRk4z6uknnXKzQGh4JQnz6uyvrUrsdBHrJs25gIUtLxD9B_skOxbI8gbUraEhBsgLIG8YnQJUyew8wDYCQ4ggTKaB8v5X6uQH3W9YNrijSGRq_kiAQRoV94gnUs0iuML6bGbMkNMly-hQSXYxlTY08rDJultga7hQJlsptzNSgCwd6nvyjh7BxKZLZDD0PBACeSIdPOMPvKp_okWmefl0MttiHmC5udpgvvQowGIjxQE6C-iLLs_qOfEEa6ERawtaWgP1eWnGKwfA5cL-9c_kA7NLIVYXuEgSXIyGSNdHAisUSTYL_y_RWe2StpCrzJf6r32fxszBV0jBGSTTz-r6Z01L3WP-XBZBjdKemXYwmDiHbCO8dBasxFefxltBJxxAE2fwrtqRqwhv0N0wMcV3D9dQuVpsA3Dc9HIy3tJSjOdQV1k7LO-vS0Evt-pFrAWjQGji-6bqWgVF1lGGdbo5FAbES1WaSMA218IVhuCiKUEMSBU2LjaNvHMAnMo3YHjJImZsqNzPWbNY4AlzvqyGRnH_iWPWSCSrfZa376aRmVW25cnbFixaL6lVPNfE2C0iZX_tRznLPJWJ4Q&sai=AMfl-YTCnOIUP2r098ivRETkBWwy4plIKpoQZo7Zm5pvV57fKUjxGUWXVGgqkL36Gpsqns8oOSPjJsueDRBL-j3XuJD7ui3PfwalwVWTXXM1a0qYUmNGZ2Rn7n6m0TupUBZ_wW8-BrdfEC6SBgEGEE56bpzkUhCBuA&sig=Cg0ArKJSzKDdCHfwM9bmEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=166&vt=11&dtpt=106&dett=3&cstd=53&cisv=r20211108.29247&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl= Requested by Host: livehd7.vip URL: https://livehd7.vip/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Thu, 11 Nov 2021 09:16:44 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame CE1D	7 KB 5 KB	19ms 18ms	XHR application/json	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_247.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash fbd2309df2acee8ff1c9afca4fe51c384398fe6da40de99ba8da29865bf9bbd3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers timing-allow-origin * date Thu, 11 Nov 2021 09:16:44 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5232 x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame CE1D	17 KB 6 KB	31ms 31ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_247.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:16:44 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1624308425655142" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6467 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" expires Thu, 11 Nov 2021 09:16:44 GMT
GET H2	200	NTNWKiBL7yBOt2fj16hs5kaKxvBgsSqcFBAD4a9zqo0.js Show response pagead2.googlesyndication.com/bg/ Frame BE34	35 KB 13 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/NTNWKiBL7yBOt2fj16hs5kaKxvBgsSqcFBAD4a9zqo0.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3533562a204bef204eb767e3d7a86ce6468ac6f060b12a9c141003e1af73aa8d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 12:16:50 GMT content-encoding br x-content-type-options nosniff age 75594 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13531 x-xss-protection 0 last-modified Wed, 03 Nov 2021 08:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 10 Nov 2022 12:16:50 GMT
GET H2	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame B209	42 B 174 B	49ms 48ms	Fetch image/gif	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuFTivw23-vYwS8FBL9kiW12nUcsItvZ3lQQ38bhlgUrmAg2zzLrpcCapM60mNSVt7t1c4eC3W1bWuhfRC3wo5vPPF7LgxCmphBPRaq6DymIJrG4C_dwg&sai=AMfl-YTsoqlXHPSPSCPRumMDUUIf7xwkF3kQuyI5TtQduHt9fyqdZVe-li2bs1Uwayju1WuALgPqMp40tvKyIbGt6XdUU0LyJNhlM3GhbG-wR0bvJMXLiJI4MY8zdJVH&sig=Cg0ArKJSzOIE9tsGEredEAE&cid=CAASEuRox9ymb-FflZTu1Tq5pH_jww&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3569025641&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636622203051&rpt=122&isd=0&lsd=0&met=ce&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:16:44 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 783C	0 56 B	43ms 43ms	Image image/gif	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B5VOmfN-MYbbcC9Wrx_AP37eAsAkAAAAAOAHgBAI&bg=!UFOlUxfNAAYDGbPvAxk7ACkAdvg8WrusIWdmu0VIQcdML4sxffEwsrzF168PHtt72QpucsXb3irE7wIAAAC0UgAAACFoAQeZA1F1A1Y8_P3YA5Frl4DV-aVMI4mITtZWn1ajPJ9ESCuWY51g7SECqqKLMGH0QoSOGj_Bh7Vcu-itv6V-GUKKEiC0U9R8e5XiQa8I8Ppv6Ywn4WyUYXb6DAqn_jKXR9fpK3ftlyAbXnC7Jum3pFlhGFXXCxH0PW62pLY6ePsLlqIzeO1Z0r-Z1qapQ8LBu-QIJZLqYvwOhEJyzhK7CJkxnt-Z6XQdiDVG6oQ_k-IDbJnlL_U22DL4hJHigcdWbHt81BAo8dHdCwMDaHwztkBiX6RiBwQIw-3fP1wdHaYNyjzNZABMnxq5bMKWQ9rAalv_KV4cFsgV-QqMqgfVO8-7tp66ZLjSHlXUSyTKyJgc7B5aaMs__B-Ex2yZJQW5QD2yB98BDegNdgG42ZfinFvkBW_hMp4I9WtEXiIqPefiA8lRfxc27I29sIRkZMCXI4ERrmDLJweyqNIxeTkx_pJK4in0eF_uJY-HSAfM3FpyyRDSTpMAC0zI5jyXoQhFRIexfGn_gg2sC6VPcOye_iMVxQumfe9bgLqVtr8yQ5hcXtbI7IkgH-vy-O3wnOg6Aa5q1tEIVFtt-h5HCvllqAsmwVg8DLiD7gSGZ6b6CNMMolfug50LTilpL_Ru2hT15b1qKF8NezRbtCZLgySs8dKH4MJPj17ZztcMq7D0mkB45sNIQnxKOv5VzPIzhj0VWgAKx1VFEjVOoGjbw3_edDmJJzpUybWCj88TNIGuKEkXYZjsBYxcz-TD2kpt7V-aGgGEJ0KznXLiclktMkiITFzsiD7qItuXqEgTqf4w8wt8VkS3xyyaiwQtrIH2ptieI-QWJhNaL2QV94hxyKVn8WV5FBJ5eZCQp8fGspCYZKTZBmkGxAhr1rvPydIcTsxlRWcW5FcEpyA8pJ4x_d_faI7x-ClkIF2AABLChkiYoWzR7eHCARg4hC_OymovMnZwTUtWmIATerUw_r4RDIfHxq1p_IBDIihRP5Hxp2tixT1yFK5k-P0icr557T5Baesl-hchSAK8xvmsuZeiPq95F0cv5i9z-GQSS6Agk0hGcs4KbOOxdIOCT1Bux-gJKCFclIRvehqnctSXVWYOXjFcJ574ZYYjCkMxwHgDi-PZ4rUNTp5C2TU Requested by Host: 2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com URL: https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:16:44 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
OPTIONS H2	200	json gum.criteo.com/sid/ Frame	0 0	64ms 20ms	Preflight application/json	2a02:2638:1::13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flivehd7.vip%2F&domain=livehd7.vip&cw=1&lsw=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers content-type Origin https://livehd7.vip User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Sec-Fetch-Mode cors Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache content-type application/json; charset=utf-8 expires 0 strict-transport-security max-age=31536000 access-control-allow-origin https://livehd7.vip access-control-allow-headers content-type access-control-allow-credentials true access-control-allow-methods GET server-processing-duration-in-ticks 1368 date Thu, 11 Nov 2021 09:16:45 GMT content-encoding gzip vary Accept-Encoding
GET H2	200	sid Show response mug.criteo.com/ Redirect Chain https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flivehd7.vip%2F&domain=livehd7.vip&cw=1&lsw=1 https://mug.criteo.com/sid?cpp=jbFz23xQb0lZNmkyd05wd3d6bjZaODVmT0RkV1ZNVFR6bjdpb1B1MkEwa2RhZVM1enBrNFhIdmZnVzZ6bTg0ZmhmZEZ2aHNlOWU3Q3doUEhkZnNxUmozY3Y5cXgzUEhNcE1iVG5rMldwTjBtZ0gxQmcyaGZjWEF2c25ScT...	350 B 608 B	50ms 17ms	XHR application/json	178.250.0.157 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=jbFz23xQb0lZNmkyd05wd3d6bjZaODVmT0RkV1ZNVFR6bjdpb1B1MkEwa2RhZVM1enBrNFhIdmZnVzZ6bTg0ZmhmZEZ2aHNlOWU3Q3doUEhkZnNxUmozY3Y5cXgzUEhNcE1iVG5rMldwTjBtZ0gxQmcyaGZjWEF2c25ScTFPV2pYQVh0L1FlNjlJWENINjhHRnpCMUdmYTgwVDNOQkhaWitoMFp4dTQ2SGQ1Z0hEOFYxbi93RWVOcXl1OElxZVVLU1VPK1B1b2k3bWdqVHJPRHI5MlRyNjNnamlrT0lOdlhubk1WS2tjUnh5aFl5ZE1vPXw&cppv=2 Protocol H2 Server 178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash dfdf99d96ef31a2659c10459ba24452df57cbf546ba9db4954fde46a5f1e6059 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://livehd7.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000 content-encoding gzip date Thu, 11 Nov 2021 09:16:45 GMT vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin null cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 2156 expires 0 Redirect headers pragma no-cache strict-transport-security max-age=31536000 date Thu, 11 Nov 2021 09:16:45 GMT location https://mug.criteo.com/sid?cpp=jbFz23xQb0lZNmkyd05wd3d6bjZaODVmT0RkV1ZNVFR6bjdpb1B1MkEwa2RhZVM1enBrNFhIdmZnVzZ6bTg0ZmhmZEZ2aHNlOWU3Q3doUEhkZnNxUmozY3Y5cXgzUEhNcE1iVG5rMldwTjBtZ0gxQmcyaGZjWEF2c25ScTFPV2pYQVh0L1FlNjlJWENINjhHRnpCMUdmYTgwVDNOQkhaWitoMFp4dTQ2SGQ1Z0hEOFYxbi93RWVOcXl1OElxZVVLU1VPK1B1b2k3bWdqVHJPRHI5MlRyNjNnamlrT0lOdlhubk1WS2tjUnh5aFl5ZE1vPXw&cppv=2 access-control-allow-methods GET content-type text/html; charset=utf-8 access-control-allow-origin https://livehd7.vip cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 2245 content-length 482 expires 0
POST H/1.1	200	692.json Show response id5-sync.com/g/v2/	213 B 529 B	46ms 10ms	XHR application/json	51.195.5.234 OVH
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/g/v2/692.json Requested by Host: player.adtcdn.com URL: https://player.adtcdn.com/prebidlink/454617/hb_323303_12149.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.195.5.234 , France, ASN16276 (OVH, FR), Reverse DNS p36.id5-sync.com Software / Resource Hash 52ad977c8ba02f260bb465c3b975fb9a9f89ee2a3bd48ab76867f368cd04a134 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://livehd7.vip/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin https://livehd7.vip Date Thu, 11 Nov 2021 09:16:37 GMT Access-Control-Allow-Credentials true Vary Origin Transfer-Encoding chunked Strict-Transport-Security max-age=63072000; includeSubDomains; preload Content-Type application/json;charset=UTF-8
GET H2	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 832F	42 B 108 B	49ms 48ms	Fetch image/gif	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssjjfUgU2NJ8vPOnjGYc0PY8bXjTeo9Bd_IhWbFddKmUtq93FlRRhxH7ZVHELzVtKlmZd4T9e3VrBwG9r0y3V237BpsPiP-37KJJZTk_8Ut-3_tZQd6eg&sai=AMfl-YTwu6IgoFtLj3XvzR1Xbmu4AXIuI3ODxH50xBwIW4iHP8jHRb0R_rg6OEKlsR3ROl4mcJn01jJuVsz9Pq32XIOQc1TTQASan3GgcDZehOQDFODgGbG39VnQJPdd&sig=Cg0ArKJSzCeCktcZLZ-OEAE&cid=CAASEuRo-WauCMsnl21oZRrY-3FOfA&id=lidar2&mcvt=1001&p=601,-181,641,-140&mtos=982,982,1001,1024,1024&tos=982,0,19,23,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2873352456&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636622203762&rpt=115&isd=0&lsd=0&met=ie&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://2101927cb2276508a27d7b356a7daa89.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:16:46 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
OPTIONS H2	200	sid mug.criteo.com/ Frame	0 0	81ms 18ms	Preflight application/json	178.250.0.157 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=jbFz23xQb0lZNmkyd05wd3d6bjZaODVmT0RkV1ZNVFR6bjdpb1B1MkEwa2RhZVM1enBrNFhIdmZnVzZ6bTg0ZmhmZEZ2aHNlOWU3Q3doUEhkZnNxUmozY3Y5cXgzUEhNcE1iVG5rMldwTjBtZ0gxQmcyaGZjWEF2c25ScTFPV2pYQVh0L1FlNjlJWENINjhHRnpCMUdmYTgwVDNOQkhaWitoMFp4dTQ2SGQ1Z0hEOFYxbi93RWVOcXl1OElxZVVLU1VPK1B1b2k3bWdqVHJPRHI5MlRyNjNnamlrT0lOdlhubk1WS2tjUnh5aFl5ZE1vPXw&cppv=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers content-type Origin null User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Sec-Fetch-Mode cors Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache content-type application/json; charset=utf-8 expires 0 strict-transport-security max-age=31536000 access-control-allow-origin null access-control-allow-headers content-type access-control-allow-credentials true access-control-allow-methods GET server-processing-duration-in-ticks 1028 date Thu, 11 Nov 2021 09:16:45 GMT content-encoding gzip vary Accept-Encoding

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

cm.g.doubleclick.net

URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_push=AYg5qPK1zpWvvuY8XdwX2zPbXFKHFEj01RCAgJKUfyXyWm9oRAYIDkdhdmAtfealmnhisNxVrxxP7OSS8bwuygkvgwBQ5rVJ1vg&google_cver=1

Domain

sync.adtelligent.com

URL

https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=c342ab72-b0f3-4231-8c4e-48b3510c58f1

Domain

sync.adtelligent.com

URL

https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D

Domain

pix.impdesk.com

URL

https://pix.impdesk.com/csync/google?google_gid=CAESEMlQhf6gR2LAO_MPXglSr1U&google_cver=1&google_push=AYg5qPLn7qFBnuat3kRB_f_59WCspzLiDCRuQUfK_oTGzQQ8WGWVtV5tNrjKBwGUulVZIstRiuWp4ThH6I4FLCjzcP5Ifh-flm52

Domain

cm.g.doubleclick.net

URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzfe7TxljIHqFA6n_QHzgAABKoAAAAB&google_push=AYg5qPKS48pECzd-bnWvgcq2eCXwvC1N9zAo-o2toXi2LKujLZgbe6NjGdm38Py9ZvC0wmaIWs0AKWoI1henx_Zhdi2DjCWpupoM&google_gid=CAESEPfwgMJRlWBgb1o7pLq1JGU&google_cver=1