Submitted URL: http://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Effective URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Submission: On July 28 via api from US — Scanned from DE

Summary

This website contacted 43 IPs in 7 countries across 27 domains to perform 221 HTTP transactions. The main IP is 13.225.78.98, located in United States and belongs to AMAZON-02, US. The main domain is dlive.tv. The Cisco Umbrella rank of the primary domain is 142652.
TLS certificate: Issued by Amazon on July 27th 2022. Valid for: a year.
This is the only time dlive.tv was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 61 13.225.78.98 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
14 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
20 13.224.189.97 16509 (AMAZON-02)
10 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
5 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.66 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 13.225.78.65 16509 (AMAZON-02)
11 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
22 18.203.191.36 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:1::2 44788 (ASN-CRITE...)
1 2a02:2638::b 44788 (ASN-CRITE...)
7 13.225.78.7 16509 (AMAZON-02)
3 13.224.189.40 16509 (AMAZON-02)
7 2a02:2638::3 44788 (ASN-CRITE...)
1 178.250.0.160 44788 (ASN-CRITE...)
1 2600:9000:21f... 16509 (AMAZON-02)
1 2620:116:800d... 16509 (AMAZON-02)
1 35.244.174.68 15169 (GOOGLE)
1 35.186.253.211 15169 (GOOGLE)
1 198.47.127.19 62713 (AS-PUBMATIC)
1 1 69.173.144.139 26667 (RUBICONPR...)
3 142.250.186.130 15169 (GOOGLE)
2 2 104.18.19.126 13335 (CLOUDFLAR...)
1 2a05:d01c:1d8... 16509 (AMAZON-02)
5 178.250.0.139 44788 (ASN-CRITE...)
2 178.250.0.162 44788 (ASN-CRITE...)
3 54.187.119.242 16509 (AMAZON-02)
2 13.224.189.59 16509 (AMAZON-02)
1 52.27.131.183 16509 (AMAZON-02)
221 43
Apex Domain
Subdomains
Transfer
83 dlive.tv
dlive.tv — Cisco Umbrella Rank: 142652
graphigo.prd.dlive.tv — Cisco Umbrella Rank: 155858
3 MB
30 dlivecdn.com
images-sihv2.prd.dlivecdn.com — Cisco Umbrella Rank: 823330
images.prd.dlivecdn.com — Cisco Umbrella Rank: 978623
image.dlivecdn.com
1 MB
15 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 123
tpc.googlesyndication.com — Cisco Umbrella Rank: 159
222 KB
15 google.com
www.google.com — Cisco Umbrella Rank: 10
adservice.google.com — Cisco Umbrella Rank: 96
94 KB
14 criteo.net
static.criteo.net — Cisco Umbrella Rank: 615
pix.eu.criteo.net — Cisco Umbrella Rank: 7179
csm.eu.criteo.net — Cisco Umbrella Rank: 7348
29 KB
12 gstatic.com
www.gstatic.com
fonts.gstatic.com
851 KB
10 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 117
googleads.g.doubleclick.net — Cisco Umbrella Rank: 56
cm.g.doubleclick.net — Cisco Umbrella Rank: 205
20 KB
7 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1872
q.stripe.com — Cisco Umbrella Rank: 14306
m.stripe.com — Cisco Umbrella Rank: 1639
81 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
20 KB
5 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 434
firebase.googleapis.com — Cisco Umbrella Rank: 7454
firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 658
126 KB
4 google.de
www.google.de — Cisco Umbrella Rank: 5701
adservice.google.de — Cisco Umbrella Rank: 8252
1 KB
3 criteo.com
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11035
ads.eu.criteo.com — Cisco Umbrella Rank: 7319
cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9222
53 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 2007
18 KB
2 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 460
2 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
501 B
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 125
partner.googleadservices.com — Cisco Umbrella Rank: 873
16 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 155
111 KB
1 innovid.com
ag.innovid.com — Cisco Umbrella Rank: 1431
296 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 333
456 B
1 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 634
166 B
1 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1686
351 B
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 622
98 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1090
463 B
1 imrworldwide.com
secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1409
689 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 181
43 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 93
45 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 226
9 KB
221 27
Domain Requested by
61 dlive.tv 1 redirects dlive.tv
22 graphigo.prd.dlive.tv dlive.tv
20 images-sihv2.prd.dlivecdn.com dlive.tv
14 www.google.com dlive.tv
www.gstatic.com
www.google.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
10 pagead2.googlesyndication.com dlive.tv
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
10 www.gstatic.com www.google.com
www.gstatic.com
7 static.criteo.net ads.eu.criteo.com
7 images.prd.dlivecdn.com dlive.tv
6 googleads.g.doubleclick.net www.googleadservices.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
5 pix.eu.criteo.net ads.eu.criteo.com
5 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 www.google-analytics.com dlive.tv
www.google-analytics.com
3 q.stripe.com dlive.tv
3 cm.g.doubleclick.net googleads.g.doubleclick.net
3 image.dlivecdn.com dlive.tv
3 js.stripe.com dlive.tv
js.stripe.com
3 www.google.de dlive.tv
2 m.stripe.network js.stripe.com
m.stripe.network
2 csm.eu.criteo.net ads.eu.criteo.com
2 ssum-sec.casalemedia.com 2 redirects
2 fonts.gstatic.com www.google.com
2 www.facebook.com dlive.tv
2 firebaseinstallations.googleapis.com dlive.tv
2 firebase.googleapis.com dlive.tv
2 connect.facebook.net dlive.tv
connect.facebook.net
1 m.stripe.com m.stripe.network
1 ag.innovid.com googleads.g.doubleclick.net
1 pixel.rubiconproject.com 1 redirects
1 image6.pubmatic.com googleads.g.doubleclick.net
1 rtb.openx.net googleads.g.doubleclick.net
1 id.rlcdn.com googleads.g.doubleclick.net
1 cms.quantserve.com googleads.g.doubleclick.net
1 secure-gl.imrworldwide.com ads.eu.criteo.com
1 cat.fr.eu.criteo.com ads.eu.criteo.com
1 ads.eu.criteo.com googleads.g.doubleclick.net
1 rtb.nl.eu.criteo.com googleads.g.doubleclick.net
1 www.googletagservices.com googleads.g.doubleclick.net
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googleadservices.com www.googletagmanager.com
1 imasdk.googleapis.com dlive.tv
1 www.googletagmanager.com dlive.tv
1 cdnjs.cloudflare.com dlive.tv
221 45

This site contains links to these domains. Also see Links.

Domain
go.dlive.tv
gettr.com
crowdbunker.com
Subject Issuer Validity Valid
dlive.tv
Amazon
2022-07-27 -
2023-08-25
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-09-21 -
2022-09-20
a year crt.sh
www.google.com
GTS CA 1C3
2022-07-04 -
2022-09-26
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-07-04 -
2022-09-26
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-07-04 -
2022-09-26
3 months crt.sh
*.prd.dlivecdn.com
Amazon
2022-07-15 -
2023-08-13
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-07-04 -
2022-09-26
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-05-06 -
2022-08-04
3 months crt.sh
www.googleadservices.com
GTS CA 1C3
2022-07-04 -
2022-09-26
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-07-04 -
2022-09-26
3 months crt.sh
*.google.com
GTS CA 1C3
2022-07-04 -
2022-09-26
3 months crt.sh
www.google.de
GTS CA 1C3
2022-07-04 -
2022-09-26
3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA
2022-05-20 -
2022-09-25
4 months crt.sh
*.google.de
GTS CA 1C3
2022-07-04 -
2022-09-26
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2022-07-11 -
2022-10-03
3 months crt.sh
*.prd.dlive.tv
Amazon
2022-07-13 -
2023-08-11
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-07-04 -
2022-09-26
3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-05-22 -
2022-08-24
3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-05-27 -
2022-08-25
3 months crt.sh
*.dlivecdn.com
Amazon
2022-06-02 -
2023-07-02
a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-06-21 -
2022-09-23
3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-07-22 -
2022-10-19
3 months crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1
2022-01-04 -
2023-02-03
a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2021-09-22 -
2022-09-21
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2022-02-03 -
2023-02-25
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2021-07-08 -
2022-08-08
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2021-08-04 -
2022-09-04
a year crt.sh
*.innovid.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-03-15 -
2023-04-15
a year crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-06-12 -
2022-09-12
3 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-05-25 -
2022-09-08
4 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1
2022-07-11 -
2022-10-19
3 months crt.sh

This page contains 16 frames:

Primary Page: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Frame ID: C5D34A5E7D5727637BD8EC97DA30E776
Requests: 147 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf5BmkUAAAAAKYk6gV1OzK05pOv99MOQoXSIrgj&co=aHR0cHM6Ly9kbGl2ZS50djo0NDM.&hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=invisible&cb=xxita58r164g
Frame ID: 0161523FFB6084FCB7C450C680E236B8
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf5BmkUAAAAAKYk6gV1OzK05pOv99MOQoXSIrgj&co=aHR0cHM6Ly9kbGl2ZS50djo0NDM.&hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=invisible&cb=ljv6mtholdp1
Frame ID: E35A9BE774067A17C2FE50C239DCC268
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf5BmkUAAAAAKYk6gV1OzK05pOv99MOQoXSIrgj&co=aHR0cHM6Ly9kbGl2ZS50djo0NDM.&hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=invisible&cb=xxita58r164g
Frame ID: E1D5FC4F84F594101EDC641D00E6A044
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf5BmkUAAAAAKYk6gV1OzK05pOv99MOQoXSIrgj&co=aHR0cHM6Ly9kbGl2ZS50djo0NDM.&hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=invisible&cb=ljv6mtholdp1
Frame ID: 4461644745FC5D159961A36E89A298E9
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220726/r20190131/zrt_lookup.html
Frame ID: CDC5151E89943602A26AE5AB81B38ADC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3180252887358576&output=html&h=256&slotname=5715510314&adk=3835943102&adf=2777427726&pi=t.ma~as.5715510314&w=128&lmt=1658991156&rafmt=12&psa=0&format=128x256&url=https%3A%2F%2Fdlive.tv%2FJohnDukeofLancaster%3Fref%3Djohndukeoflancaster%25F0%259F%2593%258C%25F0%259F%2591%2589%2520%2520Pe&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658991156327&bpp=3&bdt=1488&idt=339&shv=r20220726&mjsv=m202207200101&ptt=9&saldr=aa&abxe=1&correlator=2280627204853&frm=20&pv=2&ga_vid=536569996.1658991155&ga_sid=1658991157&ga_hid=199643736&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=60&ady=432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C21066429%2C31060047%2C31067825&oid=2&pvsid=3450251239526917&tmod=1778090356&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nmroB0ocZr&p=https%3A//dlive.tv&dtd=356
Frame ID: 34D569ACD61731D2D135FDC9522E0F17
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3180252887358576&output=html&adk=1812271804&adf=3025194257&lmt=1658991156&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fdlive.tv%2FJohnDukeofLancaster%3Fref%3Djohndukeoflancaster%25F0%259F%2593%258C%25F0%259F%2591%2589%2520%2520Pe&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658991156344&bpp=2&bdt=1504&idt=407&shv=r20220726&mjsv=m202207200101&ptt=9&saldr=aa&abxe=1&prev_fmts=128x256&nras=1&correlator=2280627204853&frm=20&pv=1&ga_vid=536569996.1658991155&ga_sid=1658991157&ga_hid=199643736&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C21066429%2C31060047%2C31067825&oid=2&pvsid=3450251239526917&tmod=1778090356&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=414
Frame ID: 23BF71A94347EF79DE8431A0A7AD3994
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&k=6Lf5BmkUAAAAAKYk6gV1OzK05pOv99MOQoXSIrgj
Frame ID: 17A587F0E9CD975E9B885E298A6EC783
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&k=6Lf5BmkUAAAAAKYk6gV1OzK05pOv99MOQoXSIrgj
Frame ID: C1AEDB4384C2A8A8312930F668FB9B34
Requests: 4 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuIyLgAN_0cKixV0AAIlb4s_6hSv9tu0bzNLWA&u=%7CxSHFEmyFXVAsYaEvjRC7h7TqxZ4zM5RNGJIhyLWRj7M%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zrKB14s976jz4tkhQfDtJjnQxzPTFB2tPTvLmz1CmX5G7-cQ9U0CQ-w-eR99IocmghrWzT-ARDQsc9W-pOMOvSU3rJmxcV_SYROy5sQby3IzLHP9qx-k4a00eQ-_4TVTDbZ9J8ym5Sm5rCpGuSJbS8wXTM5UhFVanvGPMyM93lPo0TSX8e_Pbg9qOzz86lra0DXL9SjEoIgbTATR-6YYKDY7UsfNC3cpCkrUNCVYdX6YwUi28YzQ3br-0ffWb9u5PqzWU7aNhOjI9s8_SRP2uVqf8fOEx9u4Tlhe29Keko0UBblGhfCjHu-VxYXuHqN8bOf_OI8HUao3qrmlUsn03PLjD2qjIH1AyxWUPoxlndIVxl1g33iFLQ54dk7GvJo9OE9HvBFU5QHlskHLKO-aFxA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYBBJLjLiYsf-N_SqrATvyohQyZ7SsVyl_JP3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTgwMjUyODg3MzU4NTc2oAHVttLqA8gBCakCTWgFD6IgsT6oAwGqBIACT9Dwfy4t0BY9LnSHN5w53Y7cbj8e_v6zdWXLYnuE-njVq3bzcgP6Q9brFfWnVL34yikMoHTjan1W3u-pK2rQMYiePgmZUAFSaAJhPVMNQt7AvkVA7e2qSDwOYlpKxWLuXqxs8wo_b42xlTQldj5XJeQM0Gjhgnn7PLCNsdA9hzx4K1dKIOEY1sKBILi1VNAzj6-jUcgbE7shsDOyBwi0pnJ246BATcYFQvlXmomKjUgl0KfwMPioMvZ3t2nEV51t1-w2osLjjFfP6jsEbdiZ6ChNrWFGuJxyT3pacFcGpGtcEqRzbrPpnVC_4ztUle0PEE6O9s2uPu6Se_Hy3WHASoAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3_T4GETXZntLzgkconSctpKqqivA%26client%3Dca-pub-3180252887358576%26adurl%3D
Frame ID: DDD6E9E902B208D56E6A7FCD614EC925
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EF29161A3DF54DF80798C3E198793C86
Requests: 9 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-9e7b0f09082e3e3828541eddc9ec63b1.html
Frame ID: 58EFC178C6AE5B2D9C10F3C11C2DE39C
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 9B28529C72395965932E2B42969B300B
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B60D484E9872622A9D6B110BD0E8CE9D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E75382A8BFE86B731D4464516B765EA0
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

JohnDukeofLancaster · DLive

Page URL History Show full URLs

  1. http://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe HTTP 301
    https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

221
Requests

98 %
HTTPS

57 %
IPv6

27
Domains

45
Subdomains

43
IPs

7
Countries

5795 kB
Transfer

15176 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe HTTP 301
    https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 167
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELgmuiJ9W1LR2O7MQ3__gnc&google_cver=1&google_push=AehlK4BiNzmEz5PgYlR8y17VLeFy-l-Vtz2GDsbvFFNyW1C8hQkiXoGYk5Zlsx4aTD0KTrllsJoNyZteqpfW74BPoBVx6ci0KPU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDY0T0hYQ0stOC1GVFNL&google_push=AehlK4BiNzmEz5PgYlR8y17VLeFy-l-Vtz2GDsbvFFNyW1C8hQkiXoGYk5Zlsx4aTD0KTrllsJoNyZteqpfW74BPoBVx6ci0KPU
Request Chain 168
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFs5jxicci25UnkIl-i3F3c&google_cver=1&google_push=AehlK4BOPXj2x_btwo0Yv6mtHu1fyly0GXlNH0MHefzazyk6kkZSTrP03Hj76mR-4oT1mDrrX52YR1MzTYlCH3JywvVsmzemZ3ya HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEFs5jxicci25UnkIl-i3F3c&google_push=AehlK4BOPXj2x_btwo0Yv6mtHu1fyly0GXlNH0MHefzazyk6kkZSTrP03Hj76mR-4oT1mDrrX52YR1MzTYlCH3JywvVsmzemZ3ya&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFs5jxicci25UnkIl-i3F3c&google_hm=YuIyL6PBNCd3mi8hvznWYgAABJUAAAIB&google_nid=index&google_push=AehlK4BOPXj2x_btwo0Yv6mtHu1fyly0GXlNH0MHefzazyk6kkZSTrP03Hj76mR-4oT1mDrrX52YR1MzTYlCH3JywvVsmzemZ3ya

221 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request JohnDukeofLancaster
dlive.tv/
Redirect Chain
  • http://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
  • https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
522 KB
86 KB
Document
General
Full URL
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy / Express
Resource Hash
8246ab022641fbdc93fe91b13f91fc90f9f4c83f95676cb77fe4cfa817a0fc10
Security Headers
Name Value
X-Frame-Options https://twitter.com/ https://liveclips.tidy.live

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, no-cache, no-store
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 28 Jul 2022 06:52:28 GMT
etag
W/"828cc-ONKYGgcpnvj0TXWWFn7U26wZtjw"
expires
Fri, 29 Jul 2022 06:52:28 GMT
server
istio-envoy
vary
Accept-Encoding
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
x-amz-cf-id
qxRJKasrRDfyJ-ad0xcuIlNibIFlf2WorRLeV3kKF9jw-Tz6EEA_Sw==
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
110
x-frame-options
https://twitter.com/ https://liveclips.tidy.live
x-powered-by
Express

Redirect headers

Connection
keep-alive
Content-Length
183
Content-Type
text/html
Date
Thu, 28 Jul 2022 06:52:28 GMT
Location
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Server
CloudFront
Via
1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
X-Amz-Cf-Id
dZcu7JVRsENE7-oR96IPz4BHXKCi8Rf6Xgc8-tMLhwrRBeXBs92oTA==
X-Amz-Cf-Pop
FRA2-C2
X-Cache
Redirect from cloudfront
video-js.min.css
cdnjs.cloudflare.com/ajax/libs/video.js/7.5.0/
37 KB
9 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/video.js/7.5.0/video-js.min.css
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78eb700cb99c31c9c7a897019e4fd564dc1a263142354827347fed4975c5ade1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 06:52:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4171460
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8727
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:35 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb0401f-93ff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9YGBNstNJ5uGXwq7YHOYir7wMosXaRHFZDNE7B8HucBqHDQdKid8Bq1QcnxZ8tLo1GJtwRicFO9GW8T4AY2PPYgsQ0lcFSWYe9u%2BiuWItF27OFSV%2BpVwk%2BbQPzxYJ3r9xbjGZuZvHKPSIOIJGdgESkn0"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
731bb139e9db2397-ZRH
expires
Tue, 18 Jul 2023 06:52:29 GMT
api.js
www.google.com/recaptcha/
916 B
998 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?onload=vueRecaptchaApiLoaded&render=explicit
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
417ff25a921b685c79438b057440a5090d09557a46e070797aa53b94ce138954
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 06:52:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
585
x-xss-protection
1; mode=block
expires
Thu, 28 Jul 2022 06:52:29 GMT
js
www.googletagmanager.com/gtag/
113 KB
45 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-801119647
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3a3b16b240941839f7c00bb8301ca12341542cd31f218fec0dc5adc6aa945ba9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 06:52:29 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45331
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 28 Jul 2022 06:52:29 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/
373 KB
125 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a407bad2c5c1c6331c406392e74465bca0603fb1040b476e6592fe6fd4a56faf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 06:52:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127179
x-xss-protection
0
expires
Thu, 28 Jul 2022 06:52:29 GMT
style.f82008c7.css
dlive.tv/css/
727 KB
113 KB
Stylesheet
General
Full URL
https://dlive.tv/css/style.f82008c7.css
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
aa3cc1cd2b0eb2e38ffeaa07affe9695ac3dc223caf306a032f3fb724fe24e37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 08:15:25 GMT
content-encoding
gzip
last-modified
Wed, 27 Jul 2022 06:39:48 GMT
server
istio-envoy
age
81424
etag
W/"62e0ddb4-b5c65"
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
2
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
3MFtYkJZfyUBScsJbj77GDXwZenT_6CiM4ogL66ZuKwZY-YbeGD_Iw==
expires
Fri, 26 Aug 2022 08:15:25 GMT
logo-darkmode.50133ca0.svg
dlive.tv/img/
8 KB
4 KB
Image
General
Full URL
https://dlive.tv/img/logo-darkmode.50133ca0.svg
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
70260ef094479aac8c41f0d836a2344d51c398ab407e53a2d9ceafcb4c9dbec5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 09 Jul 2022 00:52:47 GMT
content-encoding
gzip
last-modified
Fri, 01 Jul 2022 08:19:10 GMT
server
istio-envoy
age
1663182
etag
W/"62beadfe-207f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
0
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
erhoBsr-V7SKfhRF-wAbSmFC3BmCieeRaYWNjIhXPdf8XrfelwwSfA==
expires
Mon, 08 Aug 2022 00:52:47 GMT
token.f4fb1bec.svg
dlive.tv/img/
1 KB
1 KB
Image
General
Full URL
https://dlive.tv/img/token.f4fb1bec.svg
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
2c3dd2af3dd9b9df55ed0306a801ae90aea41b215649ef643fe74d84f6ba4f83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 02:08:49 GMT
content-encoding
gzip
last-modified
Fri, 22 Jul 2022 08:31:35 GMT
server
istio-envoy
age
362620
etag
W/"62da6067-5e0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
0
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
I7x2m6LqCEdiTIeeOaeu1GsMIYcIP589YRJIaEN6I11TaZAgvumJeg==
expires
Tue, 23 Aug 2022 02:08:49 GMT
contracting-arrow.c2c48bf4.svg
dlive.tv/img/
688 B
1 KB
Image
General
Full URL
https://dlive.tv/img/contracting-arrow.c2c48bf4.svg
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
5e5a94de853c1057705bdc6c5073252210879f65fa775a9113282585d09bf0f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 06:44:51 GMT
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
last-modified
Fri, 22 Jul 2022 08:31:35 GMT
server
istio-envoy
age
86858
etag
"62da6067-2b0"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
0
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
688
x-amz-cf-id
3ZnDfaRllgP4oJOnCjSmjCdiD34TEfJ59o_zDO_-zW3X-isc_TRqBg==
expires
Fri, 26 Aug 2022 06:44:51 GMT
sidebar-recommand.53e5ac43.png
dlive.tv/img/
13 KB
14 KB
Image
General
Full URL
https://dlive.tv/img/sidebar-recommand.53e5ac43.png
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
1ce69af7f5304df3e475e01e5a53625b9e61a128163f9b3490d82c17fa2a1085

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 26 Jul 2022 07:02:16 GMT
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
last-modified
Fri, 22 Jul 2022 08:31:35 GMT
server
istio-envoy
age
172213
etag
"62da6067-3479"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
0
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
13433
x-amz-cf-id
mJFRPwPF6mI1TILzFPiot76co7MC7S-eSvOEArVhtB1PdcaE0V14sQ==
expires
Thu, 25 Aug 2022 07:02:16 GMT
sidebar-cashin-close.2548740b.svg
dlive.tv/img/
4 KB
2 KB
Image
General
Full URL
https://dlive.tv/img/sidebar-cashin-close.2548740b.svg
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
35eae31f1edbc6a8a19d94108b90d41166fd13ac638cdb453be24237b97376ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 06:49:56 GMT
content-encoding
gzip
last-modified
Mon, 27 Jun 2022 10:58:11 GMT
server
istio-envoy
age
2332953
etag
W/"62b98d43-e69"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
0
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
_8NF77-HyDn-79fDE-LmN7DVFwBESNBH8eGHW433tUW1U1IaTLAWZA==
expires
Sun, 31 Jul 2022 06:49:56 GMT
ffac4d6c-75da-11ea-a0f2-e2443572cd01
images-sihv2.prd.dlivecdn.com/fit-in/50x50/filters:quality(90)/avatar/
2 KB
2 KB
Image
General
Full URL
https://images-sihv2.prd.dlivecdn.com/fit-in/50x50/filters:quality(90)/avatar/ffac4d6c-75da-11ea-a0f2-e2443572cd01
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
798d7664432368ad28f52c5fa8a5b483c858536b7a287bfaaa482ad65d6ab181

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 11:07:57 GMT
via
1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
server
istio-envoy
age
2663072
etag
"6cb4d945eeb1e555d9fe6d7fbf4bf8d8714c76b2"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=2592000
x-envoy-upstream-service-time
83
x-amz-cf-pop
FRA2-C1
content-length
1848
x-amz-cf-id
OHUZ2Lpxc4tXLwfMBtLek8o1bM943ig2O4oww_JMKE2QN7JZqtaJSA==
expires
Tue, 28 Jun 2022 11:07:57 GMT
video-placeholder.png
images-sihv2.prd.dlivecdn.com/fit-in/1920x1920/filters:quality(90)/offlineimage/
483 KB
484 KB
Image
General
Full URL
https://images-sihv2.prd.dlivecdn.com/fit-in/1920x1920/filters:quality(90)/offlineimage/video-placeholder.png
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
38aa2b64a9382b1b53a17bf0f14d6878978aa7cbc25ffceb17bc34acd0e9fb89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 00:26:39 GMT
via
1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
server
istio-envoy
age
3565550
etag
"efe57e3017d879b01807e9fa1be2c6b9b11679f9"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=2592000
x-envoy-upstream-service-time
338
x-amz-cf-pop
FRA2-C1
content-length
494990
x-amz-cf-id
JoZB7dnlEHj6la8Aywivz2M3qW5jTQqasxgT88qRlQ6QThz5Co7eUw==
expires
Sat, 18 Jun 2022 00:26:39 GMT
check-gold-icon.8cf30f76.svg
dlive.tv/img/
1 KB
935 B
Image
General
Full URL
https://dlive.tv/img/check-gold-icon.8cf30f76.svg
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
acce3a3867515e58f283e0c165fb272a6505734056ef48130f241f29e5ecb728

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 05:18:00 GMT
content-encoding
gzip
last-modified
Fri, 22 Jul 2022 08:31:35 GMT
server
istio-envoy
age
92069
etag
W/"62da6067-4b1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
0
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
DNKNML4_UQ6aDihDBd1Jw9GinOawbw5adFgSlYtR9Oa8DDhOcp0BLw==
expires
Fri, 26 Aug 2022 05:18:00 GMT
style.51c202a3.js
dlive.tv/js/
116 B
511 B
Script
General
Full URL
https://dlive.tv/js/style.51c202a3.js
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
278619fba75881d0200291cbd6ce7e726bc65284aaef81edbfb63d89e23068ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 00:52:11 GMT
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
last-modified
Fri, 01 Jul 2022 08:19:10 GMT
server
istio-envoy
age
2268018
etag
"62beadfe-74"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
0
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
116
x-amz-cf-id
z4a3pblL6TPl9YziBMAGcW5OZcoPgRt7vEQupAuIbSRcp78dg7x-jg==
expires
Mon, 01 Aug 2022 00:52:11 GMT
chunk-63e594ea.d6f56307.js
dlive.tv/js/
8 KB
3 KB
Script
General
Full URL
https://dlive.tv/js/chunk-63e594ea.d6f56307.js
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
37e4adcfbcce42746f62d981bead6c9008fceb24b0f52932dde9dcdec8c691c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 09:22:41 GMT
content-encoding
gzip
last-modified
Thu, 07 Jul 2022 08:57:42 GMT
server
istio-envoy
age
1805388
etag
W/"62c6a006-216c"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
0
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
wxVuV-ZEjjg6Gtlx2sEoop2Lv6u9r8-sjfdFOzBjiQSt1lQcMhzyVQ==
expires
Sat, 06 Aug 2022 09:22:41 GMT
login.25ea6b6e.js
dlive.tv/js/
146 KB
26 KB
Script
General
Full URL
https://dlive.tv/js/login.25ea6b6e.js
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
f7f01741c95888204e2f41823796beb7afd2302f55994fe5cba0904d8fb45878

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 09 Jul 2022 10:30:58 GMT
content-encoding
gzip
last-modified
Sat, 09 Jul 2022 09:58:27 GMT
server
istio-envoy
age
1628491
etag
W/"62c95143-2497d"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
2
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
1WQiQKB8pLqmOiAuRD_BuLn-aSTgxctTZ1vgVi7nVjFuuNrlS3iMuA==
expires
Mon, 08 Aug 2022 10:30:58 GMT
chunk-1d73c52a.bc88ad15.js
dlive.tv/js/
49 KB
9 KB
Script
General
Full URL
https://dlive.tv/js/chunk-1d73c52a.bc88ad15.js
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
5b44eac830a5834187b3b105d2e0f7dae8ac7eac94deb09c2e8029f5ee23e0fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 09 Jul 2022 17:37:10 GMT
content-encoding
gzip
last-modified
Sat, 09 Jul 2022 09:58:27 GMT
server
istio-envoy
age
1602919
etag
W/"62c95143-c3f7"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
1
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
HKQ5r8cW2WWKv13feUjJxCS6hq-q6GDGBGB8nh6Zi9UfyyNEVh2I_g==
expires
Mon, 08 Aug 2022 17:37:10 GMT
chunk-e98a8eba.984c79ee.js
dlive.tv/js/
1 MB
252 KB
Script
General
Full URL
https://dlive.tv/js/chunk-e98a8eba.984c79ee.js
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
d904a67086a38df9cdb00b789dde6057e2c963a3cbd50239fba21a72a65099d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 08:15:25 GMT
content-encoding
gzip
last-modified
Wed, 27 Jul 2022 06:39:48 GMT
server
istio-envoy
age
81424
etag
W/"62e0ddb4-122827"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
2
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
H41DoByjje_gZH9XDa0BC7yUpc_1O6oDbv2fhBPusQ-fBaUloR9HQQ==
expires
Fri, 26 Aug 2022 08:15:25 GMT
chunk-fddbe926.9fa82039.js
dlive.tv/js/
2 KB
1 KB
Script
General
Full URL
https://dlive.tv/js/chunk-fddbe926.9fa82039.js
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
3f24aa5e29a3626c93713d49868aff4d6bf8bfd3926fb97b8da71fe87d3fa4c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 09:22:57 GMT
content-encoding
gzip
last-modified
Thu, 07 Jul 2022 08:57:42 GMT
server
istio-envoy
age
1805372
etag
W/"62c6a006-922"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
0
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
j-9Q8vJvvToqQCJEj7GyZL1jdDn9a2-UL5i-K3la8xSZLB5Jz084Jg==
expires
Sat, 06 Aug 2022 09:22:57 GMT
chunk-cc92d4e4.8461a80c.js
dlive.tv/js/
13 KB
3 KB
Script
General
Full URL
https://dlive.tv/js/chunk-cc92d4e4.8461a80c.js
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
490076e2016dc0369da94a9b87216802c8066536ffad55eb113ae4939f7a112b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 09:23:58 GMT
content-encoding
gzip
last-modified
Thu, 07 Jul 2022 08:57:42 GMT
server
istio-envoy
age
1805311
etag
W/"62c6a006-3213"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
0
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
XgWD6RQASzr9ZptUo2OG4UCZ47HSgaJprOUzpK527WbDIqR3RqF7Lg==
expires
Sat, 06 Aug 2022 09:23:58 GMT
chunk-2d221db6.024c1ad5.js
dlive.tv/js/
1 KB
1 KB
Script
General
Full URL
https://dlive.tv/js/chunk-2d221db6.024c1ad5.js
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e1ba0ed886231ec5fe0d736e0c736dfe0a149efff518a3036b3e104cb7b41d20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 09:22:57 GMT
content-encoding
gzip
last-modified
Thu, 07 Jul 2022 08:57:42 GMT
server
istio-envoy
age
1805372
etag
W/"62c6a006-5fa"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
0
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
UlDiQc6zmxEA4imJuGXr2b2qso1shMdTwmSCEucfYpvS0hlecM6AHw==
expires
Sat, 06 Aug 2022 09:22:57 GMT
chunk-30893754.6b31269b.js
dlive.tv/js/
84 KB
9 KB
Script
General
Full URL
https://dlive.tv/js/chunk-30893754.6b31269b.js
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
4d4d53565b487abb8ca0734422d8b7f74f28d3663be3ec6449cf6e782fdd7897

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 09:22:57 GMT
content-encoding
gzip
last-modified
Thu, 07 Jul 2022 08:57:42 GMT
server
istio-envoy
age
1805372
etag
W/"62c6a006-151c4"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
6
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
eAdIrY9qSzFVRhyuC_ME6txs4vTwUpE8YCybwXfREGUkTVbFkzbS5A==
expires
Sat, 06 Aug 2022 09:22:57 GMT
chunk-9b658ea0.055b85e1.js
dlive.tv/js/
7 KB
2 KB
Script
General
Full URL
https://dlive.tv/js/chunk-9b658ea0.055b85e1.js
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
7fea3fd64483d40644ef2475fd06741ad5e37f62ca7b5579867d581f4c73eb29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 09:23:49 GMT
content-encoding
gzip
last-modified
Thu, 07 Jul 2022 08:57:42 GMT
server
istio-envoy
age
1805320
etag
W/"62c6a006-1c4d"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
0
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
HuBbwD7UctjRzlL4osAsnbDGpXt5Gmg7iVsYw9ZBX5dDoFHxEFpWvQ==
expires
Sat, 06 Aug 2022 09:23:49 GMT
chunk-2d21a7b3.8cc5be9c.js
dlive.tv/js/
2 KB
1 KB
Script
General
Full URL
https://dlive.tv/js/chunk-2d21a7b3.8cc5be9c.js
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
40add70250698c9f609ac64b24eeb766e9f278f6be4fd1e5f37ad8b64f39261d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 09:22:41 GMT
content-encoding
gzip
last-modified
Thu, 07 Jul 2022 08:57:42 GMT
server
istio-envoy
age
1805388
etag
W/"62c6a006-6fb"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
0
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
KVmwqREt8WPCJwFnrAEdaVRR3g02-21arI_W1xx8h8bs1aaqTV1jVg==
expires
Sat, 06 Aug 2022 09:22:41 GMT
chunk-2d0cbaa1.55bb478f.js
dlive.tv/js/
840 B
1 KB
Script
General
Full URL
https://dlive.tv/js/chunk-2d0cbaa1.55bb478f.js
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
c0e4ad2704d0256c52c44773f280b0f8ee4b07bba6cc8a1d471e8cb83ad780f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 09:22:41 GMT
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
last-modified
Thu, 07 Jul 2022 08:57:42 GMT
server
istio-envoy
age
1805388
etag
"62c6a006-348"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
0
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
840
x-amz-cf-id
C3PbfEV2kdlDJNxSDwnMZVP6YNZwubQjBYWiWG15eTNa23H9n4xJ1A==
expires
Sat, 06 Aug 2022 09:22:41 GMT
chunk-2d0c1529.0bb07f38.js
dlive.tv/js/
1 KB
985 B
Script
General
Full URL
https://dlive.tv/js/chunk-2d0c1529.0bb07f38.js
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
8a4b834bdca3eaa98f72633d954f121f3984ff8a6144fdc26f91a89589c84c83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 01:31:50 GMT
content-encoding
gzip
last-modified
Tue, 12 Jul 2022 07:38:23 GMT
server
istio-envoy
age
537639
etag
W/"62cd24ef-416"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
0
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
XEuyh8hJmmT8bYZoxO7XxsAsttX8vWp9MtvrNWSUH3E0TxmRO99xEA==
expires
Sun, 21 Aug 2022 01:31:50 GMT
chunk-2d22bf8b.3ce0ac35.js
dlive.tv/js/
869 B
1 KB
Script
General
Full URL
https://dlive.tv/js/chunk-2d22bf8b.3ce0ac35.js
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
2c10f1d18b0ae512dd75695c1154f8e2d4a73c4d4c1954deea33269c2780a34c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 09:22:57 GMT
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
last-modified
Thu, 07 Jul 2022 08:57:42 GMT
server
istio-envoy
age
1805372
etag
"62c6a006-365"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
0
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
869
x-amz-cf-id
1WZYyf4SSSLhdjQNQehgbVZ43khsomeQ_XuiUrf4vkTS_cclVBMATQ==
expires
Sat, 06 Aug 2022 09:22:57 GMT
chunk-2d0b23a4.88d9a84e.js
dlive.tv/js/
3 KB
2 KB
Script
General
Full URL
https://dlive.tv/js/chunk-2d0b23a4.88d9a84e.js
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
a3e68cfd41b06aa8e397840b14b3275466c1af26a833cdb9294f5d09006f7ace

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 09:23:58 GMT
content-encoding
gzip
last-modified
Thu, 07 Jul 2022 08:57:42 GMT
server
istio-envoy
age
1805311
etag
W/"62c6a006-b20"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
0
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
gNffFh3Kb-MtBbhdvCEE441cuwAwNpicNPVtM0hf3mXu6jcekUfY3A==
expires
Sat, 06 Aug 2022 09:23:58 GMT
chunk-vendors.02ca80b7.js
dlive.tv/js/
5 MB
1 MB
Script
General
Full URL
https://dlive.tv/js/chunk-vendors.02ca80b7.js
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
59b233b1e5b32aba0a25fa6eff2a3067f65c2f454e2e89d3d37f55f643016d86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 08:15:25 GMT
content-encoding
gzip
last-modified
Wed, 27 Jul 2022 06:39:48 GMT
server
istio-envoy
age
81424
etag
W/"62e0ddb4-5120b6"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
2
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
qlTSahoZA2X5sTGOjTQbcljcTax5WV14KwzrpfUDRqMHZcBSxKN_Ew==
expires
Fri, 26 Aug 2022 08:15:25 GMT
main.3d775686.js
dlive.tv/js/
376 KB
82 KB
Script
General
Full URL
https://dlive.tv/js/main.3d775686.js
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
b8d6e469faf39e34a29f5e23ec95130f638228b4eed2ff9712620e1a3178641f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 08:15:25 GMT
content-encoding
gzip
last-modified
Wed, 27 Jul 2022 06:39:48 GMT
server
istio-envoy
age
81424
etag
W/"62e0ddb4-5e17f"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
2
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
CoJzwfEqSAZaexNFXC5mWz60KoR5xOvXrdp1oPFwyDbB3slL2R8qzw==
expires
Fri, 26 Aug 2022 08:15:25 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/
365 KB
145 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=vueRecaptchaApiLoaded&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64d2c94f105aa89f733e51b81c045de674b47325ef4f04526ec9bb632c44fd91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dlive.tv/
Origin
https://dlive.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 06:48:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
239
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
147954
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 04:01:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 28 Jul 2023 06:48:30 GMT
fbevents.js
connect.facebook.net/en_US/
98 KB
26 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2736097a7727ffff60f339d18ac5e433e38b04ead346e23791a8967c5cb120d2
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26248
x-xss-protection
0
pragma
public
x-fb-debug
DB9NMID1JKuu78G/Xqv4AU9POo0vPlJUjEPc/zvv8ZZDpDwGXCi8jxNqgjviE2y6K1YrBjlmD9Lx4NYoVzbe5w==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 28 Jul 2022 06:52:29 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6629
date
Thu, 28 Jul 2022 05:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 28 Jul 2022 07:02:00 GMT
truncated
/
914 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
491b971b83f9f72c1fafd08df729f81b0a898caf76f54dee0657c4726db8bd65

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
288 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ed6cf19eb395079549de43cf0d11116da52efc934c1a2366182b981b747eed3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
411 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
458f4c0f8d0b4db16fb6d11e922a11b41ff0473eb0e66b2c3a3b8629877578af

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
445 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
365839f78f08d794367c60ade2150ddeb9623745f3d0090f7ab64ef72d507b7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4597cc11e8807aad881e549eb32baa0a51c6a2650083a8efbc492cfb6813e15f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
514 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
72fee95d99db544bd23408376039e7bcd6be5a62a07455d803cdea5f09826522

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d0ab7244e1f1880ced8f1c54d49df6b12cf7c35058fe72ff99c0f656e4e7f3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
232 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
734f7f5710e61ee9d7cd7b09bec687cc168451be3a08a96368161425899ac6cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
476c08e35ff1a75dec99a69c7968eaaa8dc4bace11c1899246dd23ef280731c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
report-icon.2ef5812e.svg
dlive.tv/img/
457 B
857 B
Image
General
Full URL
https://dlive.tv/img/report-icon.2ef5812e.svg
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
2c67958321af4975ab888c0d7a8f877c1dd6ca1d0f62484cc0ebb989857b677f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 08:50:57 GMT
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
last-modified
Fri, 01 Jul 2022 08:19:10 GMT
server
istio-envoy
age
1980092
etag
"62beadfe-1c9"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
0
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
457
x-amz-cf-id
57ghyTUyehxYXOwYC_oky6JV_m0YgYZFkTnHDALci_J3Rl276HnLpA==
expires
Thu, 04 Aug 2022 08:50:57 GMT
post-out-white-icon.94318e33.svg
dlive.tv/img/
882 B
1 KB
Image
General
Full URL
https://dlive.tv/img/post-out-white-icon.94318e33.svg
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
f7b87ca8f1c03690ef1698d9ce66f4e28d7ab0758052a5cee54bedf5bebd6a66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 08:49:24 GMT
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
last-modified
Fri, 01 Jul 2022 08:19:10 GMT
server
istio-envoy
age
1980185
etag
"62beadfe-372"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
0
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
882
x-amz-cf-id
QNr7jVA0GhHo4JNnFJOcMkYv5jS3IiXKKr-8ag2tYWaxwJAGn6bJGg==
expires
Thu, 04 Aug 2022 08:49:24 GMT
conversion_async.js
www.googleadservices.com/pagead/
40 KB
15 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-801119647
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 06:52:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15160
x-xss-protection
0
server
cafe
etag
9823212955285023900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 28 Jul 2022 06:52:29 GMT
322689908341012
connect.facebook.net/signals/config/
293 KB
84 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/322689908341012?v=2.9.68&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0d2a4f9ccb27f9bc1c23f114550d30849ef6a6c327ee5f24032a739a77d9440e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
gcsTZAPEBNh/LsQIo2lThzC+eOPPsCc4tcaINGFh4YnOX6imktgNd0sqUvXoGAwd2B1eKhjQMA0eU1+Lsfjwhg==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 28 Jul 2022 06:52:29 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1658991149895
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/
4 B
24 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=199643736&t=pageview&_s=1&dl=https%3A%2F%2Fdlive.tv%2FJohnDukeofLancaster%3Fref%3Djohndukeoflancaster%25F0%259F%2593%258C%25F0%259F%2591%2589%2520%2520Pe&ul=en-us&de=UTF-8&dt=JohnDukeofLancaster%20%C2%B7%20DLive&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1201034476&gjid=399828919&cid=536569996.1658991155&tid=UA-126405334-1&_gid=941246965.1658991155&_r=1&_slc=1&z=1796458706
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://dlive.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 06:52:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dlive.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
437 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-126405334-1&cid=536569996.1658991155&jid=1201034476&gjid=399828919&_gid=941246965.1658991155&_u=IEBAAEAAAAAAAC~&z=1962931529
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://dlive.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 28 Jul 2022 06:52:29 GMT
content-type
text/plain
access-control-allow-origin
https://dlive.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
lang-en-json.9db846ac.js
dlive.tv/js/
49 KB
17 KB
Script
General
Full URL
https://dlive.tv/js/lang-en-json.9db846ac.js
Requested by
Host: dlive.tv
URL: https://dlive.tv/js/main.3d775686.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
217d6a113ce3cfddd32cf7e589abdd2c589671d73dc8a5fa7f52546c9496f2f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 09:00:19 GMT
content-encoding
gzip
last-modified
Fri, 22 Jul 2022 08:31:35 GMT
server
istio-envoy
age
510730
etag
W/"62da6067-c2c3"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
1
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
OpMsGLKq0L7GRaaArurIVfwn6_8EM2gEEpxHP3gAX2nDHfH-nONYew==
expires
Sun, 21 Aug 2022 09:00:19 GMT
ga-audiences
www.google.com/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-126405334-1&cid=536569996.1658991155&jid=1201034476&_u=IEBAAEAAAAAAAC~&z=1363945828
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 06:52:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
501 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-126405334-1&cid=536569996.1658991155&jid=1201034476&_u=IEBAAEAAAAAAAC~&z=1363945828
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 06:52:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:493255913945:web:6dbf56949e99caa3aa69c8/
215 B
187 B
Fetch
General
Full URL
https://firebase.googleapis.com/v1alpha/projects/-/apps/1:493255913945:web:6dbf56949e99caa3aa69c8/webConfig
Requested by
Host: dlive.tv
URL: https://dlive.tv/js/chunk-vendors.02ca80b7.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f14da4331ba3dd43e90430ab6e446cf47e3ba334a3824907707967759b6b9500
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept
application/json
Referer
https://dlive.tv/
x-goog-api-key
AIzaSyDWWhgVwwYcl6ABsTNZWbsbIczN9LDCr3A
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 06:52:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://dlive.tv
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
vary
Origin, X-Origin, Referer
content-length
164
x-xss-protection
0
webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:493255913945:web:6dbf56949e99caa3aa69c8/ Frame
0
0
Preflight
General
Full URL
https://firebase.googleapis.com/v1alpha/projects/-/apps/1:493255913945:web:6dbf56949e99caa3aa69c8/webConfig
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-api-key
Access-Control-Request-Method
GET
Origin
https://dlive.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers
x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://dlive.tv
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Thu, 28 Jul 2022 06:52:29 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/801119647/
2 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/801119647/?random=1658991155651&cv=9&fst=1658991155651&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7p0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fdlive.tv%2FJohnDukeofLancaster%3Fref%3Djohndukeoflancaster%25F0%259F%2593%258C%25F0%259F%2591%2589%2520%2520Pe&tiba=JohnDukeofLancaster%20%C2%B7%20DLive&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6a12e86762df56fee549a38bbcc9f65c71b1184a87bdac7b4117b9292b042724
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 06:52:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1078
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
chunk-61edc5ae.0b764e3c.js
dlive.tv/js/
19 KB
9 KB
Script
General
Full URL
https://dlive.tv/js/chunk-61edc5ae.0b764e3c.js
Requested by
Host: dlive.tv
URL: https://dlive.tv/js/main.3d775686.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
bbaf4f31fb42d42b0a48ddc4584280871b0b2125d46113a319f334253c72069f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:39:58 GMT
content-encoding
gzip
last-modified
Fri, 22 Jul 2022 08:31:35 GMT
server
istio-envoy
age
353551
etag
W/"62da6067-4a6d"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
0
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
c_uXJ_DgYviPBCeh3Ib1l6QAwFW7oAJHkYsmslUArIQM4479gxszxw==
expires
Tue, 23 Aug 2022 04:39:58 GMT
chunk-026b6f3c.a192aeee.js
dlive.tv/js/
22 KB
3 KB
Script
General
Full URL
https://dlive.tv/js/chunk-026b6f3c.a192aeee.js
Requested by
Host: dlive.tv
URL: https://dlive.tv/js/main.3d775686.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
b09b8621d60eb4eb4d4abdccdd6ebb1b96ba416d82dadc0d10b1a2f338ebd2d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 09:22:55 GMT
content-encoding
gzip
last-modified
Thu, 07 Jul 2022 08:57:42 GMT
server
istio-envoy
age
1805374
etag
W/"62c6a006-5956"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
0
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
pZCtVOMKzAj_erqzC0wSwqi35-c9CS_kto3Nm20SiXVCtnsHnjnoBA==
expires
Sat, 06 Aug 2022 09:22:55 GMT
chunk-39317060.bf42d991.js
dlive.tv/js/
27 KB
7 KB
Script
General
Full URL
https://dlive.tv/js/chunk-39317060.bf42d991.js
Requested by
Host: dlive.tv
URL: https://dlive.tv/js/main.3d775686.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
202e6721e0b5a8c7d29d455a76b42d1268b349779b201b10138a99285efbe5cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 09:22:55 GMT
content-encoding
gzip
last-modified
Thu, 07 Jul 2022 08:57:42 GMT
server
istio-envoy
age
1805374
etag
W/"62c6a006-6b2a"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
0
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
c1Tdj0ra37d82_cBRr-L9-36xJQaWmJes_8lHz3bONe8C0QuHMYLAw==
expires
Sat, 06 Aug 2022 09:22:55 GMT
installations
firebaseinstallations.googleapis.com/v1/projects/dlive-web/ Frame
0
0
Preflight
General
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/dlive-web/installations
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-firebase-client,x-goog-api-key
Access-Control-Request-Method
POST
Origin
https://dlive.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-firebase-client,x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://dlive.tv
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Thu, 28 Jul 2022 06:52:29 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
installations
firebaseinstallations.googleapis.com/v1/projects/dlive-web/
624 B
511 B
Fetch
General
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/dlive-web/installations
Requested by
Host: dlive.tv
URL: https://dlive.tv/js/chunk-vendors.02ca80b7.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a1d9096d52a7b0df66eed04d6ee4ca39229bad41da981f127ed20d99be04f51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept
application/json
Referer
https://dlive.tv/
x-goog-api-key
AIzaSyDWWhgVwwYcl6ABsTNZWbsbIczN9LDCr3A
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
x-firebase-client
eyJ2ZXJzaW9uIjoyLCJoZWFydGJlYXRzIjpbeyJhZ2VudCI6ImZpcmUtY29yZS8wLjcuMjQgZmlyZS1jb3JlLWVzbTIwMTcvMC43LjI0IGZpcmUtanMvIGZpcmUtaWlkLzAuNS45IGZpcmUtaWlkLWVzbTIwMTcvMC41LjkgZmlyZS1hbmFseXRpY3MvMC43LjkgZmlyZS1hbmFseXRpY3MtZXNtMjAxNy8wLjcuOSBmaXJlLWpzLWFsbC1hcHAvOS44LjEiLCJkYXRlcyI6WyIyMDIyLTA3LTI4Il19XX0
content-type
application/json

Response headers

date
Thu, 28 Jul 2022 06:52:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://dlive.tv
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
vary
Origin, X-Origin, Referer
content-length
488
x-xss-protection
0
v3
js.stripe.com/
314 KB
77 KB
Script
General
Full URL
https://js.stripe.com/v3
Requested by
Host: dlive.tv
URL: https://dlive.tv/js/chunk-e98a8eba.984c79ee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-65.fra2.r.cloudfront.net
Software
Cloudfront /
Resource Hash
df8d4dce3a125f0aae35e7ed52f08be4fe3b2147b920a10cc8ca0afe369b2b25
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
3
x-cache
Hit from cloudfront
date
Thu, 28 Jul 2022 06:52:30 GMT
via
1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
last-modified
Wed, 27 Jul 2022 21:32:56 GMT
server
Cloudfront
etag
W/"eb874383b6a03073f526bcb979b36db8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-pop
FRA2-C2
timing-allow-origin
*
x-amz-cf-id
edKOOqDpqdoll3EggdPimkzsk2kLGDsWfhW55GtSSzup9j7TEO6ALg==
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=199643736&t=pageview&_s=2&dl=https%3A%2F%2Fdlive.tv%2FJohnDukeofLancaster%3Fref%3Djohndukeoflancaster%25F0%259F%2593%258C%25F0%259F%2591%2589%2520%2520Pe&dp=%2FJohnDukeofLancaster&ul=en-us&de=UTF-8&dt=JohnDukeofLancaster%20%C2%B7%20DLive&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAAC~&jid=&gjid=&cid=536569996.1658991155&tid=UA-126405334-1&_gid=941246965.1658991155&z=1657923820
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 21:43:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
32932
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
fp.f9075a70.js
dlive.tv/js/
29 KB
11 KB
Script
General
Full URL
https://dlive.tv/js/fp.f9075a70.js
Requested by
Host: dlive.tv
URL: https://dlive.tv/js/main.3d775686.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
68df0baa3cb0c1b2487547e3eb39dcd39741debb1b764fbe87e61dff868d6b9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 01:39:30 GMT
content-encoding
gzip
last-modified
Fri, 01 Jul 2022 08:19:10 GMT
server
istio-envoy
age
2092380
etag
W/"62beadfe-7544"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
1
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
zqNqOj44AgLmZpb6ROD4TeRUIjaJUylSsKFySifbjrPCcaCpApmDmg==
expires
Wed, 03 Aug 2022 01:39:30 GMT
chunk-2d0d6ae8.42a22553.js
dlive.tv/js/
26 KB
5 KB
Script
General
Full URL
https://dlive.tv/js/chunk-2d0d6ae8.42a22553.js
Requested by
Host: dlive.tv
URL: https://dlive.tv/js/main.3d775686.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
6ab87d403383f4952057e5d962231bd1c9690bd65a07e1099121d8fb21f43e31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:43:18 GMT
content-encoding
gzip
last-modified
Mon, 27 Jun 2022 10:58:11 GMT
server
istio-envoy
age
2491752
etag
W/"62b98d43-66a0"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
0
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
ZiCTMut91TCj6L84nhK_1Tb0TNCHYBk9xlsVR9HAf91WrogdqX0JYQ==
expires
Fri, 29 Jul 2022 10:43:18 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=199643736&t=event&_s=3&dl=https%3A%2F%2Fdlive.tv%2FJohnDukeofLancaster%3Fref%3Djohndukeoflancaster%25F0%259F%2593%258C%25F0%259F%2591%2589%2520%2520Pe&dp=%2FJohnDukeofLancaster&ul=en-us&de=UTF-8&dt=JohnDukeofLancaster%20%C2%B7%20DLive&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ea=active&_u=aEBAAEABAAAAAC~&jid=&gjid=&cid=536569996.1658991155&tid=UA-126405334-1&_gid=941246965.1658991155&z=936167484
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 21:43:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
32932
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
chunk-45ea24d1.1484a41a.js
dlive.tv/js/
25 KB
7 KB
Script
General
Full URL
https://dlive.tv/js/chunk-45ea24d1.1484a41a.js
Requested by
Host: dlive.tv
URL: https://dlive.tv/js/main.3d775686.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
682bb04c67cdff407e66ab8aa0b14030e2bc584ea89d1244b259d674dbce1a0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 09:23:40 GMT
content-encoding
gzip
last-modified
Thu, 07 Jul 2022 08:57:42 GMT
server
istio-envoy
age
1805330
etag
W/"62c6a006-63af"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
0
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
RfTi88R4ZerDWl_8Jy20hmIYYEcYKcWAn-IjIk5S8VAgItQv-2eaqg==
expires
Sat, 06 Aug 2022 09:23:40 GMT
chunk-2de5259e.748a0b1f.js
dlive.tv/js/
31 KB
8 KB
Script
General
Full URL
https://dlive.tv/js/chunk-2de5259e.748a0b1f.js
Requested by
Host: dlive.tv
URL: https://dlive.tv/js/main.3d775686.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
03909521c309a2ed7e0ced7b22947775210e808cc70d316990d62523af9d3b88

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 09:22:58 GMT
content-encoding
gzip
last-modified
Thu, 07 Jul 2022 08:57:42 GMT
server
istio-envoy
age
1805372
etag
W/"62c6a006-7dff"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
0
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
ob3yi49EPV3z0mpECYi3K3fvJKrLbm7JqLH12vtIompfZrFoMMITgA==
expires
Sat, 06 Aug 2022 09:22:58 GMT
chunk-bb4441a8.36e932c3.js
dlive.tv/js/
15 KB
5 KB
Script
General
Full URL
https://dlive.tv/js/chunk-bb4441a8.36e932c3.js
Requested by
Host: dlive.tv
URL: https://dlive.tv/js/main.3d775686.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
813866e86ad75fa92bd7cb5414adbf17a757c257ccb1c0ba8f643515f6949acc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 01:39:30 GMT
content-encoding
gzip
last-modified
Fri, 01 Jul 2022 08:19:10 GMT
server
istio-envoy
age
2092380
etag
W/"62beadfe-3df3"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
1
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
eOCwxXlzr3eAeGtnJWx3en8sLTV9fYb_Oii_VXkayx8T-YCVqQiMhg==
expires
Wed, 03 Aug 2022 01:39:30 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
166 KB
56 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: dlive.tv
URL: https://dlive.tv/js/chunk-1d73c52a.bc88ad15.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b000024822b9ff03155ccf7ce22a40ecb3e398047bf8d8e54e3d3690b0e0765b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 06:52:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56661
x-xss-protection
0
server
cafe
etag
7692058227804074590
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 28 Jul 2022 06:52:30 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=199643736&t=event&_s=4&dl=https%3A%2F%2Fdlive.tv%2FJohnDukeofLancaster%3Fref%3Djohndukeoflancaster%25F0%259F%2593%258C%25F0%259F%2591%2589%2520%2520Pe&dp=%2FJohnDukeofLancaster&ul=en-us&de=UTF-8&dt=JohnDukeofLancaster%20%C2%B7%20DLive&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=channel&ea=click_referral_link&el=JohnDukeofLancaster&_u=aEBAAEABAAAAAC~&jid=&gjid=&cid=536569996.1658991155&tid=UA-126405334-1&_gid=941246965.1658991155&z=1609408300
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 21:43:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
32932
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
get-app.916ab506.svg
dlive.tv/img/
282 B
682 B
Image
General
Full URL
https://dlive.tv/img/get-app.916ab506.svg
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
81406883bcfa608ee01ab1e6732dc7be7ddc18033d5f74c6b368d3c3a395a9ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 14 Jul 2022 10:50:09 GMT
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jul 2022 07:38:23 GMT
server
istio-envoy
age
1195341
etag
"62cd24ef-11a"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
0
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
282
x-amz-cf-id
SiuVJ_UXSBjT8gujYDakhKHntaw6v-lEz42iTHLQxalmqvU0XH2W4Q==
expires
Sat, 13 Aug 2022 10:50:09 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/801119647/
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/801119647/?random=1658991156058&cv=9&fst=1658991156058&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7p0&sendb=1&ig=1&data=event%3Dtv_watch_page&frm=0&url=https%3A%2F%2Fdlive.tv%2FJohnDukeofLancaster%3Fref%3Djohndukeoflancaster%25F0%259F%2593%258C%25F0%259F%2591%2589%2520%2520Pe&tiba=JohnDukeofLancaster%20%C2%B7%20DLive&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d365ac36564f5abd416a5900180391600d2246c054bffae0aee9d99292fbced4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 06:52:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1078
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/801119647/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/801119647/?random=1658991155651&cv=9&fst=1658988000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7p0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fdlive.tv%2FJohnDukeofLancaster%3Fref%3Djohndukeoflancaster%25F0%259F%2593%258C%25F0%259F%2591%2589%2520%2520Pe&tiba=JohnDukeofLancaster%20%C2%B7%20DLive&async=1&fmt=3&is_vtc=1&random=1723353433&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 06:52:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/801119647/
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/801119647/?random=1658991155651&cv=9&fst=1658988000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7p0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fdlive.tv%2FJohnDukeofLancaster%3Fref%3Djohndukeoflancaster%25F0%259F%2593%258C%25F0%259F%2591%2589%2520%2520Pe&tiba=JohnDukeofLancaster%20%C2%B7%20DLive&async=1&fmt=3&is_vtc=1&random=1723353433&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 06:52:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame 0161
0
0

anchor
www.google.com/recaptcha/api2/ Frame E35A
0
0

anchor
www.google.com/recaptcha/api2/ Frame E1D5
42 KB
22 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf5BmkUAAAAAKYk6gV1OzK05pOv99MOQoXSIrgj&co=aHR0cHM6Ly9kbGl2ZS50djo0NDM.&hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=invisible&cb=xxita58r164g
Requested by
Host: dlive.tv
URL: https://dlive.tv/js/chunk-vendors.02ca80b7.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
87326fddbe83e2e2257825f2a59160fbbd79387937443635222a2bbedef5d415
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-OGXrPjh4QJBmnL_BH3OZPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dlive.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22643
content-security-policy
script-src 'report-sample' 'nonce-OGXrPjh4QJBmnL_BH3OZPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 28 Jul 2022 06:52:30 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
anchor
www.google.com/recaptcha/api2/ Frame 4461
43 KB
22 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf5BmkUAAAAAKYk6gV1OzK05pOv99MOQoXSIrgj&co=aHR0cHM6Ly9kbGl2ZS50djo0NDM.&hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=invisible&cb=ljv6mtholdp1
Requested by
Host: dlive.tv
URL: https://dlive.tv/js/chunk-vendors.02ca80b7.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a361cd9d61774df4e730ec0ca7669d201f3bd926adb47ac97fd22ab32c935de6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-D5o8HQsHDsWwi50Gjuae7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dlive.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22774
content-security-policy
script-src 'report-sample' 'nonce-D5o8HQsHDsWwi50Gjuae7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 28 Jul 2022 06:52:30 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
search-icon.b3d47336.svg
dlive.tv/img/
654 B
1 KB
Image
General
Full URL
https://dlive.tv/img/search-icon.b3d47336.svg
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
aff5044598fc9b35c279d3faebe0bc11bac63cce1d4f7430ea29799a590fb67a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 01:11:58 GMT
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
last-modified
Fri, 01 Jul 2022 08:19:10 GMT
server
istio-envoy
age
1921232
etag
"62beadfe-28e"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
0
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
654
x-amz-cf-id
ad_AvK_Nq5ZD6hR0eQBQeTPuBZWQ9eH_CjXCBwDfFLU5HWy0aoAgpw==
expires
Fri, 05 Aug 2022 01:11:58 GMT
more.bc42c0af.svg
dlive.tv/img/
723 B
1 KB
Image
General
Full URL
https://dlive.tv/img/more.bc42c0af.svg
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
d1f48c60b686a7496585c4188d6d8daff56b5f8589393a567a9356bef23155e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 04:28:47 GMT
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jul 2022 07:38:23 GMT
server
istio-envoy
age
613423
etag
"62cd24ef-2d3"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
0
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
723
x-amz-cf-id
SzMpckDZSEiWy8PkVG7cLbtoAneaIoPv6riS5l8-lNZm-XPqVC7dvw==
expires
Sat, 20 Aug 2022 04:28:47 GMT
fb-login-icon.81b66b3b.svg
dlive.tv/img/
819 B
1 KB
Image
General
Full URL
https://dlive.tv/img/fb-login-icon.81b66b3b.svg
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
80120183da3d98e2d1743b762768c95f0ef331b0eafa260b2dac5f17a1e80a8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 16:26:26 GMT
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
last-modified
Fri, 01 Jul 2022 08:19:10 GMT
server
istio-envoy
age
2125564
etag
"62beadfe-333"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
0
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
819
x-amz-cf-id
n5_HHwiNk2QytVBwPOVyd1u0DgdOA-tJl2RPd12NDiqzKVr9raYdVw==
expires
Tue, 02 Aug 2022 16:26:26 GMT
twitch-login-icon.e16cdd3a.svg
dlive.tv/img/
941 B
1 KB
Image
General
Full URL
https://dlive.tv/img/twitch-login-icon.e16cdd3a.svg
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
984dfdc51aca8f0f28efe79b3a445c8d810fa09494b9b5b1adf7b3ace9ecd78b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 09 Jul 2022 07:01:32 GMT
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
last-modified
Fri, 01 Jul 2022 08:19:10 GMT
server
istio-envoy
age
1641058
etag
"62beadfe-3ad"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
0
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
941
x-amz-cf-id
mDzk1CYIUh7nUOnbZX_xcu3O3CbuEpFvHXqDSs59Q7eHXjAOFdy5eQ==
expires
Mon, 08 Aug 2022 07:01:32 GMT
yt-login-icon.33e7e480.svg
dlive.tv/img/
1 KB
1 KB
Image
General
Full URL
https://dlive.tv/img/yt-login-icon.33e7e480.svg
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
3c87c809e60f7bf196887bfbc7c644df6ac4ea6ab8c2157121024c220feec807

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 09 Jul 2022 07:01:32 GMT
content-encoding
gzip
last-modified
Fri, 01 Jul 2022 08:19:10 GMT
server
istio-envoy
age
1641058
etag
W/"62beadfe-4da"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
0
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
WOWLiPYZPdydd12A81VWYvngyOfopliAdAyuNt-PFNTIQYROyL665A==
expires
Mon, 08 Aug 2022 07:01:32 GMT
loudspeaker.22b02d4f.png
dlive.tv/img/
12 KB
13 KB
Image
General
Full URL
https://dlive.tv/img/loudspeaker.22b02d4f.png
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
965594e7a0ad13cc9f91f30fe0f4803f4a4420c2b212cecc769616f7106c50ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 02:54:45 GMT
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
last-modified
Fri, 01 Jul 2022 08:19:09 GMT
server
istio-envoy
age
2174265
etag
"62beadfd-3158"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
0
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
12632
x-amz-cf-id
TCyJyAWbcIDET0LbTmmrTiYjG02mGxJ1s1BqM5MnJZnNjQ0adI0MvQ==
expires
Tue, 02 Aug 2022 02:54:45 GMT
welcome.edd76a9e.svg
dlive.tv/img/
432 KB
328 KB
Image
General
Full URL
https://dlive.tv/img/welcome.edd76a9e.svg
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
43d3e2450f905c2218345fd8633cf4095ad4df8f144b36a24c29ad1c31d575a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 06:35:21 GMT
content-encoding
gzip
last-modified
Tue, 12 Jul 2022 07:38:23 GMT
server
istio-envoy
age
605829
etag
W/"62cd24ef-6bf49"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
0
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
6R3veCGEdvN1tcHSWuzZay6SBGJtAtZnYXV8MEObT-ah1oK2QD7UFg==
expires
Sat, 20 Aug 2022 06:35:21 GMT
dlive-icon.5c94c4d7.svg
dlive.tv/img/
2 KB
1 KB
Image
General
Full URL
https://dlive.tv/img/dlive-icon.5c94c4d7.svg
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
bfa3757b0b12ce7467cab7ac1006cb331839b07ac6148dbaafaa8ab36181736a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 04:43:07 GMT
content-encoding
gzip
last-modified
Mon, 27 Jun 2022 10:58:11 GMT
server
istio-envoy
age
2340562
etag
W/"62b98d43-731"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
0
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
HHHKi2lTkzWe4ik-gzDRZAfFzdNLq2uEKKf_ZgRIuvMMrMRbJ0U7kw==
expires
Sun, 31 Jul 2022 04:43:07 GMT
fanbase-dialog-close.3c6dc41d.svg
dlive.tv/img/
633 B
1 KB
Image
General
Full URL
https://dlive.tv/img/fanbase-dialog-close.3c6dc41d.svg
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
f6877f65f9fc453c8cf04a967c2d1c17fd84cb17bca2ea28c98005129348b81c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 10:39:57 GMT
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
last-modified
Fri, 01 Jul 2022 08:19:10 GMT
server
istio-envoy
age
2232753
etag
"62beadfe-279"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
0
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
633
x-amz-cf-id
krqOzr_QijtHdL9_XOfb2fkW5rqQ8knlSK1xZunGeAfwte0DxNzAJw==
expires
Mon, 01 Aug 2022 10:39:57 GMT
/
www.facebook.com/tr/
44 B
410 B
Image
General
Full URL
https://www.facebook.com/tr/?id=322689908341012&ev=PageView&dl=https%3A%2F%2Fdlive.tv%2FJohnDukeofLancaster%3Fref%3Djohndukeoflancaster%25F0%259F%2593%258C%25F0%259F%2591%2589%2520%2520Pe&rl=&if=false&ts=1658991156216&sw=1600&sh=1200&v=2.9.68&r=stable&ec=0&o=30&fbp=fb.1.1658991156214.71760207&it=1658991155087&coo=false&rqm=GET
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 06:52:30 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Thu, 28 Jul 2022 06:52:30 GMT
/
www.google.com/pagead/1p-user-list/801119647/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/801119647/?random=1658991156058&cv=9&fst=1658988000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7p0&sendb=1&data=event%3Dtv_watch_page&frm=0&url=https%3A%2F%2Fdlive.tv%2FJohnDukeofLancaster%3Fref%3Djohndukeoflancaster%25F0%259F%2593%258C%25F0%259F%2591%2589%2520%2520Pe&tiba=JohnDukeofLancaster%20%C2%B7%20DLive&async=1&fmt=3&is_vtc=1&random=103046049&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 06:52:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/801119647/
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/801119647/?random=1658991156058&cv=9&fst=1658988000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7p0&sendb=1&data=event%3Dtv_watch_page&frm=0&url=https%3A%2F%2Fdlive.tv%2FJohnDukeofLancaster%3Fref%3Djohndukeoflancaster%25F0%259F%2593%258C%25F0%259F%2591%2589%2520%2520Pe&tiba=JohnDukeofLancaster%20%C2%B7%20DLive&async=1&fmt=3&is_vtc=1&random=103046049&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 06:52:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207200101/
341 KB
120 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3180252887358576&plah=dlive.tv
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1ad19cb478e2a59667da1edac49673323c6d72f9ba4e05f0a85077aa8f81531b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 06:52:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123164
x-xss-protection
0
server
cafe
etag
9720841102564527672
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 28 Jul 2022 06:52:30 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220726/r20190131/ Frame CDC5
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220726/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dlive.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5750
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 28 Jul 2022 05:16:40 GMT
etag
8616628553774171045
expires
Thu, 11 Aug 2022 05:16:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
styles__ltr.css
www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/ Frame 4461
51 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf5BmkUAAAAAKYk6gV1OzK05pOv99MOQoXSIrgj&co=aHR0cHM6Ly9kbGl2ZS50djo0NDM.&hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=invisible&cb=ljv6mtholdp1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 06:48:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
245
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 04:01:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 28 Jul 2023 06:48:25 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/ Frame 4461
365 KB
145 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf5BmkUAAAAAKYk6gV1OzK05pOv99MOQoXSIrgj&co=aHR0cHM6Ly9kbGl2ZS50djo0NDM.&hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=invisible&cb=ljv6mtholdp1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64d2c94f105aa89f733e51b81c045de674b47325ef4f04526ec9bb632c44fd91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 06:48:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
240
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
147954
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 04:01:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 28 Jul 2023 06:48:30 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/ Frame E1D5
51 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf5BmkUAAAAAKYk6gV1OzK05pOv99MOQoXSIrgj&co=aHR0cHM6Ly9kbGl2ZS50djo0NDM.&hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=invisible&cb=xxita58r164g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 06:48:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
245
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 04:01:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 28 Jul 2023 06:48:25 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/ Frame E1D5
365 KB
145 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf5BmkUAAAAAKYk6gV1OzK05pOv99MOQoXSIrgj&co=aHR0cHM6Ly9kbGl2ZS50djo0NDM.&hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=invisible&cb=xxita58r164g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64d2c94f105aa89f733e51b81c045de674b47325ef4f04526ec9bb632c44fd91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 06:48:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
240
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
147954
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 04:01:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 28 Jul 2023 06:48:30 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame E1D5
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 26 Jul 2022 18:59:48 GMT
x-content-type-options
nosniff
age
129162
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 02 Aug 2022 18:59:48 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E1D5
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf5BmkUAAAAAKYk6gV1OzK05pOv99MOQoXSIrgj&co=aHR0cHM6Ly9kbGl2ZS50djo0NDM.&hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=invisible&cb=xxita58r164g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 26 Jul 2022 11:18:05 GMT
x-content-type-options
nosniff
age
156865
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 26 Jul 2023 11:18:05 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E1D5
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf5BmkUAAAAAKYk6gV1OzK05pOv99MOQoXSIrgj&co=aHR0cHM6Ly9kbGl2ZS50djo0NDM.&hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=invisible&cb=xxita58r164g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 26 Jul 2022 18:59:48 GMT
x-content-type-options
nosniff
age
129162
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 26 Jul 2023 18:59:48 GMT
cookie.js
partner.googleadservices.com/gampad/
212 B
640 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=dlive.tv&callback=_gfp_s_&client=ca-pub-3180252887358576
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3180252887358576&plah=dlive.tv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6bae33bfd98d7c0667c2940e469cf2f4630323b12e3b1709c11893f5753ea6dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 06:52:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
195
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=dlive.tv
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3180252887358576&plah=dlive.tv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 28 Jul 2022 06:52:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=dlive.tv
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3180252887358576&plah=dlive.tv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 28 Jul 2022 06:52:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 34D5
26 KB
11 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3180252887358576&output=html&h=256&slotname=5715510314&adk=3835943102&adf=2777427726&pi=t.ma~as.5715510314&w=128&lmt=1658991156&rafmt=12&psa=0&format=128x256&url=https%3A%2F%2Fdlive.tv%2FJohnDukeofLancaster%3Fref%3Djohndukeoflancaster%25F0%259F%2593%258C%25F0%259F%2591%2589%2520%2520Pe&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658991156327&bpp=3&bdt=1488&idt=339&shv=r20220726&mjsv=m202207200101&ptt=9&saldr=aa&abxe=1&correlator=2280627204853&frm=20&pv=2&ga_vid=536569996.1658991155&ga_sid=1658991157&ga_hid=199643736&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=60&ady=432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C21066429%2C31060047%2C31067825&oid=2&pvsid=3450251239526917&tmod=1778090356&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nmroB0ocZr&p=https%3A//dlive.tv&dtd=356
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3180252887358576&plah=dlive.tv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87282a0cd434aa5e9bc6fed44cf0c425d22033fa6de15415b5bca9c30c273a72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dlive.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
11680
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 28 Jul 2022 06:52:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
graphigo.prd.dlive.tv/
27 KB
27 KB
Fetch
General
Full URL
https://graphigo.prd.dlive.tv/
Requested by
Host: dlive.tv
URL: https://dlive.tv/js/chunk-vendors.02ca80b7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.191.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-191-36.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
51c67cffce9721211b7791e56da33552e97e79403e0bdab0790d50f89fe25e51

Request headers

fingerprint
8c5f260ea9123b0009dbac77d6bcc3ab
accept-language
de-DE,de;q=0.9
gacid
536569996.1658991155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
x-dlive-mversion
302b3406bfae84e66f4716c75e6c66122f4c7738
accept
*/*
x-dlive-mtype
web
Referer
https://dlive.tv/
content-type
application/json
x-dlive-mid
8c5f260ea9123b0009dbac77d6bcc3ab

Response headers

access-control-allow-origin
https://dlive.tv
date
Thu, 28 Jul 2022 06:52:31 GMT
access-control-allow-credentials
true
x-envoy-upstream-service-time
10
vary
Origin
server
istio-envoy
content-type
application/json
/
graphigo.prd.dlive.tv/ Frame
0
0
Preflight
General
Full URL
https://graphigo.prd.dlive.tv/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.191.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-191-36.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,fingerprint,gacid,x-dlive-mid,x-dlive-mtype,x-dlive-mversion
Access-Control-Request-Method
POST
Origin
https://dlive.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Fingerprint, Gacid, X-Dlive-Mid, X-Dlive-Mtype, X-Dlive-Mversion
access-control-allow-methods
POST
access-control-allow-origin
https://dlive.tv
access-control-max-age
86400
content-length
0
date
Thu, 28 Jul 2022 06:52:31 GMT
server
istio-envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
0
webworker.js
www.google.com/recaptcha/api2/ Frame 4461
102 B
134 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf5BmkUAAAAAKYk6gV1OzK05pOv99MOQoXSIrgj&co=aHR0cHM6Ly9kbGl2ZS50djo0NDM.&hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=invisible&cb=ljv6mtholdp1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
613e7703528887ec639fbe5165b22ce6f72768a423ecd698f05e3ece6ce90ff4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf5BmkUAAAAAKYk6gV1OzK05pOv99MOQoXSIrgj&co=aHR0cHM6Ly9kbGl2ZS50djo0NDM.&hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=invisible&cb=ljv6mtholdp1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 06:52:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Thu, 28 Jul 2022 06:52:30 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame E1D5
102 B
134 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf5BmkUAAAAAKYk6gV1OzK05pOv99MOQoXSIrgj&co=aHR0cHM6Ly9kbGl2ZS50djo0NDM.&hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=invisible&cb=xxita58r164g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
613e7703528887ec639fbe5165b22ce6f72768a423ecd698f05e3ece6ce90ff4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf5BmkUAAAAAKYk6gV1OzK05pOv99MOQoXSIrgj&co=aHR0cHM6Ly9kbGl2ZS50djo0NDM.&hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=invisible&cb=xxita58r164g
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 06:52:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Thu, 28 Jul 2022 06:52:30 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fdlive.tv%2FJohnDukeofLancaster%3Fref%3Djohndukeoflancaster%25F0%259F%2593%258C%25F0%259F%2591%2589%2520%2520Pe&tn=DIV&cls=v-overlay%20v-overlay--active&ign=false&pw=1600&ph=1200&x=0&y=1060.8
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 06:52:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fdlive.tv%2FJohnDukeofLancaster%3Fref%3Djohndukeoflancaster%25F0%259F%2593%258C%25F0%259F%2591%2589%2520%2520Pe&tn=DIV&cls=v-overlay%20v-overlay--active&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 06:52:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 23BF
837 B
386 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3180252887358576&output=html&adk=1812271804&adf=3025194257&lmt=1658991156&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fdlive.tv%2FJohnDukeofLancaster%3Fref%3Djohndukeoflancaster%25F0%259F%2593%258C%25F0%259F%2591%2589%2520%2520Pe&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658991156344&bpp=2&bdt=1504&idt=407&shv=r20220726&mjsv=m202207200101&ptt=9&saldr=aa&abxe=1&prev_fmts=128x256&nras=1&correlator=2280627204853&frm=20&pv=1&ga_vid=536569996.1658991155&ga_sid=1658991157&ga_hid=199643736&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C21066429%2C31060047%2C31067825&oid=2&pvsid=3450251239526917&tmod=1778090356&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=414
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3180252887358576&plah=dlive.tv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eaff9867c0a50f7650f9756485a60565818b652fe116d75daae86b415a4011cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dlive.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
366
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 28 Jul 2022 06:52:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.facebook.com/tr/
44 B
91 B
Image
General
Full URL
https://www.facebook.com/tr/?id=322689908341012&ev=Microdata&dl=https%3A%2F%2Fdlive.tv%2FJohnDukeofLancaster%3Fref%3Djohndukeoflancaster%25F0%259F%2593%258C%25F0%259F%2591%2589%2520%2520Pe&rl=&if=false&ts=1658991156791&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22JohnDukeofLancaster%20%C2%B7%20DLive%22%2C%22meta%3Adescription%22%3A%222.14K%20Followers%20-%20Watch%20JohnDukeofLancaster%20stream%20live%20on%20DLive.tv!%20Join%20DLive%2C%20a%20rewarding%20live%20streaming%20community%20on%20blockchain.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22JohnDukeofLancaster%20%C2%B7%20DLive%22%2C%22og%3Asite_name%22%3A%22DLive%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fdlive.tv%2FJohnDukeofLancaster%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fimages.prd.dlivecdn.com%2Favatar%2Fffac4d6c-75da-11ea-a0f2-e2443572cd01%22%2C%22og%3Aimage%3Awidth%22%3A%22128%22%2C%22og%3Aimage%3Aheight%22%3A%22128%22%2C%22og%3Adescription%22%3A%222.14K%20Followers%20-%20Watch%20JohnDukeofLancaster%20stream%20live%20on%20DLive.tv!%20Join%20DLive%2C%20a%20rewarding%20live%20streaming%20community%20on%20blockchain.%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40graph%22%3A%7B%22sameAs%22%3A%5B%22https%3A%2F%2Fwww.facebook.com%2FOfficialDLive%22%2C%22https%3A%2F%2Fwww.youtube.com%2Fdliveyt%22%2C%22https%3A%2F%2Fwww.instagram.com%2Fdlive.tv%22%2C%22https%3A%2F%2Ftwitter.com%2Fofficialdlive%22%5D%2C%22%40type%22%3A%22Organization%22%2C%22%40id%22%3A%22https%3A%2F%2Fdlive.tv%22%2C%22name%22%3A%22DLive%22%2C%22url%22%3A%22https%3A%2F%2Fdlive.tv%22%7D%7D%5D%5D&sw=1600&sh=1200&v=2.9.68&r=stable&ec=1&o=30&fbp=fb.1.1658991156214.71760207&it=1658991155087&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 06:52:31 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Thu, 28 Jul 2022 06:52:31 GMT
bframe
www.google.com/recaptcha/api2/ Frame 17A5
7 KB
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&k=6Lf5BmkUAAAAAKYk6gV1OzK05pOv99MOQoXSIrgj
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d7cef1aa5757ca08b140bc78f0cb52f57d00f50e4c9b673e155a7937b432325f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6wYY9kY7kgIMrl48UDlsig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dlive.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1114
content-security-policy
script-src 'report-sample' 'nonce-6wYY9kY7kgIMrl48UDlsig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 28 Jul 2022 06:52:31 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
bframe
www.google.com/recaptcha/api2/ Frame C1AE
7 KB
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&k=6Lf5BmkUAAAAAKYk6gV1OzK05pOv99MOQoXSIrgj
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d2d400314f9f432b5ef84f572a0e757355775fa4f7c9ef5b4485282c04dc825a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nWRMUtnF7mEwTDYL8C9x8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dlive.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1114
content-security-policy
script-src 'report-sample' 'nonce-nWRMUtnF7mEwTDYL8C9x8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 28 Jul 2022 06:52:31 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220726/r20110914/client/ Frame 34D5
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220726/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3180252887358576&output=html&h=256&slotname=5715510314&adk=3835943102&adf=2777427726&pi=t.ma~as.5715510314&w=128&lmt=1658991156&rafmt=12&psa=0&format=128x256&url=https%3A%2F%2Fdlive.tv%2FJohnDukeofLancaster%3Fref%3Djohndukeoflancaster%25F0%259F%2593%258C%25F0%259F%2591%2589%2520%2520Pe&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658991156327&bpp=3&bdt=1488&idt=339&shv=r20220726&mjsv=m202207200101&ptt=9&saldr=aa&abxe=1&correlator=2280627204853&frm=20&pv=2&ga_vid=536569996.1658991155&ga_sid=1658991157&ga_hid=199643736&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=60&ady=432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C21066429%2C31060047%2C31067825&oid=2&pvsid=3450251239526917&tmod=1778090356&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nmroB0ocZr&p=https%3A//dlive.tv&dtd=356
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 06:31:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1281
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 Aug 2022 06:31:10 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220726/r20110914/client/ Frame 34D5
17 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220726/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3180252887358576&output=html&h=256&slotname=5715510314&adk=3835943102&adf=2777427726&pi=t.ma~as.5715510314&w=128&lmt=1658991156&rafmt=12&psa=0&format=128x256&url=https%3A%2F%2Fdlive.tv%2FJohnDukeofLancaster%3Fref%3Djohndukeoflancaster%25F0%259F%2593%258C%25F0%259F%2591%2589%2520%2520Pe&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658991156327&bpp=3&bdt=1488&idt=339&shv=r20220726&mjsv=m202207200101&ptt=9&saldr=aa&abxe=1&correlator=2280627204853&frm=20&pv=2&ga_vid=536569996.1658991155&ga_sid=1658991157&ga_hid=199643736&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=60&ady=432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C21066429%2C31060047%2C31067825&oid=2&pvsid=3450251239526917&tmod=1778090356&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nmroB0ocZr&p=https%3A//dlive.tv&dtd=356
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b13b8f89a79c883eb205b34adf7ea6afad13e4e7834f0487a3e9335dcaf09d24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 06:01:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3079
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7476
x-xss-protection
0
server
cafe
etag
17790590548613106194
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 Aug 2022 06:01:12 GMT
l
www.google.com/ads/measurement/ Frame 34D5
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRbV_fVnZDPVT6mGqgVSjjXDunyT3Ci3beFlR-Uc_ZZejkNYoxhOZgUQLG1xRe69FMPWVxwXGY5X4IeXRbk9M3jskck9g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3180252887358576&output=html&h=256&slotname=5715510314&adk=3835943102&adf=2777427726&pi=t.ma~as.5715510314&w=128&lmt=1658991156&rafmt=12&psa=0&format=128x256&url=https%3A%2F%2Fdlive.tv%2FJohnDukeofLancaster%3Fref%3Djohndukeoflancaster%25F0%259F%2593%258C%25F0%259F%2591%2589%2520%2520Pe&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658991156327&bpp=3&bdt=1488&idt=339&shv=r20220726&mjsv=m202207200101&ptt=9&saldr=aa&abxe=1&correlator=2280627204853&frm=20&pv=2&ga_vid=536569996.1658991155&ga_sid=1658991157&ga_hid=199643736&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=60&ady=432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C21066429%2C31060047%2C31067825&oid=2&pvsid=3450251239526917&tmod=1778090356&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nmroB0ocZr&p=https%3A//dlive.tv&dtd=356
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 34D5
138 KB
43 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3180252887358576&output=html&h=256&slotname=5715510314&adk=3835943102&adf=2777427726&pi=t.ma~as.5715510314&w=128&lmt=1658991156&rafmt=12&psa=0&format=128x256&url=https%3A%2F%2Fdlive.tv%2FJohnDukeofLancaster%3Fref%3Djohndukeoflancaster%25F0%259F%2593%258C%25F0%259F%2591%2589%2520%2520Pe&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658991156327&bpp=3&bdt=1488&idt=339&shv=r20220726&mjsv=m202207200101&ptt=9&saldr=aa&abxe=1&correlator=2280627204853&frm=20&pv=2&ga_vid=536569996.1658991155&ga_sid=1658991157&ga_hid=199643736&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=60&ady=432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C21066429%2C31060047%2C31067825&oid=2&pvsid=3450251239526917&tmod=1778090356&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nmroB0ocZr&p=https%3A//dlive.tv&dtd=356
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5ce8ecc153c4e51d77a8480af2c1ceeb0c94a94f30b78d23151cacef80e6e32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 06:52:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43394
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1658749242091060"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 28 Jul 2022 06:52:31 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 34D5
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C4ypZLjLiYsf-N_SqrATvyohQyZ7SsVyl_JP3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTgwMjUyODg3MzU4NTc2oAHVttLqA8gBCakCTWgFD6IgsT6oAwGqBP0BT9Dwfy4t0BY9LnSHN5w53Y7cbj8e_v6zdWXLYnuE-njVq3bzcgP6Q9brFfWnVL34yikMoHTjan1W3u-pK2rQMYiePgmZUAFSaAJhPVMNQt7AvkVA7e2qSDwOYlpKxWLuXqxs8wo_b42xlTQldj5XJeQM0Gjhgnn7PLCNsdA9hzx4K1dKIOEY1sKBILi1VNAzj6-jUcgbE7shsDOyBwi0pnJ246BATcYFQvlXmomKjUgl0KfwMPioMvZ3t2nEV51t1-w2osLjjFfP6jsEbdiZ6ChNrWFGuJwwTVvI99iat9TABgejUxURlES1VTF6jW-72HMoBHKwEvYX0XXhYoAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0zMTgwMjUyODg3MzU4NTc2GAA&sigh=OJgjxJt9620&uach_m=[UACH]&cid=CAQSKQCNIrLMaIe-uTqgGJUZAt7tK_jA8KKm6BErwTh21CXUTGgvwUOEyOhNGAE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3180252887358576&output=html&h=256&slotname=5715510314&adk=3835943102&adf=2777427726&pi=t.ma~as.5715510314&w=128&lmt=1658991156&rafmt=12&psa=0&format=128x256&url=https%3A%2F%2Fdlive.tv%2FJohnDukeofLancaster%3Fref%3Djohndukeoflancaster%25F0%259F%2593%258C%25F0%259F%2591%2589%2520%2520Pe&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658991156327&bpp=3&bdt=1488&idt=339&shv=r20220726&mjsv=m202207200101&ptt=9&saldr=aa&abxe=1&correlator=2280627204853&frm=20&pv=2&ga_vid=536569996.1658991155&ga_sid=1658991157&ga_hid=199643736&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=60&ady=432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C21066429%2C31060047%2C31067825&oid=2&pvsid=3450251239526917&tmod=1778090356&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nmroB0ocZr&p=https%3A//dlive.tv&dtd=356
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3180252887358576&output=html&h=256&slotname=5715510314&adk=3835943102&adf=2777427726&pi=t.ma~as.5715510314&w=128&lmt=1658991156&rafmt=12&psa=0&format=128x256&url=https%3A%2F%2Fdlive.tv%2FJohnDukeofLancaster%3Fref%3Djohndukeoflancaster%25F0%259F%2593%258C%25F0%259F%2591%2589%2520%2520Pe&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658991156327&bpp=3&bdt=1488&idt=339&shv=r20220726&mjsv=m202207200101&ptt=9&saldr=aa&abxe=1&correlator=2280627204853&frm=20&pv=2&ga_vid=536569996.1658991155&ga_sid=1658991157&ga_hid=199643736&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=60&ady=432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C21066429%2C31060047%2C31067825&oid=2&pvsid=3450251239526917&tmod=1778090356&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nmroB0ocZr&p=https%3A//dlive.tv&dtd=356
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 28 Jul 2022 06:52:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 34D5
0
0
Fetch
General
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kub8EMz6RIABgAKdg2ICAgAAAOk2WzdJnds7c5dZRhAuMuJikynJMu2lNPCXnhUAEgAA&wp=YuIyLgAN_0cKixV0AAIlb4s_6hSv9tu0bzNLWA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3180252887358576&output=html&h=256&slotname=5715510314&adk=3835943102&adf=2777427726&pi=t.ma~as.5715510314&w=128&lmt=1658991156&rafmt=12&psa=0&format=128x256&url=https%3A%2F%2Fdlive.tv%2FJohnDukeofLancaster%3Fref%3Djohndukeoflancaster%25F0%259F%2593%258C%25F0%259F%2591%2589%2520%2520Pe&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658991156327&bpp=3&bdt=1488&idt=339&shv=r20220726&mjsv=m202207200101&ptt=9&saldr=aa&abxe=1&correlator=2280627204853&frm=20&pv=2&ga_vid=536569996.1658991155&ga_sid=1658991157&ga_hid=199643736&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=60&ady=432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C21066429%2C31060047%2C31067825&oid=2&pvsid=3450251239526917&tmod=1778090356&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nmroB0ocZr&p=https%3A//dlive.tv&dtd=356
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 06:52:30 GMT
server
Kestrel
server-processing-duration-in-ticks
178706
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame DDD6
160 KB
52 KB
Document
General
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YuIyLgAN_0cKixV0AAIlb4s_6hSv9tu0bzNLWA&u=%7CxSHFEmyFXVAsYaEvjRC7h7TqxZ4zM5RNGJIhyLWRj7M%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zrKB14s976jz4tkhQfDtJjnQxzPTFB2tPTvLmz1CmX5G7-cQ9U0CQ-w-eR99IocmghrWzT-ARDQsc9W-pOMOvSU3rJmxcV_SYROy5sQby3IzLHP9qx-k4a00eQ-_4TVTDbZ9J8ym5Sm5rCpGuSJbS8wXTM5UhFVanvGPMyM93lPo0TSX8e_Pbg9qOzz86lra0DXL9SjEoIgbTATR-6YYKDY7UsfNC3cpCkrUNCVYdX6YwUi28YzQ3br-0ffWb9u5PqzWU7aNhOjI9s8_SRP2uVqf8fOEx9u4Tlhe29Keko0UBblGhfCjHu-VxYXuHqN8bOf_OI8HUao3qrmlUsn03PLjD2qjIH1AyxWUPoxlndIVxl1g33iFLQ54dk7GvJo9OE9HvBFU5QHlskHLKO-aFxA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYBBJLjLiYsf-N_SqrATvyohQyZ7SsVyl_JP3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTgwMjUyODg3MzU4NTc2oAHVttLqA8gBCakCTWgFD6IgsT6oAwGqBIACT9Dwfy4t0BY9LnSHN5w53Y7cbj8e_v6zdWXLYnuE-njVq3bzcgP6Q9brFfWnVL34yikMoHTjan1W3u-pK2rQMYiePgmZUAFSaAJhPVMNQt7AvkVA7e2qSDwOYlpKxWLuXqxs8wo_b42xlTQldj5XJeQM0Gjhgnn7PLCNsdA9hzx4K1dKIOEY1sKBILi1VNAzj6-jUcgbE7shsDOyBwi0pnJ246BATcYFQvlXmomKjUgl0KfwMPioMvZ3t2nEV51t1-w2osLjjFfP6jsEbdiZ6ChNrWFGuJxyT3pacFcGpGtcEqRzbrPpnVC_4ztUle0PEE6O9s2uPu6Se_Hy3WHASoAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3_T4GETXZntLzgkconSctpKqqivA%26client%3Dca-pub-3180252887358576%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3180252887358576&output=html&h=256&slotname=5715510314&adk=3835943102&adf=2777427726&pi=t.ma~as.5715510314&w=128&lmt=1658991156&rafmt=12&psa=0&format=128x256&url=https%3A%2F%2Fdlive.tv%2FJohnDukeofLancaster%3Fref%3Djohndukeoflancaster%25F0%259F%2593%258C%25F0%259F%2591%2589%2520%2520Pe&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658991156327&bpp=3&bdt=1488&idt=339&shv=r20220726&mjsv=m202207200101&ptt=9&saldr=aa&abxe=1&correlator=2280627204853&frm=20&pv=2&ga_vid=536569996.1658991155&ga_sid=1658991157&ga_hid=199643736&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=60&ady=432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C21066429%2C31060047%2C31067825&oid=2&pvsid=3450251239526917&tmod=1778090356&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nmroB0ocZr&p=https%3A//dlive.tv&dtd=356
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
9b7f1a9cefd53b91c9855c8bf3e0246197d9938c3fb9c605b9d436aec8860433
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 28 Jul 2022 06:52:30 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=i48gl9YgHm1q9XK-uPocXaKN2gGGXFXHnsEZyP8GEicz2eABzh027ULZXuFsG1M7njLK98cJW7aMA4CWfGywIOG4rzxJPbjcWPP1zbuOGrxTKF3x9-fKdIfc0W-6oSjIPoWlnX52nwXF6wenRM-bNXB5fUb8gVo1ha0b3hSNaE0UG5a3NPtaoTQZjzIxKMIuSs5JZAhYVaIL_H9zrZFZ17r9fKD1zCd7jUT3VEjkQebyOwDs6-dengSUGQB9QYA3gp1_4Q"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
101372902
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame EF29
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3180252887358576&output=html&h=256&slotname=5715510314&adk=3835943102&adf=2777427726&pi=t.ma~as.5715510314&w=128&lmt=1658991156&rafmt=12&psa=0&format=128x256&url=https%3A%2F%2Fdlive.tv%2FJohnDukeofLancaster%3Fref%3Djohndukeoflancaster%25F0%259F%2593%258C%25F0%259F%2591%2589%2520%2520Pe&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658991156327&bpp=3&bdt=1488&idt=339&shv=r20220726&mjsv=m202207200101&ptt=9&saldr=aa&abxe=1&correlator=2280627204853&frm=20&pv=2&ga_vid=536569996.1658991155&ga_sid=1658991157&ga_hid=199643736&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=60&ady=432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C21066429%2C31060047%2C31067825&oid=2&pvsid=3450251239526917&tmod=1778090356&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nmroB0ocZr&p=https%3A//dlive.tv&dtd=356
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
62280
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 27 Jul 2022 13:34:31 GMT
etag
48472445140208031
expires
Thu, 28 Jul 2022 13:34:31 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
styles__ltr.css
www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/ Frame 17A5
51 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&k=6Lf5BmkUAAAAAKYk6gV1OzK05pOv99MOQoXSIrgj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 06:48:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
246
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 04:01:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 28 Jul 2023 06:48:25 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/ Frame 17A5
365 KB
145 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&k=6Lf5BmkUAAAAAKYk6gV1OzK05pOv99MOQoXSIrgj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64d2c94f105aa89f733e51b81c045de674b47325ef4f04526ec9bb632c44fd91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 06:48:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
241
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
147954
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 04:01:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 28 Jul 2023 06:48:30 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/ Frame C1AE
51 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&k=6Lf5BmkUAAAAAKYk6gV1OzK05pOv99MOQoXSIrgj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 06:48:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
246
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 04:01:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 28 Jul 2023 06:48:25 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/ Frame C1AE
365 KB
145 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&k=6Lf5BmkUAAAAAKYk6gV1OzK05pOv99MOQoXSIrgj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64d2c94f105aa89f733e51b81c045de674b47325ef4f04526ec9bb632c44fd91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 06:48:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
241
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
147954
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 04:01:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 28 Jul 2023 06:48:30 GMT
change-menu-icon.90da8881.svg
dlive.tv/img/
417 B
818 B
Image
General
Full URL
https://dlive.tv/img/change-menu-icon.90da8881.svg
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
62dd546fc7355675c0f9795d5dd00ecf1ca7c01fd154009be7674a1be646159e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 04:56:07 GMT
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
last-modified
Fri, 01 Jul 2022 08:19:10 GMT
server
istio-envoy
age
2253384
etag
"62beadfe-1a1"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
0
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
417
x-amz-cf-id
XmJuI1KZKH_MLW8O74e7l_8LSxEUyDTOGRJlPDtu-bqrtXCA8AakeQ==
expires
Mon, 01 Aug 2022 04:56:07 GMT
crown-gold-icon.b05e3a73.svg
dlive.tv/img/
2 KB
1 KB
Image
General
Full URL
https://dlive.tv/img/crown-gold-icon.b05e3a73.svg
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
98df8a99289644025e27c571cfe215aa321319dc6dec429577f6ce6a75046645

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 26 Jul 2022 10:30:12 GMT
content-encoding
gzip
last-modified
Fri, 22 Jul 2022 08:31:35 GMT
server
istio-envoy
age
159739
etag
W/"62da6067-886"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
0
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
jlzlOCz-Gb-Wiv4TGaZ93s-ZNapcHJRn82aB163GeJXoKg2UUdsrDQ==
expires
Thu, 25 Aug 2022 10:30:12 GMT
defaultAvatar0.6022063c.png
dlive.tv/img/
14 KB
14 KB
Image
General
Full URL
https://dlive.tv/img/defaultAvatar0.6022063c.png
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
505a404677249615ccbb9ae231e01cb53065ccc0831c062898c3332ffae8ad48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 09:25:46 GMT
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
last-modified
Mon, 27 Jun 2022 10:58:11 GMT
server
istio-envoy
age
2496405
etag
"62b98d43-360c"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
0
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
13836
x-amz-cf-id
7RPiOD3CCwyA21FGDtnxJpjOc-gjVVEN-381dNF3IHqZxiES5iyeCg==
expires
Fri, 29 Jul 2022 09:25:46 GMT
default4.png
images-sihv2.prd.dlivecdn.com/fit-in/25x25/filters:quality(90)/avatar/
1 KB
2 KB
Image
General
Full URL
https://images-sihv2.prd.dlivecdn.com/fit-in/25x25/filters:quality(90)/avatar/default4.png
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
4f8575879a3acc0eb2133535d31e2042d91b760cfa660c1d91fc1d5c4140ce27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 10:22:31 GMT
via
1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
server
istio-envoy
age
2147400
etag
"66f7089659d7b31e197db37af83f5a02cb4c1249"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=2592000
x-envoy-upstream-service-time
59
x-amz-cf-pop
FRA2-C1
content-length
1478
x-amz-cf-id
cSJqlkXd-TusKRoboEQ0naPYO7x_oNu2CsZpl8pHQhrM1iuubQnC1w==
expires
Mon, 04 Jul 2022 10:22:31 GMT
1f98ee2c-72e6-11ec-9d17-72dc28a4c730
images-sihv2.prd.dlivecdn.com/fit-in/25x25/filters:quality(90)/avatar/
2 KB
2 KB
Image
General
Full URL
https://images-sihv2.prd.dlivecdn.com/fit-in/25x25/filters:quality(90)/avatar/1f98ee2c-72e6-11ec-9d17-72dc28a4c730
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
dcc29607c926fd6ef68c74c120990f9366d140b379c263201963dff2b363cd0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 17:28:29 GMT
via
1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
server
istio-envoy
age
2208242
etag
"7cbacb4f34017116d62ca7b4fdf365ecf8325ee7"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=2592000
x-envoy-upstream-service-time
23
x-amz-cf-pop
FRA2-C1
content-length
1740
x-amz-cf-id
tNvLGV9hxpj1ZQAPlmQx2FhKqFLIh-ST37W-vw4fIDDlAqr_rPnHQw==
expires
Sun, 03 Jul 2022 17:28:29 GMT
moderator-icon.ad4d0ed2.svg
dlive.tv/img/
3 KB
1 KB
Image
General
Full URL
https://dlive.tv/img/moderator-icon.ad4d0ed2.svg
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
73a2bd6033c03ae2c73803cd86040666cb5ebdcfc5b295c997301d4bcb812d45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 09 Jul 2022 00:59:16 GMT
content-encoding
gzip
last-modified
Fri, 01 Jul 2022 08:19:10 GMT
server
istio-envoy
age
1662795
etag
W/"62beadfe-ad6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
0
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
qQElAnmfTyDhUEurNvegFh-nuQ21A4kKcpONpJZIE69gE00VkWN3Pg==
expires
Mon, 08 Aug 2022 00:59:16 GMT
49aa50e2f00984a_500360
images.prd.dlivecdn.com/emote/
154 KB
154 KB
Image
General
Full URL
https://images.prd.dlivecdn.com/emote/49aa50e2f00984a_500360
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-7.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2a3ec55e837800d0d161244326feebfc8e64e5d40af3fd253a37bf9595ecd474

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 06:52:32 GMT
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
last-modified
Sun, 06 Dec 2020 16:49:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"f3d203c1a760139bd368f1c09a214cc7"
x-cache
RefreshHit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
157375
x-amz-cf-id
blgLYYZw4QZTPMiVfXaF99zz4aCbu4tV4Hcx5Qgp_kZKOlo8WISrFg==
ffac4d6c-75da-11ea-a0f2-e2443572cd01
images-sihv2.prd.dlivecdn.com/fit-in/25x25/filters:quality(90)/avatar/
987 B
1 KB
Image
General
Full URL
https://images-sihv2.prd.dlivecdn.com/fit-in/25x25/filters:quality(90)/avatar/ffac4d6c-75da-11ea-a0f2-e2443572cd01
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
c8d7725fb10ed8713d4151041984f1916eec80edc8ae9287561c75bb6ee72231

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 01:28:39 GMT
via
1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
server
istio-envoy
age
969832
etag
"07d8dbdf600f226a01ddd8733045889742cffb33"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=2592000
x-envoy-upstream-service-time
14
x-amz-cf-pop
FRA2-C1
content-length
987
x-amz-cf-id
TLIxpdaUvzXT6AMHmUYXCGY3WKJPQuq72n9lEQbx_6_iUax_gCYYow==
expires
Mon, 18 Jul 2022 01:28:39 GMT
streamer-icon.6a664131.svg
dlive.tv/img/
2 KB
1 KB
Image
General
Full URL
https://dlive.tv/img/streamer-icon.6a664131.svg
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
8507c101497074eec0941fda0097850c4bf4b7fbce5d58364170285dc3a56923

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 08:36:20 GMT
content-encoding
gzip
last-modified
Tue, 12 Jul 2022 07:38:23 GMT
server
istio-envoy
age
1116971
etag
W/"62cd24ef-83b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
0
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
gXOiAhPssA3PpDZZC4kz_1akQueR7tEqN4HvFI7piCkt6_jSrWQttw==
expires
Sun, 14 Aug 2022 08:36:20 GMT
valentineDay-badge.58305050.svg
dlive.tv/img/
18 KB
6 KB
Image
General
Full URL
https://dlive.tv/img/valentineDay-badge.58305050.svg
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
c10e4a00b58f25f24c8baa456c2ed0b9a4e78737673c5e712c7a65304631b259

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 12:30:35 GMT
content-encoding
gzip
last-modified
Tue, 12 Jul 2022 07:38:23 GMT
server
istio-envoy
age
1102916
etag
W/"62cd24ef-484c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
0
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
BJxuuf9-p9Afinbe-YvpDi0zb_OMyWYWOIDcZB1AITD-6EDmNKJGRw==
expires
Sun, 14 Aug 2022 12:30:35 GMT
christmas-badge.324eea8a.svg
dlive.tv/img/
5 KB
2 KB
Image
General
Full URL
https://dlive.tv/img/christmas-badge.324eea8a.svg
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
27f20787cb7785cbc1e1dd2ec277b354de99294cf7988a79c4684cdabaf4ab89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 13:51:24 GMT
content-encoding
gzip
last-modified
Sat, 09 Jul 2022 09:58:27 GMT
server
istio-envoy
age
1530067
etag
W/"62c95143-15f7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
0
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
hKbFHhIHZpKtXyCVWQHsH2d6bWjAVv8rxU6VNvuNWmCRBl9biJvwgw==
expires
Tue, 09 Aug 2022 13:51:24 GMT
ae1fe9a5-2d90-11ec-b61b-2a6b96e155b9
images-sihv2.prd.dlivecdn.com/fit-in/25x25/filters:quality(90)/avatar/
2 KB
2 KB
Image
General
Full URL
https://images-sihv2.prd.dlivecdn.com/fit-in/25x25/filters:quality(90)/avatar/ae1fe9a5-2d90-11ec-b61b-2a6b96e155b9
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
1defa6af79c0d214fdbe9efe83691891afbfc2ef2553a83f9658285238a3a45d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 13:50:02 GMT
via
1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
server
istio-envoy
age
1270949
etag
"6d29a7926bc7e2a012e59fb1766e405ff2912861"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=2592000
x-envoy-upstream-service-time
127
x-amz-cf-pop
FRA2-C1
content-length
1686
x-amz-cf-id
Gg9_NWPaQ6DKaXJ7Kvj9fsgEyVYPlgBz0VhOVBXAa9qI7OAmrDaxqg==
expires
Thu, 14 Jul 2022 13:50:02 GMT
santa-claus-badge.e2dbfc2a.svg
dlive.tv/img/
15 KB
6 KB
Image
General
Full URL
https://dlive.tv/img/santa-claus-badge.e2dbfc2a.svg
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
796790011787f11d22433f6df05b65f731db83b99adc17abc78a53439777cbb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 17:03:04 GMT
content-encoding
gzip
last-modified
Tue, 12 Jul 2022 07:38:23 GMT
server
istio-envoy
age
827367
etag
W/"62cd24ef-3d3c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
0
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
hnmd9bqrSRf9YPiFUleZIgKEWuAGQm3f3FB5wW7PYrg23MLwgJEycw==
expires
Wed, 17 Aug 2022 17:03:04 GMT
c30e12c3-038d-11ed-b56a-122eaad9f5c5
images-sihv2.prd.dlivecdn.com/fit-in/25x25/filters:quality(90)/avatar/
2 KB
2 KB
Image
General
Full URL
https://images-sihv2.prd.dlivecdn.com/fit-in/25x25/filters:quality(90)/avatar/c30e12c3-038d-11ed-b56a-122eaad9f5c5
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
70919733331eaa791af6cf21f105f1813986921e256ad2b27e305fafaa38f9f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 14 Jul 2022 16:49:38 GMT
via
1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
server
istio-envoy
age
1173773
etag
"f51c23a47d0e8676da8ee673e5ba2832eb027929"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=2592000
x-envoy-upstream-service-time
25
x-amz-cf-pop
FRA2-C1
content-length
1936
x-amz-cf-id
kDVknWV_R5c12tL-dqTKZz7eGrkHeLtZKrGhUkktM8U9tTL_36S1tA==
expires
Fri, 15 Jul 2022 16:49:38 GMT
REMOVE_DO_NOT_DELETE
images.prd.dlivecdn.com/effect/
3 KB
4 KB
Image
General
Full URL
https://images.prd.dlivecdn.com/effect/REMOVE_DO_NOT_DELETE
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-7.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9355d77f0bc5c3b82c87e7cf3b1aebffecb38a1bf4aad602b18730924e59f1c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 07:02:13 GMT
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
last-modified
Thu, 25 Nov 2021 11:13:26 GMT
server
AmazonS3
age
85819
etag
"debfc94c4a24e0203b400dd9380ae8a1"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
3332
x-amz-cf-id
2XJC0gBZUWdyoA_ptJziMSk67VuuMNd7_jTwCG8Ic_FcxCG8Fey8BQ==
default7.png
image.dlivecdn.com/avatar/
8 KB
8 KB
Image
General
Full URL
https://image.dlivecdn.com/avatar/default7.png
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
270e4e2979b35caab131d3cf34184e998daec34e9e9eabb1944bb802ad7fe199

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 06:52:31 GMT
via
1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
last-modified
Thu, 29 Nov 2018 02:47:57 GMT
server
AmazonS3
age
11773
etag
"716d4c06045c9269720af206223465d6"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
7912
x-amz-cf-id
jI7L8B4ozanpXZQ74IsQig739ZLcEKIrftg2QbXDpE_YtxbPrZFE1Q==
/
graphigo.prd.dlive.tv/ Frame
0
0
Preflight
General
Full URL
https://graphigo.prd.dlive.tv/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.191.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-191-36.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,fingerprint,gacid,x-dlive-mid,x-dlive-mtype,x-dlive-mversion
Access-Control-Request-Method
POST
Origin
https://dlive.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Fingerprint, Gacid, X-Dlive-Mid, X-Dlive-Mtype, X-Dlive-Mversion
access-control-allow-methods
POST
access-control-allow-origin
https://dlive.tv
access-control-max-age
86400
content-length
0
date
Thu, 28 Jul 2022 06:52:31 GMT
server
istio-envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
0
DLiveThumbup
images.prd.dlivecdn.com/emoji/
9 KB
9 KB
Image
General
Full URL
https://images.prd.dlivecdn.com/emoji/DLiveThumbup
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-7.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1a3c2c834455b520a9428873c3094f316d977cf34c851bb646997cdf5291c855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 08:07:26 GMT
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
last-modified
Tue, 25 Aug 2020 08:12:37 GMT
server
AmazonS3
age
81905
etag
"8e0af3605cdbaac0276c04348095744a"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
8726
x-amz-cf-id
Mmt9fc9x3aoA_Dp3587tcYi8h1hx-wBlUGXqNL7UX39384FWmOIIjA==
default9.png
image.dlivecdn.com/avatar/
9 KB
9 KB
Image
General
Full URL
https://image.dlivecdn.com/avatar/default9.png
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5687f6efa5ec7a7260d86a3759ddb7637221022e0dbe8bdfe62b09fbf2eb83f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 06:21:37 GMT
via
1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
last-modified
Thu, 29 Nov 2018 02:48:00 GMT
server
AmazonS3
age
2246
etag
"d03bcb8e12006d7c57ed8fc90b7dda5d"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
9250
x-amz-cf-id
w1sxVZp9JtlfIS8zGbx5qFliK1pro0f6DGskh-nvjHTWJ4iqc_Kz8g==
24c44415-c0a5-11ec-ac9a-96dc419bcc1b
images-sihv2.prd.dlivecdn.com/fit-in/25x25/filters:quality(90)/avatar/
1 KB
2 KB
Image
General
Full URL
https://images-sihv2.prd.dlivecdn.com/fit-in/25x25/filters:quality(90)/avatar/24c44415-c0a5-11ec-ac9a-96dc419bcc1b
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
8f07e91bcdb7d78af76dfd2a22f7e0069319dd639acffcf6c81e64b584682ff8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 14 Jul 2022 11:20:15 GMT
via
1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
server
istio-envoy
age
1193536
etag
"1ff179452d54a97d7f09518289722ecb14c2e1a1"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=2592000
x-envoy-upstream-service-time
83
x-amz-cf-pop
FRA2-C1
content-length
1294
x-amz-cf-id
fAKIG4U1HctwtBBmIARs76k41dsYfUGZgRl_I5-XHLgFDMSui6X4aw==
expires
Fri, 15 Jul 2022 11:20:15 GMT
a4ee21e2-c852-11ec-ac9a-96dc419bcc1b
images-sihv2.prd.dlivecdn.com/fit-in/25x25/filters:quality(90)/avatar/
2 KB
2 KB
Image
General
Full URL
https://images-sihv2.prd.dlivecdn.com/fit-in/25x25/filters:quality(90)/avatar/a4ee21e2-c852-11ec-ac9a-96dc419bcc1b
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
3fc105e3ed8538af2d236793466a63e75558807dca6da3c6627d404c6a3cec47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 12:13:44 GMT
via
1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
server
istio-envoy
age
1967927
etag
"590b127e15dc25fcad1bb381b7205cda8a0af79b"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=2592000
x-envoy-upstream-service-time
138
x-amz-cf-pop
FRA2-C1
content-length
1755
x-amz-cf-id
27I163uHYqjsl-Y3jytRFfpsOU9AYlrmB2Gs5eQdPm5ZjNDTACm26A==
expires
Wed, 06 Jul 2022 12:13:44 GMT
400d04111008fe2_300225
images.prd.dlivecdn.com/emote/
401 KB
402 KB
Image
General
Full URL
https://images.prd.dlivecdn.com/emote/400d04111008fe2_300225
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-7.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b432e2d4627c71e58721ed69cd1daa7db68e03f9d24f682d1559ad1e3339ccb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 08:11:05 GMT
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
last-modified
Tue, 11 Feb 2020 23:46:14 GMT
server
AmazonS3
age
81687
etag
"80fe14896265818dac7a253fb59a1e8d"
x-cache
Hit from cloudfront
content-type
image/gif
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
410509
x-amz-cf-id
DsRvE9VBgiFh56ygS1EfAWd80G1uDJEZF_kzYbL5oJNa_07p9CR7vA==
3929a1e80005657_300171
images.prd.dlivecdn.com/emote/
267 KB
268 KB
Image
General
Full URL
https://images.prd.dlivecdn.com/emote/3929a1e80005657_300171
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-7.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6c38242b49d72a797b1e1b1ba17e0a63e1955058f92d920d1dc6a2f615325abc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:11:21 GMT
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
last-modified
Fri, 12 Jul 2019 23:32:38 GMT
server
AmazonS3
age
70870
etag
"234660ae966bbe3738654436d47775b0"
x-cache
Hit from cloudfront
content-type
image/gif
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
273462
x-amz-cf-id
bTR3VoJJIa_GTIfPLTWo2g6FXyFjmbuRs7ykZwKQaBo25BlHut4tpQ==
DLiveLOL
images.prd.dlivecdn.com/emoji/
11 KB
12 KB
Image
General
Full URL
https://images.prd.dlivecdn.com/emoji/DLiveLOL
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-7.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
05ddbeaac2fbb181473e0132c7284b023e75f1d327f2b52dc65b4a6c628f7501

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 06:43:18 GMT
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
last-modified
Wed, 29 Jul 2020 06:21:45 GMT
server
AmazonS3
age
1216
etag
"8f4c93715168986b9d5572566531e563"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
11551
x-amz-cf-id
4GDwgxURH76vJq2aJj26TjBreowqn1QIrrfDcRn-YTR577ZOn6AaYg==
default10.png
images-sihv2.prd.dlivecdn.com/fit-in/25x25/filters:quality(90)/avatar/
1 KB
2 KB
Image
General
Full URL
https://images-sihv2.prd.dlivecdn.com/fit-in/25x25/filters:quality(90)/avatar/default10.png
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
559d9c78f1d07a7572f30e8e0d8921de20784b36a5362956dc0d0fc564688207

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 05:35:05 GMT
via
1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
server
istio-envoy
age
2078246
etag
"9257e2353b07f017fbb9ca491fe7081cd3e812ea"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=2592000
x-envoy-upstream-service-time
79
x-amz-cf-pop
FRA2-C1
content-length
1413
x-amz-cf-id
pDIic3W-wBsoV5lv2pj_MkrX2a_2R8qbTRjA2eZSjY-koZ6JDNh8GA==
expires
Tue, 05 Jul 2022 05:35:04 GMT
b717482e-ad65-11e9-8ad3-5aaa5584096e
images-sihv2.prd.dlivecdn.com/fit-in/25x25/filters:quality(90)/avatar/
947 B
1 KB
Image
General
Full URL
https://images-sihv2.prd.dlivecdn.com/fit-in/25x25/filters:quality(90)/avatar/b717482e-ad65-11e9-8ad3-5aaa5584096e
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
f18f37f0de4c81362d51b4a754cb9613044604d3958c09744db3105106280c20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 04:37:51 GMT
via
1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
server
istio-envoy
age
2513680
etag
"10358ec9b639541d2dc75b21364231905e38c61b"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=2592000
x-envoy-upstream-service-time
111
x-amz-cf-pop
FRA2-C1
content-length
947
x-amz-cf-id
W4QTHxco2OKcqCzA7SYafW0n-H70uNt7zoDJFCHN3k2YNDvLAJNwbQ==
expires
Thu, 30 Jun 2022 04:37:51 GMT
default2.png
images-sihv2.prd.dlivecdn.com/fit-in/25x25/filters:quality(90)/avatar/
1 KB
2 KB
Image
General
Full URL
https://images-sihv2.prd.dlivecdn.com/fit-in/25x25/filters:quality(90)/avatar/default2.png
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
55f6a4768f112d6aadf377432f2d8ba76dd0ef08858d3492f130760d4dee72a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 22:03:29 GMT
via
1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
server
istio-envoy
age
636542
etag
"4021f0439417c598e776dd98c94b4ca12f6702e7"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=2592000
x-envoy-upstream-service-time
75
x-amz-cf-pop
FRA2-C1
content-length
1467
x-amz-cf-id
HaeS-PdOQzid-1kn84H8wmcUtPsVLrylc8EmkTlyTV9-3oMJWkdHcQ==
expires
Thu, 21 Jul 2022 22:03:29 GMT
58a576ce-2ac8-11ec-b61b-2a6b96e155b9
images-sihv2.prd.dlivecdn.com/fit-in/25x25/filters:quality(90)/avatar/
2 KB
2 KB
Image
General
Full URL
https://images-sihv2.prd.dlivecdn.com/fit-in/25x25/filters:quality(90)/avatar/58a576ce-2ac8-11ec-b61b-2a6b96e155b9
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
63862631b4b302889a01a4a7580190949eb577448d4743d180c32af369d1cd1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:05:14 GMT
via
1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
server
istio-envoy
age
2494037
etag
"68c0386748aca756ae886cb37eb5ba2a09e0ff4b"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=2592000
x-envoy-upstream-service-time
25
x-amz-cf-pop
FRA2-C1
content-length
1665
x-amz-cf-id
QveM7IBXRGtswzR8hiof4-Kbc6l7xiTE0k0gR0ZXPAkBJZq72L-9pQ==
expires
Thu, 30 Jun 2022 10:05:14 GMT
DLiveLove
images.prd.dlivecdn.com/emoji/
10 KB
10 KB
Image
General
Full URL
https://images.prd.dlivecdn.com/emoji/DLiveLove
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-7.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87f506f78e321364cdf702e5a4c01785d52e5fb6c5204d7af2052d845209984a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 07:58:46 GMT
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
last-modified
Wed, 05 Aug 2020 10:55:16 GMT
server
AmazonS3
age
82426
etag
"680b32e00b26fa93a23a4673d963b12a"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
9749
x-amz-cf-id
7n5rnXREbL7m-orx5CILnHaobYV_OVa46cEBBReWagJeNz-pRVI1Jg==
smile-icon.4d0482c6.svg
dlive.tv/img/
1 KB
1017 B
Image
General
Full URL
https://dlive.tv/img/smile-icon.4d0482c6.svg
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
0963e8fafab4414545a6f3b371134e681bbd4d3131bfb4d1c71fa037e9fc0cb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 07:44:26 GMT
content-encoding
gzip
last-modified
Fri, 22 Jul 2022 08:31:35 GMT
server
istio-envoy
age
83285
etag
W/"62da6067-589"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
0
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
wsAnh59nIJzCBGlRTPePljtwjC7WbcXJh6ZdaLTswa4buwNK0B2XGA==
expires
Fri, 26 Aug 2022 07:44:26 GMT
more-col-icon.fbea1061.svg
dlive.tv/img/
823 B
1 KB
Image
General
Full URL
https://dlive.tv/img/more-col-icon.fbea1061.svg
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
987f8f0f31093925c6c9e523795f9acaa718d4ff2dd36c0960837e1f2bd6e1b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 07:44:26 GMT
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
last-modified
Fri, 22 Jul 2022 08:31:35 GMT
server
istio-envoy
age
83285
etag
"62da6067-337"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
0
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
823
x-amz-cf-id
8KGMCoqdrnFLYQPPPVUCzCRVLRCvXy_PQg6UpoDhab3FoWp2pgUVoQ==
expires
Fri, 26 Aug 2022 07:44:26 GMT
/
graphigo.prd.dlive.tv/
61 B
245 B
Fetch
General
Full URL
https://graphigo.prd.dlive.tv/
Requested by
Host: dlive.tv
URL: https://dlive.tv/js/chunk-vendors.02ca80b7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.191.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-191-36.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
2697fa0b50e719c2e4840b62ef1a1b5c0e883e9c5ae8e3e75a326a8365bc9bb5

Request headers

fingerprint
8c5f260ea9123b0009dbac77d6bcc3ab
accept-language
de-DE,de;q=0.9
gacid
536569996.1658991155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
x-dlive-mversion
302b3406bfae84e66f4716c75e6c66122f4c7738
accept
*/*
x-dlive-mtype
web
Referer
https://dlive.tv/
content-type
application/json
x-dlive-mid
8c5f260ea9123b0009dbac77d6bcc3ab

Response headers

date
Thu, 28 Jul 2022 06:52:31 GMT
server
istio-envoy
vary
Origin
content-type
application/json
access-control-allow-origin
https://dlive.tv
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
content-length
61
privacy_small.svg
static.criteo.net/flash/icon/ Frame DDD6
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuIyLgAN_0cKixV0AAIlb4s_6hSv9tu0bzNLWA&u=%7CxSHFEmyFXVAsYaEvjRC7h7TqxZ4zM5RNGJIhyLWRj7M%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zrKB14s976jz4tkhQfDtJjnQxzPTFB2tPTvLmz1CmX5G7-cQ9U0CQ-w-eR99IocmghrWzT-ARDQsc9W-pOMOvSU3rJmxcV_SYROy5sQby3IzLHP9qx-k4a00eQ-_4TVTDbZ9J8ym5Sm5rCpGuSJbS8wXTM5UhFVanvGPMyM93lPo0TSX8e_Pbg9qOzz86lra0DXL9SjEoIgbTATR-6YYKDY7UsfNC3cpCkrUNCVYdX6YwUi28YzQ3br-0ffWb9u5PqzWU7aNhOjI9s8_SRP2uVqf8fOEx9u4Tlhe29Keko0UBblGhfCjHu-VxYXuHqN8bOf_OI8HUao3qrmlUsn03PLjD2qjIH1AyxWUPoxlndIVxl1g33iFLQ54dk7GvJo9OE9HvBFU5QHlskHLKO-aFxA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYBBJLjLiYsf-N_SqrATvyohQyZ7SsVyl_JP3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTgwMjUyODg3MzU4NTc2oAHVttLqA8gBCakCTWgFD6IgsT6oAwGqBIACT9Dwfy4t0BY9LnSHN5w53Y7cbj8e_v6zdWXLYnuE-njVq3bzcgP6Q9brFfWnVL34yikMoHTjan1W3u-pK2rQMYiePgmZUAFSaAJhPVMNQt7AvkVA7e2qSDwOYlpKxWLuXqxs8wo_b42xlTQldj5XJeQM0Gjhgnn7PLCNsdA9hzx4K1dKIOEY1sKBILi1VNAzj6-jUcgbE7shsDOyBwi0pnJ246BATcYFQvlXmomKjUgl0KfwMPioMvZ3t2nEV51t1-w2osLjjFfP6jsEbdiZ6ChNrWFGuJxyT3pacFcGpGtcEqRzbrPpnVC_4ztUle0PEE6O9s2uPu6Se_Hy3WHASoAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3_T4GETXZntLzgkconSctpKqqivA%26client%3Dca-pub-3180252887358576%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 06:52:31 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 23 Jul 2023 06:52:31 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame DDD6
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuIyLgAN_0cKixV0AAIlb4s_6hSv9tu0bzNLWA&u=%7CxSHFEmyFXVAsYaEvjRC7h7TqxZ4zM5RNGJIhyLWRj7M%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zrKB14s976jz4tkhQfDtJjnQxzPTFB2tPTvLmz1CmX5G7-cQ9U0CQ-w-eR99IocmghrWzT-ARDQsc9W-pOMOvSU3rJmxcV_SYROy5sQby3IzLHP9qx-k4a00eQ-_4TVTDbZ9J8ym5Sm5rCpGuSJbS8wXTM5UhFVanvGPMyM93lPo0TSX8e_Pbg9qOzz86lra0DXL9SjEoIgbTATR-6YYKDY7UsfNC3cpCkrUNCVYdX6YwUi28YzQ3br-0ffWb9u5PqzWU7aNhOjI9s8_SRP2uVqf8fOEx9u4Tlhe29Keko0UBblGhfCjHu-VxYXuHqN8bOf_OI8HUao3qrmlUsn03PLjD2qjIH1AyxWUPoxlndIVxl1g33iFLQ54dk7GvJo9OE9HvBFU5QHlskHLKO-aFxA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYBBJLjLiYsf-N_SqrATvyohQyZ7SsVyl_JP3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTgwMjUyODg3MzU4NTc2oAHVttLqA8gBCakCTWgFD6IgsT6oAwGqBIACT9Dwfy4t0BY9LnSHN5w53Y7cbj8e_v6zdWXLYnuE-njVq3bzcgP6Q9brFfWnVL34yikMoHTjan1W3u-pK2rQMYiePgmZUAFSaAJhPVMNQt7AvkVA7e2qSDwOYlpKxWLuXqxs8wo_b42xlTQldj5XJeQM0Gjhgnn7PLCNsdA9hzx4K1dKIOEY1sKBILi1VNAzj6-jUcgbE7shsDOyBwi0pnJ246BATcYFQvlXmomKjUgl0KfwMPioMvZ3t2nEV51t1-w2osLjjFfP6jsEbdiZ6ChNrWFGuJxyT3pacFcGpGtcEqRzbrPpnVC_4ztUle0PEE6O9s2uPu6Se_Hy3WHASoAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3_T4GETXZntLzgkconSctpKqqivA%26client%3Dca-pub-3180252887358576%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 06:52:31 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 23 Jul 2023 06:52:31 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame DDD6
308 B
636 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuIyLgAN_0cKixV0AAIlb4s_6hSv9tu0bzNLWA&u=%7CxSHFEmyFXVAsYaEvjRC7h7TqxZ4zM5RNGJIhyLWRj7M%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zrKB14s976jz4tkhQfDtJjnQxzPTFB2tPTvLmz1CmX5G7-cQ9U0CQ-w-eR99IocmghrWzT-ARDQsc9W-pOMOvSU3rJmxcV_SYROy5sQby3IzLHP9qx-k4a00eQ-_4TVTDbZ9J8ym5Sm5rCpGuSJbS8wXTM5UhFVanvGPMyM93lPo0TSX8e_Pbg9qOzz86lra0DXL9SjEoIgbTATR-6YYKDY7UsfNC3cpCkrUNCVYdX6YwUi28YzQ3br-0ffWb9u5PqzWU7aNhOjI9s8_SRP2uVqf8fOEx9u4Tlhe29Keko0UBblGhfCjHu-VxYXuHqN8bOf_OI8HUao3qrmlUsn03PLjD2qjIH1AyxWUPoxlndIVxl1g33iFLQ54dk7GvJo9OE9HvBFU5QHlskHLKO-aFxA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYBBJLjLiYsf-N_SqrATvyohQyZ7SsVyl_JP3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTgwMjUyODg3MzU4NTc2oAHVttLqA8gBCakCTWgFD6IgsT6oAwGqBIACT9Dwfy4t0BY9LnSHN5w53Y7cbj8e_v6zdWXLYnuE-njVq3bzcgP6Q9brFfWnVL34yikMoHTjan1W3u-pK2rQMYiePgmZUAFSaAJhPVMNQt7AvkVA7e2qSDwOYlpKxWLuXqxs8wo_b42xlTQldj5XJeQM0Gjhgnn7PLCNsdA9hzx4K1dKIOEY1sKBILi1VNAzj6-jUcgbE7shsDOyBwi0pnJ246BATcYFQvlXmomKjUgl0KfwMPioMvZ3t2nEV51t1-w2osLjjFfP6jsEbdiZ6ChNrWFGuJxyT3pacFcGpGtcEqRzbrPpnVC_4ztUle0PEE6O9s2uPu6Se_Hy3WHASoAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3_T4GETXZntLzgkconSctpKqqivA%26client%3Dca-pub-3180252887358576%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 06:52:31 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 23 Jul 2023 06:52:31 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame DDD6
293 B
621 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuIyLgAN_0cKixV0AAIlb4s_6hSv9tu0bzNLWA&u=%7CxSHFEmyFXVAsYaEvjRC7h7TqxZ4zM5RNGJIhyLWRj7M%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zrKB14s976jz4tkhQfDtJjnQxzPTFB2tPTvLmz1CmX5G7-cQ9U0CQ-w-eR99IocmghrWzT-ARDQsc9W-pOMOvSU3rJmxcV_SYROy5sQby3IzLHP9qx-k4a00eQ-_4TVTDbZ9J8ym5Sm5rCpGuSJbS8wXTM5UhFVanvGPMyM93lPo0TSX8e_Pbg9qOzz86lra0DXL9SjEoIgbTATR-6YYKDY7UsfNC3cpCkrUNCVYdX6YwUi28YzQ3br-0ffWb9u5PqzWU7aNhOjI9s8_SRP2uVqf8fOEx9u4Tlhe29Keko0UBblGhfCjHu-VxYXuHqN8bOf_OI8HUao3qrmlUsn03PLjD2qjIH1AyxWUPoxlndIVxl1g33iFLQ54dk7GvJo9OE9HvBFU5QHlskHLKO-aFxA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYBBJLjLiYsf-N_SqrATvyohQyZ7SsVyl_JP3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTgwMjUyODg3MzU4NTc2oAHVttLqA8gBCakCTWgFD6IgsT6oAwGqBIACT9Dwfy4t0BY9LnSHN5w53Y7cbj8e_v6zdWXLYnuE-njVq3bzcgP6Q9brFfWnVL34yikMoHTjan1W3u-pK2rQMYiePgmZUAFSaAJhPVMNQt7AvkVA7e2qSDwOYlpKxWLuXqxs8wo_b42xlTQldj5XJeQM0Gjhgnn7PLCNsdA9hzx4K1dKIOEY1sKBILi1VNAzj6-jUcgbE7shsDOyBwi0pnJ246BATcYFQvlXmomKjUgl0KfwMPioMvZ3t2nEV51t1-w2osLjjFfP6jsEbdiZ6ChNrWFGuJxyT3pacFcGpGtcEqRzbrPpnVC_4ztUle0PEE6O9s2uPu6Se_Hy3WHASoAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3_T4GETXZntLzgkconSctpKqqivA%26client%3Dca-pub-3180252887358576%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 06:52:31 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 23 Jul 2023 06:52:31 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame DDD6
43 B
348 B
Image
General
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=IaqUiaIgar3PdS5R9BM-mVDRxQVsWzgMKlrCLWt9YenitHSQ5Wy4NGkjNOdzjKxDlzjq1kaIDVSPZ-aTKlpe6WPoNhAwJgym-aQYyZKtPldksFtk7wnwtbE7z-r5nInINpjw8HWPk2CvXStDRp5FRxd2Md8c8xJSnpwiBpAsc10iwWROQrSJtDWEl_7vPhZcrbs5KmNGpaAxW3lJ3Q8r6cbzEM_abF5ljCcA3INep0DjHxk4j-3EToXFe0A8oXarafFYrnJNInt9qJxqOe7TXeJyJUIy33Ylk85ob5TXNdiBu0VWPl4hEYk9aJXxLXFunlMmw5eHJf7XJeLan_s5GLEV2Q4J2qf5K_SAkVbVeI7oGqK2ZSeSoPiTVPCibCE_nlHNGZVeuS_wPklCCPjAgHgc-zyBRLVDt-nRIBKh5NjMo_UT
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuIyLgAN_0cKixV0AAIlb4s_6hSv9tu0bzNLWA&u=%7CxSHFEmyFXVAsYaEvjRC7h7TqxZ4zM5RNGJIhyLWRj7M%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zrKB14s976jz4tkhQfDtJjnQxzPTFB2tPTvLmz1CmX5G7-cQ9U0CQ-w-eR99IocmghrWzT-ARDQsc9W-pOMOvSU3rJmxcV_SYROy5sQby3IzLHP9qx-k4a00eQ-_4TVTDbZ9J8ym5Sm5rCpGuSJbS8wXTM5UhFVanvGPMyM93lPo0TSX8e_Pbg9qOzz86lra0DXL9SjEoIgbTATR-6YYKDY7UsfNC3cpCkrUNCVYdX6YwUi28YzQ3br-0ffWb9u5PqzWU7aNhOjI9s8_SRP2uVqf8fOEx9u4Tlhe29Keko0UBblGhfCjHu-VxYXuHqN8bOf_OI8HUao3qrmlUsn03PLjD2qjIH1AyxWUPoxlndIVxl1g33iFLQ54dk7GvJo9OE9HvBFU5QHlskHLKO-aFxA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYBBJLjLiYsf-N_SqrATvyohQyZ7SsVyl_JP3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTgwMjUyODg3MzU4NTc2oAHVttLqA8gBCakCTWgFD6IgsT6oAwGqBIACT9Dwfy4t0BY9LnSHN5w53Y7cbj8e_v6zdWXLYnuE-njVq3bzcgP6Q9brFfWnVL34yikMoHTjan1W3u-pK2rQMYiePgmZUAFSaAJhPVMNQt7AvkVA7e2qSDwOYlpKxWLuXqxs8wo_b42xlTQldj5XJeQM0Gjhgnn7PLCNsdA9hzx4K1dKIOEY1sKBILi1VNAzj6-jUcgbE7shsDOyBwi0pnJ246BATcYFQvlXmomKjUgl0KfwMPioMvZ3t2nEV51t1-w2osLjjFfP6jsEbdiZ6ChNrWFGuJxyT3pacFcGpGtcEqRzbrPpnVC_4ztUle0PEE6O9s2uPu6Se_Hy3WHASoAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3_T4GETXZntLzgkconSctpKqqivA%26client%3Dca-pub-3180252887358576%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 06:52:31 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2783924
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame DDD6
0
689 B
Image
General
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1658991150
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuIyLgAN_0cKixV0AAIlb4s_6hSv9tu0bzNLWA&u=%7CxSHFEmyFXVAsYaEvjRC7h7TqxZ4zM5RNGJIhyLWRj7M%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zrKB14s976jz4tkhQfDtJjnQxzPTFB2tPTvLmz1CmX5G7-cQ9U0CQ-w-eR99IocmghrWzT-ARDQsc9W-pOMOvSU3rJmxcV_SYROy5sQby3IzLHP9qx-k4a00eQ-_4TVTDbZ9J8ym5Sm5rCpGuSJbS8wXTM5UhFVanvGPMyM93lPo0TSX8e_Pbg9qOzz86lra0DXL9SjEoIgbTATR-6YYKDY7UsfNC3cpCkrUNCVYdX6YwUi28YzQ3br-0ffWb9u5PqzWU7aNhOjI9s8_SRP2uVqf8fOEx9u4Tlhe29Keko0UBblGhfCjHu-VxYXuHqN8bOf_OI8HUao3qrmlUsn03PLjD2qjIH1AyxWUPoxlndIVxl1g33iFLQ54dk7GvJo9OE9HvBFU5QHlskHLKO-aFxA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYBBJLjLiYsf-N_SqrATvyohQyZ7SsVyl_JP3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTgwMjUyODg3MzU4NTc2oAHVttLqA8gBCakCTWgFD6IgsT6oAwGqBIACT9Dwfy4t0BY9LnSHN5w53Y7cbj8e_v6zdWXLYnuE-njVq3bzcgP6Q9brFfWnVL34yikMoHTjan1W3u-pK2rQMYiePgmZUAFSaAJhPVMNQt7AvkVA7e2qSDwOYlpKxWLuXqxs8wo_b42xlTQldj5XJeQM0Gjhgnn7PLCNsdA9hzx4K1dKIOEY1sKBILi1VNAzj6-jUcgbE7shsDOyBwi0pnJ246BATcYFQvlXmomKjUgl0KfwMPioMvZ3t2nEV51t1-w2osLjjFfP6jsEbdiZ6ChNrWFGuJxyT3pacFcGpGtcEqRzbrPpnVC_4ztUle0PEE6O9s2uPu6Se_Hy3WHASoAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3_T4GETXZntLzgkconSctpKqqivA%26client%3Dca-pub-3180252887358576%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:e000:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 06:52:31 GMT
via
1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA2-C2
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
x-cache
Miss from cloudfront
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length
0
x-amz-cf-id
Ap7QQdyT6MTTkiIsLtxK28nHnp9X9QYOpXBzDdog-ADwJubEE8XyLQ==
expires
Thu, 01 Dec 1994 16:00:00 GMT
truncated
/ Frame 34D5
219 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
933d00215d72c5e7da6d6b7e3de5ae866a06c91db6004d7074ccff232a4450e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
dpixel
cms.quantserve.com/ Frame EF29
35 B
463 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEES2S2ldRUcoytIowsqv2qE&google_cver=1&google_push=AehlK4C5PsC4JfQkQRUqbXhDEF1zoRuoCwfwP4f1qddMYUkWDDAZfHgxVXjX_jDojItEi0TQhg-gIPqibWKK0_8lFwo1MEBdav1R
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3180252887358576&output=html&h=256&slotname=5715510314&adk=3835943102&adf=2777427726&pi=t.ma~as.5715510314&w=128&lmt=1658991156&rafmt=12&psa=0&format=128x256&url=https%3A%2F%2Fdlive.tv%2FJohnDukeofLancaster%3Fref%3Djohndukeoflancaster%25F0%259F%2593%258C%25F0%259F%2591%2589%2520%2520Pe&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658991156327&bpp=3&bdt=1488&idt=339&shv=r20220726&mjsv=m202207200101&ptt=9&saldr=aa&abxe=1&correlator=2280627204853&frm=20&pv=2&ga_vid=536569996.1658991155&ga_sid=1658991157&ga_hid=199643736&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=60&ady=432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C21066429%2C31060047%2C31067825&oid=2&pvsid=3450251239526917&tmod=1778090356&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nmroB0ocZr&p=https%3A//dlive.tv&dtd=356
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 06:52:31 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
466606.gif
id.rlcdn.com/ Frame EF29
0
98 B
Image
General
Full URL
https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4AmI4MEV3NThjoLBu8cg7dwMI4LNbZKfFYVjiC4xrnJR6Op02OrHJuAI3Ps8fx_nSn_lCMxDp3mmWY-MxzzO_1PgixZXy_a&google_gid=CAESEJ5AV0URXoyXlviNcgLyd5I&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3180252887358576&output=html&h=256&slotname=5715510314&adk=3835943102&adf=2777427726&pi=t.ma~as.5715510314&w=128&lmt=1658991156&rafmt=12&psa=0&format=128x256&url=https%3A%2F%2Fdlive.tv%2FJohnDukeofLancaster%3Fref%3Djohndukeoflancaster%25F0%259F%2593%258C%25F0%259F%2591%2589%2520%2520Pe&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658991156327&bpp=3&bdt=1488&idt=339&shv=r20220726&mjsv=m202207200101&ptt=9&saldr=aa&abxe=1&correlator=2280627204853&frm=20&pv=2&ga_vid=536569996.1658991155&ga_sid=1658991157&ga_hid=199643736&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=60&ady=432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C21066429%2C31060047%2C31067825&oid=2&pvsid=3450251239526917&tmod=1778090356&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nmroB0ocZr&p=https%3A//dlive.tv&dtd=356
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 06:52:31 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
dds
rtb.openx.net/sync/ Frame EF29
43 B
351 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEDQAqIByn7rs_JmalXFzabU&google_cver=1&google_push=AehlK4CdvhYykRR6gZGLqZSd23_BlS7lhoW1TaeLLlFg5rX282q-iXeXKBojA2ZFeKCyzKhMiYgJ9W54ozJf4cy1YoOl-bTvqSU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3180252887358576&output=html&h=256&slotname=5715510314&adk=3835943102&adf=2777427726&pi=t.ma~as.5715510314&w=128&lmt=1658991156&rafmt=12&psa=0&format=128x256&url=https%3A%2F%2Fdlive.tv%2FJohnDukeofLancaster%3Fref%3Djohndukeoflancaster%25F0%259F%2593%258C%25F0%259F%2591%2589%2520%2520Pe&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658991156327&bpp=3&bdt=1488&idt=339&shv=r20220726&mjsv=m202207200101&ptt=9&saldr=aa&abxe=1&correlator=2280627204853&frm=20&pv=2&ga_vid=536569996.1658991155&ga_sid=1658991157&ga_hid=199643736&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=60&ady=432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C21066429%2C31060047%2C31067825&oid=2&pvsid=3450251239526917&tmod=1778090356&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nmroB0ocZr&p=https%3A//dlive.tv&dtd=356
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 06:52:30 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
g46nl28hpkrtn2rkmbup8prrggjpvetb
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame EF29
0
166 B
Image
General
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFtx2xobQ_uSShiqtuX4_w0&google_cver=1&google_push=AehlK4BdD7XXpOaYWulx7ts3QjhEnN7pQ_uMZ28e1sB7N6hsvsxJ_71BzIp1D4YJPQkT97NAeVKOQ1_OuaSXQ5svpZNFoq5Q9p0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3180252887358576&output=html&h=256&slotname=5715510314&adk=3835943102&adf=2777427726&pi=t.ma~as.5715510314&w=128&lmt=1658991156&rafmt=12&psa=0&format=128x256&url=https%3A%2F%2Fdlive.tv%2FJohnDukeofLancaster%3Fref%3Djohndukeoflancaster%25F0%259F%2593%258C%25F0%259F%2591%2589%2520%2520Pe&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658991156327&bpp=3&bdt=1488&idt=339&shv=r20220726&mjsv=m202207200101&ptt=9&saldr=aa&abxe=1&correlator=2280627204853&frm=20&pv=2&ga_vid=536569996.1658991155&ga_sid=1658991157&ga_hid=199643736&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=60&ady=432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C21066429%2C31060047%2C31067825&oid=2&pvsid=3450251239526917&tmod=1778090356&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nmroB0ocZr&p=https%3A//dlive.tv&dtd=356
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 06:52:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame EF29
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELgmuiJ9W1LR2O7MQ3__gnc&google_cver=1&google_push=AehlK4BiNzmEz5PgYlR8y17VLeFy-l-Vtz2GDsbvFFNyW1C8hQkiXoGYk5Zlsx4aTD0KTrllsJo...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDY0T0hYQ0stOC1GVFNL&google_push=AehlK4BiNzmEz5PgYlR8y17VLeFy-l-Vtz2GDsbvFFNyW1C8hQkiXoGYk5Zlsx4aTD0KTrllsJoNyZteqpfW74BPoBVx6ci0KPU
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDY0T0hYQ0stOC1GVFNL&google_push=AehlK4BiNzmEz5PgYlR8y17VLeFy-l-Vtz2GDsbvFFNyW1C8hQkiXoGYk5Zlsx4aTD0KTrllsJoNyZteqpfW74BPoBVx6ci0KPU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3180252887358576&output=html&h=256&slotname=5715510314&adk=3835943102&adf=2777427726&pi=t.ma~as.5715510314&w=128&lmt=1658991156&rafmt=12&psa=0&format=128x256&url=https%3A%2F%2Fdlive.tv%2FJohnDukeofLancaster%3Fref%3Djohndukeoflancaster%25F0%259F%2593%258C%25F0%259F%2591%2589%2520%2520Pe&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658991156327&bpp=3&bdt=1488&idt=339&shv=r20220726&mjsv=m202207200101&ptt=9&saldr=aa&abxe=1&correlator=2280627204853&frm=20&pv=2&ga_vid=536569996.1658991155&ga_sid=1658991157&ga_hid=199643736&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=60&ady=432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C21066429%2C31060047%2C31067825&oid=2&pvsid=3450251239526917&tmod=1778090356&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nmroB0ocZr&p=https%3A//dlive.tv&dtd=356
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 06:52:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDY0T0hYQ0stOC1GVFNL&google_push=AehlK4BiNzmEz5PgYlR8y17VLeFy-l-Vtz2GDsbvFFNyW1C8hQkiXoGYk5Zlsx4aTD0KTrllsJoNyZteqpfW74BPoBVx6ci0KPU
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Expires
0
pixel
cm.g.doubleclick.net/ Frame EF29
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFs5jxicci25UnkIl-i3F3c&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEFs5jxicci25UnkIl-i3F3c&google_push=Ae...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFs5jxicci25UnkIl-i3F3c&google_hm=YuIyL6PBNCd3mi8hvznWYgAABJUAAAIB&google_nid=index&google_push=AehlK4BOPXj2x_btwo0Yv6mtHu1fyly0GXlNH...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFs5jxicci25UnkIl-i3F3c&google_hm=YuIyL6PBNCd3mi8hvznWYgAABJUAAAIB&google_nid=index&google_push=AehlK4BOPXj2x_btwo0Yv6mtHu1fyly0GXlNH0MHefzazyk6kkZSTrP03Hj76mR-4oT1mDrrX52YR1MzTYlCH3JywvVsmzemZ3ya
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3180252887358576&output=html&h=256&slotname=5715510314&adk=3835943102&adf=2777427726&pi=t.ma~as.5715510314&w=128&lmt=1658991156&rafmt=12&psa=0&format=128x256&url=https%3A%2F%2Fdlive.tv%2FJohnDukeofLancaster%3Fref%3Djohndukeoflancaster%25F0%259F%2593%258C%25F0%259F%2591%2589%2520%2520Pe&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658991156327&bpp=3&bdt=1488&idt=339&shv=r20220726&mjsv=m202207200101&ptt=9&saldr=aa&abxe=1&correlator=2280627204853&frm=20&pv=2&ga_vid=536569996.1658991155&ga_sid=1658991157&ga_hid=199643736&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=60&ady=432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C21066429%2C31060047%2C31067825&oid=2&pvsid=3450251239526917&tmod=1778090356&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nmroB0ocZr&p=https%3A//dlive.tv&dtd=356
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 06:52:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 28 Jul 2022 06:52:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3iPH9A8CUBI4V22glhk6mGzmMdqczvMQpRZcIMPCHRN4rtV5w9t7%2BPDdWaeiF6o%2FRX442DA0YNoHCoFb%2F8M2bWyzkgCiu9g%2BPnqWZXqeA5afPV%2B0Nx87DKjRUs9nIMQabAsPH3bgiOBh%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFs5jxicci25UnkIl-i3F3c&google_hm=YuIyL6PBNCd3mi8hvznWYgAABJUAAAIB&google_nid=index&google_push=AehlK4BOPXj2x_btwo0Yv6mtHu1fyly0GXlNH0MHefzazyk6kkZSTrP03Hj76mR-4oT1mDrrX52YR1MzTYlCH3JywvVsmzemZ3ya
cache-control
no-cache
cf-ray
731bb14bcf4e3a6f-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
trk
ag.innovid.com/ Frame EF29
43 B
296 B
Image
General
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEJuW5y4ai9MmADTDyxgh4So&google_cver=1&google_push=AehlK4CSxPSQnjtidSqrIuHD8_NzYNHiNdNJRUX6zUfm_FmNYfd3QHXWua1iYIjuDPBYyV1gokGw_8FUr7CUuK4oruhhxBbYvXPv
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3180252887358576&output=html&h=256&slotname=5715510314&adk=3835943102&adf=2777427726&pi=t.ma~as.5715510314&w=128&lmt=1658991156&rafmt=12&psa=0&format=128x256&url=https%3A%2F%2Fdlive.tv%2FJohnDukeofLancaster%3Fref%3Djohndukeoflancaster%25F0%259F%2593%258C%25F0%259F%2591%2589%2520%2520Pe&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658991156327&bpp=3&bdt=1488&idt=339&shv=r20220726&mjsv=m202207200101&ptt=9&saldr=aa&abxe=1&correlator=2280627204853&frm=20&pv=2&ga_vid=536569996.1658991155&ga_sid=1658991157&ga_hid=199643736&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=60&ady=432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C21066429%2C31060047%2C31067825&oid=2&pvsid=3450251239526917&tmod=1778090356&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nmroB0ocZr&p=https%3A//dlive.tv&dtd=356
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8102:8e6d:8fd7:763c:360f London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 06:52:32 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame EF29
0
223 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K55EeuLBj97OsHWpFSfpRpqLbOdQGRJpJ6Vewk2ayKVzCgP9TI9xDSgFBnzWdmcDO25AIC
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3180252887358576&output=html&h=256&slotname=5715510314&adk=3835943102&adf=2777427726&pi=t.ma~as.5715510314&w=128&lmt=1658991156&rafmt=12&psa=0&format=128x256&url=https%3A%2F%2Fdlive.tv%2FJohnDukeofLancaster%3Fref%3Djohndukeoflancaster%25F0%259F%2593%258C%25F0%259F%2591%2589%2520%2520Pe&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658991156327&bpp=3&bdt=1488&idt=339&shv=r20220726&mjsv=m202207200101&ptt=9&saldr=aa&abxe=1&correlator=2280627204853&frm=20&pv=2&ga_vid=536569996.1658991155&ga_sid=1658991157&ga_hid=199643736&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=60&ady=432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C21066429%2C31060047%2C31067825&oid=2&pvsid=3450251239526917&tmod=1778090356&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nmroB0ocZr&p=https%3A//dlive.tv&dtd=356
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 06:52:31 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
animejs.js
static.criteo.net/animejs/ Frame DDD6
12 KB
6 KB
Script
General
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuIyLgAN_0cKixV0AAIlb4s_6hSv9tu0bzNLWA&u=%7CxSHFEmyFXVAsYaEvjRC7h7TqxZ4zM5RNGJIhyLWRj7M%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zrKB14s976jz4tkhQfDtJjnQxzPTFB2tPTvLmz1CmX5G7-cQ9U0CQ-w-eR99IocmghrWzT-ARDQsc9W-pOMOvSU3rJmxcV_SYROy5sQby3IzLHP9qx-k4a00eQ-_4TVTDbZ9J8ym5Sm5rCpGuSJbS8wXTM5UhFVanvGPMyM93lPo0TSX8e_Pbg9qOzz86lra0DXL9SjEoIgbTATR-6YYKDY7UsfNC3cpCkrUNCVYdX6YwUi28YzQ3br-0ffWb9u5PqzWU7aNhOjI9s8_SRP2uVqf8fOEx9u4Tlhe29Keko0UBblGhfCjHu-VxYXuHqN8bOf_OI8HUao3qrmlUsn03PLjD2qjIH1AyxWUPoxlndIVxl1g33iFLQ54dk7GvJo9OE9HvBFU5QHlskHLKO-aFxA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYBBJLjLiYsf-N_SqrATvyohQyZ7SsVyl_JP3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTgwMjUyODg3MzU4NTc2oAHVttLqA8gBCakCTWgFD6IgsT6oAwGqBIACT9Dwfy4t0BY9LnSHN5w53Y7cbj8e_v6zdWXLYnuE-njVq3bzcgP6Q9brFfWnVL34yikMoHTjan1W3u-pK2rQMYiePgmZUAFSaAJhPVMNQt7AvkVA7e2qSDwOYlpKxWLuXqxs8wo_b42xlTQldj5XJeQM0Gjhgnn7PLCNsdA9hzx4K1dKIOEY1sKBILi1VNAzj6-jUcgbE7shsDOyBwi0pnJ246BATcYFQvlXmomKjUgl0KfwMPioMvZ3t2nEV51t1-w2osLjjFfP6jsEbdiZ6ChNrWFGuJxyT3pacFcGpGtcEqRzbrPpnVC_4ztUle0PEE6O9s2uPu6Se_Hy3WHASoAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3_T4GETXZntLzgkconSctpKqqivA%26client%3Dca-pub-3180252887358576%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 06:52:31 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 23 Jul 2023 06:52:31 GMT
reload
www.google.com/recaptcha/api2/ Frame 17A5
37 KB
23 KB
XHR
General
Full URL
https://www.google.com/recaptcha/api2/reload?k=6Lf5BmkUAAAAAKYk6gV1OzK05pOv99MOQoXSIrgj
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f985e23afb2477c0b9eafef2ae4a4d969ed5668644133594f85484e00fc61497
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/bframe?hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&k=6Lf5BmkUAAAAAKYk6gV1OzK05pOv99MOQoXSIrgj
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Thu, 28 Jul 2022 06:52:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23087
x-xss-protection
1; mode=block
expires
Thu, 28 Jul 2022 06:52:31 GMT
reload
www.google.com/recaptcha/api2/ Frame C1AE
38 KB
23 KB
XHR
General
Full URL
https://www.google.com/recaptcha/api2/reload?k=6Lf5BmkUAAAAAKYk6gV1OzK05pOv99MOQoXSIrgj
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c7e26992c153ce32d329005c1a4c55b59370e8708f1f9492d2ab89cf710e8da4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/bframe?hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&k=6Lf5BmkUAAAAAKYk6gV1OzK05pOv99MOQoXSIrgj
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Thu, 28 Jul 2022 06:52:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23216
x-xss-protection
1; mode=block
expires
Thu, 28 Jul 2022 06:52:31 GMT
/
graphigo.prd.dlive.tv/
1 KB
1 KB
Fetch
General
Full URL
https://graphigo.prd.dlive.tv/
Requested by
Host: dlive.tv
URL: https://dlive.tv/js/chunk-vendors.02ca80b7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.191.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-191-36.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
b06133444a8abc33f325293499604e5500c06d5ecf3c4e4bcdf3e35ec8758001

Request headers

fingerprint
8c5f260ea9123b0009dbac77d6bcc3ab
accept-language
de-DE,de;q=0.9
gacid
536569996.1658991155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
x-dlive-mversion
302b3406bfae84e66f4716c75e6c66122f4c7738
accept
*/*
x-dlive-mtype
web
Referer
https://dlive.tv/
content-type
application/json
x-dlive-mid
8c5f260ea9123b0009dbac77d6bcc3ab

Response headers

date
Thu, 28 Jul 2022 06:52:31 GMT
server
istio-envoy
vary
Origin
content-type
application/json
access-control-allow-origin
https://dlive.tv
access-control-allow-credentials
true
x-envoy-upstream-service-time
29
content-length
1033
/
graphigo.prd.dlive.tv/ Frame
0
0
Preflight
General
Full URL
https://graphigo.prd.dlive.tv/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.191.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-191-36.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,fingerprint,gacid,x-dlive-mid,x-dlive-mtype,x-dlive-mversion
Access-Control-Request-Method
POST
Origin
https://dlive.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Fingerprint, Gacid, X-Dlive-Mid, X-Dlive-Mtype, X-Dlive-Mversion
access-control-allow-methods
POST
access-control-allow-origin
https://dlive.tv
access-control-max-age
86400
content-length
0
date
Thu, 28 Jul 2022 06:52:31 GMT
server
istio-envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
0
img
pix.eu.criteo.net/img/ Frame DDD6
9 KB
9 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?h=116&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F79f2c646e3f74b54931cff1f39d769d0_blue.png&v=3&w=252&s=JViaZr9n2YZAQgjHS4P6r-oi
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuIyLgAN_0cKixV0AAIlb4s_6hSv9tu0bzNLWA&u=%7CxSHFEmyFXVAsYaEvjRC7h7TqxZ4zM5RNGJIhyLWRj7M%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zrKB14s976jz4tkhQfDtJjnQxzPTFB2tPTvLmz1CmX5G7-cQ9U0CQ-w-eR99IocmghrWzT-ARDQsc9W-pOMOvSU3rJmxcV_SYROy5sQby3IzLHP9qx-k4a00eQ-_4TVTDbZ9J8ym5Sm5rCpGuSJbS8wXTM5UhFVanvGPMyM93lPo0TSX8e_Pbg9qOzz86lra0DXL9SjEoIgbTATR-6YYKDY7UsfNC3cpCkrUNCVYdX6YwUi28YzQ3br-0ffWb9u5PqzWU7aNhOjI9s8_SRP2uVqf8fOEx9u4Tlhe29Keko0UBblGhfCjHu-VxYXuHqN8bOf_OI8HUao3qrmlUsn03PLjD2qjIH1AyxWUPoxlndIVxl1g33iFLQ54dk7GvJo9OE9HvBFU5QHlskHLKO-aFxA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYBBJLjLiYsf-N_SqrATvyohQyZ7SsVyl_JP3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTgwMjUyODg3MzU4NTc2oAHVttLqA8gBCakCTWgFD6IgsT6oAwGqBIACT9Dwfy4t0BY9LnSHN5w53Y7cbj8e_v6zdWXLYnuE-njVq3bzcgP6Q9brFfWnVL34yikMoHTjan1W3u-pK2rQMYiePgmZUAFSaAJhPVMNQt7AvkVA7e2qSDwOYlpKxWLuXqxs8wo_b42xlTQldj5XJeQM0Gjhgnn7PLCNsdA9hzx4K1dKIOEY1sKBILi1VNAzj6-jUcgbE7shsDOyBwi0pnJ246BATcYFQvlXmomKjUgl0KfwMPioMvZ3t2nEV51t1-w2osLjjFfP6jsEbdiZ6ChNrWFGuJxyT3pacFcGpGtcEqRzbrPpnVC_4ztUle0PEE6O9s2uPu6Se_Hy3WHASoAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3_T4GETXZntLzgkconSctpKqqivA%26client%3Dca-pub-3180252887358576%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
cfe8bc2278f881adbad724cd23290fc912ceee3ae88fa44f47593e965c2865b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 06:52:31 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29556670
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
9385
expires
Wed, 05 Jul 2023 09:03:42 GMT
img
pix.eu.criteo.net/img/ Frame DDD6
400 B
658 B
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoDB_Mobility_Logistics_AG_60544DE.gif%3Feb%3D1&v=3&w=400&s=qejL_9Irgvb-0KwTC4SpoEgt&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuIyLgAN_0cKixV0AAIlb4s_6hSv9tu0bzNLWA&u=%7CxSHFEmyFXVAsYaEvjRC7h7TqxZ4zM5RNGJIhyLWRj7M%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zrKB14s976jz4tkhQfDtJjnQxzPTFB2tPTvLmz1CmX5G7-cQ9U0CQ-w-eR99IocmghrWzT-ARDQsc9W-pOMOvSU3rJmxcV_SYROy5sQby3IzLHP9qx-k4a00eQ-_4TVTDbZ9J8ym5Sm5rCpGuSJbS8wXTM5UhFVanvGPMyM93lPo0TSX8e_Pbg9qOzz86lra0DXL9SjEoIgbTATR-6YYKDY7UsfNC3cpCkrUNCVYdX6YwUi28YzQ3br-0ffWb9u5PqzWU7aNhOjI9s8_SRP2uVqf8fOEx9u4Tlhe29Keko0UBblGhfCjHu-VxYXuHqN8bOf_OI8HUao3qrmlUsn03PLjD2qjIH1AyxWUPoxlndIVxl1g33iFLQ54dk7GvJo9OE9HvBFU5QHlskHLKO-aFxA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYBBJLjLiYsf-N_SqrATvyohQyZ7SsVyl_JP3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTgwMjUyODg3MzU4NTc2oAHVttLqA8gBCakCTWgFD6IgsT6oAwGqBIACT9Dwfy4t0BY9LnSHN5w53Y7cbj8e_v6zdWXLYnuE-njVq3bzcgP6Q9brFfWnVL34yikMoHTjan1W3u-pK2rQMYiePgmZUAFSaAJhPVMNQt7AvkVA7e2qSDwOYlpKxWLuXqxs8wo_b42xlTQldj5XJeQM0Gjhgnn7PLCNsdA9hzx4K1dKIOEY1sKBILi1VNAzj6-jUcgbE7shsDOyBwi0pnJ246BATcYFQvlXmomKjUgl0KfwMPioMvZ3t2nEV51t1-w2osLjjFfP6jsEbdiZ6ChNrWFGuJxyT3pacFcGpGtcEqRzbrPpnVC_4ztUle0PEE6O9s2uPu6Se_Hy3WHASoAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3_T4GETXZntLzgkconSctpKqqivA%26client%3Dca-pub-3180252887358576%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
42c9e4f9d8c14ea0ecac49e147f029a6bb58b69e544bd63667e5b0e64169f631
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 06:52:31 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
400
expires
Thu, 28 Jul 2022 06:52:31 GMT
img
pix.eu.criteo.net/img/ Frame DDD6
1 KB
1 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoBKA_Bundeskriminalamt_4558DE.gif%3Feb%3D1&v=3&w=400&s=GVnKI3ywx2pDN-sz0JRgKSSP&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuIyLgAN_0cKixV0AAIlb4s_6hSv9tu0bzNLWA&u=%7CxSHFEmyFXVAsYaEvjRC7h7TqxZ4zM5RNGJIhyLWRj7M%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zrKB14s976jz4tkhQfDtJjnQxzPTFB2tPTvLmz1CmX5G7-cQ9U0CQ-w-eR99IocmghrWzT-ARDQsc9W-pOMOvSU3rJmxcV_SYROy5sQby3IzLHP9qx-k4a00eQ-_4TVTDbZ9J8ym5Sm5rCpGuSJbS8wXTM5UhFVanvGPMyM93lPo0TSX8e_Pbg9qOzz86lra0DXL9SjEoIgbTATR-6YYKDY7UsfNC3cpCkrUNCVYdX6YwUi28YzQ3br-0ffWb9u5PqzWU7aNhOjI9s8_SRP2uVqf8fOEx9u4Tlhe29Keko0UBblGhfCjHu-VxYXuHqN8bOf_OI8HUao3qrmlUsn03PLjD2qjIH1AyxWUPoxlndIVxl1g33iFLQ54dk7GvJo9OE9HvBFU5QHlskHLKO-aFxA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYBBJLjLiYsf-N_SqrATvyohQyZ7SsVyl_JP3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTgwMjUyODg3MzU4NTc2oAHVttLqA8gBCakCTWgFD6IgsT6oAwGqBIACT9Dwfy4t0BY9LnSHN5w53Y7cbj8e_v6zdWXLYnuE-njVq3bzcgP6Q9brFfWnVL34yikMoHTjan1W3u-pK2rQMYiePgmZUAFSaAJhPVMNQt7AvkVA7e2qSDwOYlpKxWLuXqxs8wo_b42xlTQldj5XJeQM0Gjhgnn7PLCNsdA9hzx4K1dKIOEY1sKBILi1VNAzj6-jUcgbE7shsDOyBwi0pnJ246BATcYFQvlXmomKjUgl0KfwMPioMvZ3t2nEV51t1-w2osLjjFfP6jsEbdiZ6ChNrWFGuJxyT3pacFcGpGtcEqRzbrPpnVC_4ztUle0PEE6O9s2uPu6Se_Hy3WHASoAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3_T4GETXZntLzgkconSctpKqqivA%26client%3Dca-pub-3180252887358576%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e4b58a351151e4da3ebfac8c923fc7c19c7bbbd6696d716a2f3465bf869f1138
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 06:52:31 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=683814
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1266
expires
Fri, 05 Aug 2022 04:49:26 GMT
img
pix.eu.criteo.net/img/ Frame DDD6
2 KB
2 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FC%2FlogoFraGround-Fraport-Ground-Services-GmbH-222375DE.gif%3Feb%3D1&v=3&w=400&s=u8QjTuzx4yQwWOjyD8TMxXfP&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuIyLgAN_0cKixV0AAIlb4s_6hSv9tu0bzNLWA&u=%7CxSHFEmyFXVAsYaEvjRC7h7TqxZ4zM5RNGJIhyLWRj7M%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zrKB14s976jz4tkhQfDtJjnQxzPTFB2tPTvLmz1CmX5G7-cQ9U0CQ-w-eR99IocmghrWzT-ARDQsc9W-pOMOvSU3rJmxcV_SYROy5sQby3IzLHP9qx-k4a00eQ-_4TVTDbZ9J8ym5Sm5rCpGuSJbS8wXTM5UhFVanvGPMyM93lPo0TSX8e_Pbg9qOzz86lra0DXL9SjEoIgbTATR-6YYKDY7UsfNC3cpCkrUNCVYdX6YwUi28YzQ3br-0ffWb9u5PqzWU7aNhOjI9s8_SRP2uVqf8fOEx9u4Tlhe29Keko0UBblGhfCjHu-VxYXuHqN8bOf_OI8HUao3qrmlUsn03PLjD2qjIH1AyxWUPoxlndIVxl1g33iFLQ54dk7GvJo9OE9HvBFU5QHlskHLKO-aFxA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYBBJLjLiYsf-N_SqrATvyohQyZ7SsVyl_JP3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTgwMjUyODg3MzU4NTc2oAHVttLqA8gBCakCTWgFD6IgsT6oAwGqBIACT9Dwfy4t0BY9LnSHN5w53Y7cbj8e_v6zdWXLYnuE-njVq3bzcgP6Q9brFfWnVL34yikMoHTjan1W3u-pK2rQMYiePgmZUAFSaAJhPVMNQt7AvkVA7e2qSDwOYlpKxWLuXqxs8wo_b42xlTQldj5XJeQM0Gjhgnn7PLCNsdA9hzx4K1dKIOEY1sKBILi1VNAzj6-jUcgbE7shsDOyBwi0pnJ246BATcYFQvlXmomKjUgl0KfwMPioMvZ3t2nEV51t1-w2osLjjFfP6jsEbdiZ6ChNrWFGuJxyT3pacFcGpGtcEqRzbrPpnVC_4ztUle0PEE6O9s2uPu6Se_Hy3WHASoAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3_T4GETXZntLzgkconSctpKqqivA%26client%3Dca-pub-3180252887358576%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
5aeca3b44d1a071a3a4271a080470f383d077f1c0d1298845266e690449e6607
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 06:52:31 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1383708
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1960
expires
Sat, 13 Aug 2022 07:14:20 GMT
img
pix.eu.criteo.net/img/ Frame DDD6
2 KB
3 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoRheinmetall-Landsysteme-GmbH-19758DE-2106251047.gif%3Feb%3D1&v=3&w=400&s=kZzBubbmoVf5zQG3ZwRwoWdb&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuIyLgAN_0cKixV0AAIlb4s_6hSv9tu0bzNLWA&u=%7CxSHFEmyFXVAsYaEvjRC7h7TqxZ4zM5RNGJIhyLWRj7M%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zrKB14s976jz4tkhQfDtJjnQxzPTFB2tPTvLmz1CmX5G7-cQ9U0CQ-w-eR99IocmghrWzT-ARDQsc9W-pOMOvSU3rJmxcV_SYROy5sQby3IzLHP9qx-k4a00eQ-_4TVTDbZ9J8ym5Sm5rCpGuSJbS8wXTM5UhFVanvGPMyM93lPo0TSX8e_Pbg9qOzz86lra0DXL9SjEoIgbTATR-6YYKDY7UsfNC3cpCkrUNCVYdX6YwUi28YzQ3br-0ffWb9u5PqzWU7aNhOjI9s8_SRP2uVqf8fOEx9u4Tlhe29Keko0UBblGhfCjHu-VxYXuHqN8bOf_OI8HUao3qrmlUsn03PLjD2qjIH1AyxWUPoxlndIVxl1g33iFLQ54dk7GvJo9OE9HvBFU5QHlskHLKO-aFxA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYBBJLjLiYsf-N_SqrATvyohQyZ7SsVyl_JP3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTgwMjUyODg3MzU4NTc2oAHVttLqA8gBCakCTWgFD6IgsT6oAwGqBIACT9Dwfy4t0BY9LnSHN5w53Y7cbj8e_v6zdWXLYnuE-njVq3bzcgP6Q9brFfWnVL34yikMoHTjan1W3u-pK2rQMYiePgmZUAFSaAJhPVMNQt7AvkVA7e2qSDwOYlpKxWLuXqxs8wo_b42xlTQldj5XJeQM0Gjhgnn7PLCNsdA9hzx4K1dKIOEY1sKBILi1VNAzj6-jUcgbE7shsDOyBwi0pnJ246BATcYFQvlXmomKjUgl0KfwMPioMvZ3t2nEV51t1-w2osLjjFfP6jsEbdiZ6ChNrWFGuJxyT3pacFcGpGtcEqRzbrPpnVC_4ztUle0PEE6O9s2uPu6Se_Hy3WHASoAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3_T4GETXZntLzgkconSctpKqqivA%26client%3Dca-pub-3180252887358576%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
cc5e65f3bf4a6f565b2e549b9b401450a1e7d283ffe50dd4a906b5375808b851
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 06:52:31 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=1778872
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
2446
expires
Wed, 17 Aug 2022 21:00:24 GMT
all
csm.eu.criteo.net/ Frame DDD6
0
128 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=i48gl9YgHm1q9XK-uPocXaKN2gGGXFXHnsEZyP8GEicz2eABzh027ULZXuFsG1M7njLK98cJW7aMA4CWfGywIOG4rzxJPbjcWPP1zbuOGrxTKF3x9-fKdIfc0W-6oSjIPoWlnX52nwXF6wenRM-bNXB5fUb8gVo1ha0b3hSNaE0UG5a3NPtaoTQZjzIxKMIuSs5JZAhYVaIL_H9zrZFZ17r9fKD1zCd7jUT3VEjkQebyOwDs6-dengSUGQB9QYA3gp1_4Q&sds=2&rev=82250&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuIyLgAN_0cKixV0AAIlb4s_6hSv9tu0bzNLWA&u=%7CxSHFEmyFXVAsYaEvjRC7h7TqxZ4zM5RNGJIhyLWRj7M%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zrKB14s976jz4tkhQfDtJjnQxzPTFB2tPTvLmz1CmX5G7-cQ9U0CQ-w-eR99IocmghrWzT-ARDQsc9W-pOMOvSU3rJmxcV_SYROy5sQby3IzLHP9qx-k4a00eQ-_4TVTDbZ9J8ym5Sm5rCpGuSJbS8wXTM5UhFVanvGPMyM93lPo0TSX8e_Pbg9qOzz86lra0DXL9SjEoIgbTATR-6YYKDY7UsfNC3cpCkrUNCVYdX6YwUi28YzQ3br-0ffWb9u5PqzWU7aNhOjI9s8_SRP2uVqf8fOEx9u4Tlhe29Keko0UBblGhfCjHu-VxYXuHqN8bOf_OI8HUao3qrmlUsn03PLjD2qjIH1AyxWUPoxlndIVxl1g33iFLQ54dk7GvJo9OE9HvBFU5QHlskHLKO-aFxA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYBBJLjLiYsf-N_SqrATvyohQyZ7SsVyl_JP3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTgwMjUyODg3MzU4NTc2oAHVttLqA8gBCakCTWgFD6IgsT6oAwGqBIACT9Dwfy4t0BY9LnSHN5w53Y7cbj8e_v6zdWXLYnuE-njVq3bzcgP6Q9brFfWnVL34yikMoHTjan1W3u-pK2rQMYiePgmZUAFSaAJhPVMNQt7AvkVA7e2qSDwOYlpKxWLuXqxs8wo_b42xlTQldj5XJeQM0Gjhgnn7PLCNsdA9hzx4K1dKIOEY1sKBILi1VNAzj6-jUcgbE7shsDOyBwi0pnJ246BATcYFQvlXmomKjUgl0KfwMPioMvZ3t2nEV51t1-w2osLjjFfP6jsEbdiZ6ChNrWFGuJxyT3pacFcGpGtcEqRzbrPpnVC_4ztUle0PEE6O9s2uPu6Se_Hy3WHASoAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3_T4GETXZntLzgkconSctpKqqivA%26client%3Dca-pub-3180252887358576%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 28 Jul 2022 06:52:31 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame DDD6
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuIyLgAN_0cKixV0AAIlb4s_6hSv9tu0bzNLWA&u=%7CxSHFEmyFXVAsYaEvjRC7h7TqxZ4zM5RNGJIhyLWRj7M%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zrKB14s976jz4tkhQfDtJjnQxzPTFB2tPTvLmz1CmX5G7-cQ9U0CQ-w-eR99IocmghrWzT-ARDQsc9W-pOMOvSU3rJmxcV_SYROy5sQby3IzLHP9qx-k4a00eQ-_4TVTDbZ9J8ym5Sm5rCpGuSJbS8wXTM5UhFVanvGPMyM93lPo0TSX8e_Pbg9qOzz86lra0DXL9SjEoIgbTATR-6YYKDY7UsfNC3cpCkrUNCVYdX6YwUi28YzQ3br-0ffWb9u5PqzWU7aNhOjI9s8_SRP2uVqf8fOEx9u4Tlhe29Keko0UBblGhfCjHu-VxYXuHqN8bOf_OI8HUao3qrmlUsn03PLjD2qjIH1AyxWUPoxlndIVxl1g33iFLQ54dk7GvJo9OE9HvBFU5QHlskHLKO-aFxA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYBBJLjLiYsf-N_SqrATvyohQyZ7SsVyl_JP3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTgwMjUyODg3MzU4NTc2oAHVttLqA8gBCakCTWgFD6IgsT6oAwGqBIACT9Dwfy4t0BY9LnSHN5w53Y7cbj8e_v6zdWXLYnuE-njVq3bzcgP6Q9brFfWnVL34yikMoHTjan1W3u-pK2rQMYiePgmZUAFSaAJhPVMNQt7AvkVA7e2qSDwOYlpKxWLuXqxs8wo_b42xlTQldj5XJeQM0Gjhgnn7PLCNsdA9hzx4K1dKIOEY1sKBILi1VNAzj6-jUcgbE7shsDOyBwi0pnJ246BATcYFQvlXmomKjUgl0KfwMPioMvZ3t2nEV51t1-w2osLjjFfP6jsEbdiZ6ChNrWFGuJxyT3pacFcGpGtcEqRzbrPpnVC_4ztUle0PEE6O9s2uPu6Se_Hy3WHASoAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3_T4GETXZntLzgkconSctpKqqivA%26client%3Dca-pub-3180252887358576%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 06:52:31 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 23 Jul 2023 06:52:31 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame DDD6
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuIyLgAN_0cKixV0AAIlb4s_6hSv9tu0bzNLWA&u=%7CxSHFEmyFXVAsYaEvjRC7h7TqxZ4zM5RNGJIhyLWRj7M%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zrKB14s976jz4tkhQfDtJjnQxzPTFB2tPTvLmz1CmX5G7-cQ9U0CQ-w-eR99IocmghrWzT-ARDQsc9W-pOMOvSU3rJmxcV_SYROy5sQby3IzLHP9qx-k4a00eQ-_4TVTDbZ9J8ym5Sm5rCpGuSJbS8wXTM5UhFVanvGPMyM93lPo0TSX8e_Pbg9qOzz86lra0DXL9SjEoIgbTATR-6YYKDY7UsfNC3cpCkrUNCVYdX6YwUi28YzQ3br-0ffWb9u5PqzWU7aNhOjI9s8_SRP2uVqf8fOEx9u4Tlhe29Keko0UBblGhfCjHu-VxYXuHqN8bOf_OI8HUao3qrmlUsn03PLjD2qjIH1AyxWUPoxlndIVxl1g33iFLQ54dk7GvJo9OE9HvBFU5QHlskHLKO-aFxA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYBBJLjLiYsf-N_SqrATvyohQyZ7SsVyl_JP3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTgwMjUyODg3MzU4NTc2oAHVttLqA8gBCakCTWgFD6IgsT6oAwGqBIACT9Dwfy4t0BY9LnSHN5w53Y7cbj8e_v6zdWXLYnuE-njVq3bzcgP6Q9brFfWnVL34yikMoHTjan1W3u-pK2rQMYiePgmZUAFSaAJhPVMNQt7AvkVA7e2qSDwOYlpKxWLuXqxs8wo_b42xlTQldj5XJeQM0Gjhgnn7PLCNsdA9hzx4K1dKIOEY1sKBILi1VNAzj6-jUcgbE7shsDOyBwi0pnJ246BATcYFQvlXmomKjUgl0KfwMPioMvZ3t2nEV51t1-w2osLjjFfP6jsEbdiZ6ChNrWFGuJxyT3pacFcGpGtcEqRzbrPpnVC_4ztUle0PEE6O9s2uPu6Se_Hy3WHASoAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3_T4GETXZntLzgkconSctpKqqivA%26client%3Dca-pub-3180252887358576%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 06:52:31 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 23 Jul 2023 06:52:31 GMT
df3c73e9-0664-11eb-8490-626a2067d975
images-sihv2.prd.dlivecdn.com/fit-in/50x50/filters:quality(90)/avatar/
2 KB
2 KB
Image
General
Full URL
https://images-sihv2.prd.dlivecdn.com/fit-in/50x50/filters:quality(90)/avatar/df3c73e9-0664-11eb-8490-626a2067d975
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
b3e26bd3f9f3787bfbca8cbeb25bb18f94079945bbf635d42a2f2b0e0d3824a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 15:37:59 GMT
via
1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
server
istio-envoy
age
1264473
etag
"5fb897cf79bf31ea9f3e2986fede8d143f2cee95"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=2592000
x-envoy-upstream-service-time
68
x-amz-cf-pop
FRA2-C1
content-length
1672
x-amz-cf-id
gEXv8NXqxazZS6agQSfmpSLpjXrlEB7KedHTGE9sUtVEKRJU-6j6oA==
expires
Thu, 14 Jul 2022 15:37:59 GMT
crown-silver-icon.d353eeef.svg
dlive.tv/img/
2 KB
1 KB
Image
General
Full URL
https://dlive.tv/img/crown-silver-icon.d353eeef.svg
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e6fea926310537ae680f9587567921294e66513a5d5d8299dce854f91e5c53e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 05:11:15 GMT
content-encoding
gzip
last-modified
Sat, 09 Jul 2022 09:58:27 GMT
server
istio-envoy
age
1561277
etag
W/"62c95143-87a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
0
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
4DSbuo4MPB32ZkFa14wkV-NOzgFkDCTaKA7Fgx7M8FLTKy4syM326g==
expires
Tue, 09 Aug 2022 05:11:15 GMT
default11.png
image.dlivecdn.com/avatar/
9 KB
9 KB
Image
General
Full URL
https://image.dlivecdn.com/avatar/default11.png
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7e454af03785e815c5751d97066722d3e1f3ce3fe15d77fb46a8ee85453ccae0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 08:22:32 GMT
via
1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
last-modified
Thu, 29 Nov 2018 02:48:01 GMT
server
AmazonS3
age
81948
etag
"c3170c5e4cade0e48effbe40bf89d7df"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
9209
x-amz-cf-id
KqyK6yhSS4HmLzGiQMNj2wAt1HDaRemcyNwHXwfTVj9pLRz8KLXp4g==
crown-copper-icon.e6b0ce12.svg
dlive.tv/img/
2 KB
1 KB
Image
General
Full URL
https://dlive.tv/img/crown-copper-icon.e6b0ce12.svg
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
ad581b9fc5dad93d828d6e179674fda43a906b99766a446ad1fee79837d005bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 22:56:39 GMT
content-encoding
gzip
last-modified
Fri, 22 Jul 2022 08:31:35 GMT
server
istio-envoy
age
460553
etag
W/"62da6067-886"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
0
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
7PaoXtLKq8tLk34asyunvV9-kEjVe6y4p8NB0W5nT7F9-2bTkDAX3g==
expires
Sun, 21 Aug 2022 22:56:39 GMT
c30e12c3-038d-11ed-b56a-122eaad9f5c5
images-sihv2.prd.dlivecdn.com/fit-in/50x50/filters:quality(90)/avatar/
7 KB
7 KB
Image
General
Full URL
https://images-sihv2.prd.dlivecdn.com/fit-in/50x50/filters:quality(90)/avatar/c30e12c3-038d-11ed-b56a-122eaad9f5c5
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
efeb005732182dceaa90346ef38802ea5d6478855c72de196954fb86dd623f23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 14 Jul 2022 15:58:12 GMT
via
1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
server
istio-envoy
age
1176860
etag
"bb86f0fd594b5ae882f0b29eceb9684d021d3d61"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=2592000
x-envoy-upstream-service-time
87
x-amz-cf-pop
FRA2-C1
content-length
6657
x-amz-cf-id
Nb0B_DlcY0_FqZWGvYvdQodM3D2OX-4p-LgITt4oyGwUJrw8upPglg==
expires
Fri, 15 Jul 2022 15:58:12 GMT
triangle-down-icon.7ecebf33.svg
dlive.tv/img/
770 B
1 KB
Image
General
Full URL
https://dlive.tv/img/triangle-down-icon.7ecebf33.svg
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
16852b4466ece5fc584b17d175ebc4cfc6b4712e6e4335c3806090b9b9e05b0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 11:14:38 GMT
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
last-modified
Fri, 01 Jul 2022 08:19:10 GMT
server
istio-envoy
age
2230674
etag
"62beadfe-302"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
0
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
770
x-amz-cf-id
iZFDAisxmV7_eSOD81QQ9BvoUKomBFltWHuM3-6rKX0nie1o6rq2iQ==
expires
Mon, 01 Aug 2022 11:14:38 GMT
triangle-up-icon.a29c0784.svg
dlive.tv/img/
792 B
1 KB
Image
General
Full URL
https://dlive.tv/img/triangle-up-icon.a29c0784.svg
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
d63a043c20196bc1059d5c2ef73316b7ceb55e5a80428c6fae13f85b6b899e84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 07:13:14 GMT
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
last-modified
Mon, 27 Jun 2022 10:58:11 GMT
server
istio-envoy
age
2331558
etag
"62b98d43-318"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=2592000,public
x-envoy-upstream-service-time
0
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
792
x-amz-cf-id
SKI-0wici43kJsZe9INcWRhczdPZO8RD2wsjJQc6ZcZROQruzLaaeg==
expires
Sun, 31 Jul 2022 07:13:14 GMT
m-outer-9e7b0f09082e3e3828541eddc9ec63b1.html
js.stripe.com/v3/ Frame 58EF
240 B
1 KB
Document
General
Full URL
https://js.stripe.com/v3/m-outer-9e7b0f09082e3e3828541eddc9ec63b1.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-65.fra2.r.cloudfront.net
Software
Cloudfront /
Resource Hash
b7807a4aff09f38acd13cbe98b6b176284915dc567a08ff346295899b8232144
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://dlive.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3394
cache-control
max-age=31536000
content-length
240
content-security-policy
default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 28 Jul 2022 05:56:05 GMT
etag
"9e7b0f09082e3e3828541eddc9ec63b1"
last-modified
Wed, 27 Jul 2022 20:50:48 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-amz-cf-id
2YzVZYWKVDLbndbWj9ROmSdKID-O1QFgk9kEY3oH_CdaRT7aG9HoDg==
x-amz-cf-pop
FRA2-C2
x-cache
Hit from cloudfront
x-content-type-options
nosniff
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220726&st=env
Requested by
Host: dlive.tv
URL: https://dlive.tv/js/chunk-vendors.02ca80b7.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7854493c1ea4d008d1c1253f6775b69148172691754c3ee6bab019652b197f9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 28 Jul 2022 06:52:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10995
x-xss-protection
0
/
graphigo.prd.dlive.tv/
321 B
507 B
Fetch
General
Full URL
https://graphigo.prd.dlive.tv/
Requested by
Host: dlive.tv
URL: https://dlive.tv/js/chunk-vendors.02ca80b7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.191.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-191-36.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
b25c7a627d4ad17b1142a0f7054af321a93005e31cccca89b62e721a257e83ad

Request headers

fingerprint
8c5f260ea9123b0009dbac77d6bcc3ab
accept-language
de-DE,de;q=0.9
gacid
536569996.1658991155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
x-dlive-mversion
302b3406bfae84e66f4716c75e6c66122f4c7738
accept
*/*
x-dlive-mtype
web
Referer
https://dlive.tv/
content-type
application/json
x-dlive-mid
8c5f260ea9123b0009dbac77d6bcc3ab

Response headers

date
Thu, 28 Jul 2022 06:52:32 GMT
server
istio-envoy
vary
Origin
content-type
application/json
access-control-allow-origin
https://dlive.tv
access-control-allow-credentials
true
x-envoy-upstream-service-time
192
content-length
321
/
graphigo.prd.dlive.tv/ Frame
0
0
Preflight
General
Full URL
https://graphigo.prd.dlive.tv/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.191.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-191-36.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,fingerprint,gacid,x-dlive-mid,x-dlive-mtype,x-dlive-mversion
Access-Control-Request-Method
POST
Origin
https://dlive.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Fingerprint, Gacid, X-Dlive-Mid, X-Dlive-Mtype, X-Dlive-Mversion
access-control-allow-methods
POST
access-control-allow-origin
https://dlive.tv
access-control-max-age
86400
content-length
0
date
Thu, 28 Jul 2022 06:52:32 GMT
server
istio-envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
0
csp-report
q.stripe.com/ Frame 58EF
0
570 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 28 Jul 2022 06:52:32 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 58EF
0
571 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 28 Jul 2022 06:52:32 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
m-outer-b2b60868098346ef56afaffc9148e826.js
js.stripe.com/v3/fingerprinted/js/ Frame 58EF
526 B
1023 B
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-b2b60868098346ef56afaffc9148e826.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-9e7b0f09082e3e3828541eddc9ec63b1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-65.fra2.r.cloudfront.net
Software
Cloudfront /
Resource Hash
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-9e7b0f09082e3e3828541eddc9ec63b1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
via
1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
17
x-cache
Hit from cloudfront
date
Thu, 28 Jul 2022 06:52:15 GMT
content-length
526
last-modified
Wed, 27 Jul 2022 20:51:23 GMT
server
Cloudfront
etag
"d96c709017743c0759cf3853d1806ba5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
RIA7i-rsbJTREuTO-63iAYs8JpvLGOA9us_uijOTuVfJ34wt6deaOQ==
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3180252887358576&plah=dlive.tv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 06:52:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 28 Jul 2022 06:52:32 GMT
inner.html
m.stripe.network/ Frame 9B28
930 B
2 KB
Document
General
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-b2b60868098346ef56afaffc9148e826.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-59.fra2.r.cloudfront.net
Software
Cloudfront /
Resource Hash
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
256
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 28 Jul 2022 06:48:16 GMT
etag
"fc2e029628f163bb59adc6fa5a31161c"
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
x-amz-cf-id
5IUsxBZYESCZJSd7SypQ_JGOoqtrMihW9-m4AQ9CvI5VPymW_HreMA==
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
/
graphigo.prd.dlive.tv/
92 B
276 B
Fetch
General
Full URL
https://graphigo.prd.dlive.tv/
Requested by
Host: dlive.tv
URL: https://dlive.tv/js/chunk-vendors.02ca80b7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.191.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-191-36.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
fa7733a6615646ab657db7f98027148b388f14f18774f8878012bb3fe6ab8d29

Request headers

fingerprint
8c5f260ea9123b0009dbac77d6bcc3ab
accept-language
de-DE,de;q=0.9
gacid
536569996.1658991155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
x-dlive-mversion
302b3406bfae84e66f4716c75e6c66122f4c7738
accept
*/*
x-dlive-mtype
web
Referer
https://dlive.tv/
content-type
application/json
x-dlive-mid
8c5f260ea9123b0009dbac77d6bcc3ab

Response headers

date
Thu, 28 Jul 2022 06:52:32 GMT
server
istio-envoy
vary
Origin
content-type
application/json
access-control-allow-origin
https://dlive.tv
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
content-length
92
/
graphigo.prd.dlive.tv/ Frame
0
0
Preflight
General
Full URL
https://graphigo.prd.dlive.tv/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.191.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-191-36.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,fingerprint,gacid,x-dlive-mid,x-dlive-mtype,x-dlive-mversion
Access-Control-Request-Method
POST
Origin
https://dlive.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Fingerprint, Gacid, X-Dlive-Mid, X-Dlive-Mtype, X-Dlive-Mversion
access-control-allow-methods
POST
access-control-allow-origin
https://dlive.tv
access-control-max-age
86400
content-length
0
date
Thu, 28 Jul 2022 06:52:32 GMT
server
istio-envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
0
csp-report
q.stripe.com/ Frame 9B28
0
344 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: dlive.tv
URL: https://dlive.tv/JohnDukeofLancaster?ref=johndukeoflancaster%F0%9F%93%8C%F0%9F%91%89%20%20Pe
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 06:52:32 GMT
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
x-robots-tag
none
content-length
0
x-content-type-options
nosniff
expires
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B60D
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dlive.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1972
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 28 Jul 2022 06:19:40 GMT
expires
Fri, 28 Jul 2023 06:19:40 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E753
783 B
535 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d58feb3f4258baed38409e15bbbb193141e7d00dffa32d8d0eb21d7a5049d66f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-k6gkhiRI1yuCYmc5RGyWlg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dlive.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-k6gkhiRI1yuCYmc5RGyWlg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 28 Jul 2022 06:52:32 GMT
expires
Thu, 28 Jul 2022 06:52:32 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
graphigo.prd.dlive.tv/
4 KB
4 KB
Fetch
General
Full URL
https://graphigo.prd.dlive.tv/
Requested by
Host: dlive.tv
URL: https://dlive.tv/js/chunk-vendors.02ca80b7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.191.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-191-36.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
7c6232f7e5d3dc89db0fd7c31ab24f9738c838d3b0d521293a515e9c8d640930

Request headers

fingerprint
8c5f260ea9123b0009dbac77d6bcc3ab
accept-language
de-DE,de;q=0.9
gacid
536569996.1658991155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
x-dlive-mversion
302b3406bfae84e66f4716c75e6c66122f4c7738
accept
*/*
x-dlive-mtype
web
Referer
https://dlive.tv/
content-type
application/json
x-dlive-mid
8c5f260ea9123b0009dbac77d6bcc3ab

Response headers

access-control-allow-origin
https://dlive.tv
date
Thu, 28 Jul 2022 06:52:32 GMT
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
vary
Origin
server
istio-envoy
content-type
application/json
/
graphigo.prd.dlive.tv/ Frame
0
0
Preflight
General
Full URL
https://graphigo.prd.dlive.tv/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.191.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-191-36.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,fingerprint,gacid,x-dlive-mid,x-dlive-mtype,x-dlive-mversion
Access-Control-Request-Method
POST
Origin
https://dlive.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Fingerprint, Gacid, X-Dlive-Mid, X-Dlive-Mtype, X-Dlive-Mversion
access-control-allow-methods
POST
access-control-allow-origin
https://dlive.tv
access-control-max-age
86400
content-length
0
date
Thu, 28 Jul 2022 06:52:32 GMT
server
istio-envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
0
out-4.5.42.js
m.stripe.network/ Frame 9B28
86 KB
16 KB
Script
General
Full URL
https://m.stripe.network/out-4.5.42.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-59.fra2.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
age
79
date
Thu, 28 Jul 2022 06:51:15 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
via
1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
cache-control
max-age=300, public
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
topVaAI9-s-zHelVxo58trbr7PaYTnfqSTPYLLWTWXroBDJZvsg4Rg==
etag
W/"21df7244385e5c0bdf32da01d0dad6c0"
/
graphigo.prd.dlive.tv/
4 KB
4 KB
Fetch
General
Full URL
https://graphigo.prd.dlive.tv/
Requested by
Host: dlive.tv
URL: https://dlive.tv/js/chunk-vendors.02ca80b7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.191.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-191-36.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
b327fbba869f1d27f803ff0ec28e40cd5eccc3296042e988100b2996c74b9157

Request headers

fingerprint
8c5f260ea9123b0009dbac77d6bcc3ab
accept-language
de-DE,de;q=0.9
gacid
536569996.1658991155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
x-dlive-mversion
302b3406bfae84e66f4716c75e6c66122f4c7738
accept
*/*
x-dlive-mtype
web
Referer
https://dlive.tv/
content-type
application/json
x-dlive-mid
8c5f260ea9123b0009dbac77d6bcc3ab

Response headers

access-control-allow-origin
https://dlive.tv
date
Thu, 28 Jul 2022 06:52:32 GMT
access-control-allow-credentials
true
x-envoy-upstream-service-time
23
vary
Origin
server
istio-envoy
content-type
application/json
/
graphigo.prd.dlive.tv/ Frame
0
0
Preflight
General
Full URL
https://graphigo.prd.dlive.tv/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.191.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-191-36.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,fingerprint,gacid,x-dlive-mid,x-dlive-mtype,x-dlive-mversion
Access-Control-Request-Method
POST
Origin
https://dlive.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Fingerprint, Gacid, X-Dlive-Mid, X-Dlive-Mtype, X-Dlive-Mversion
access-control-allow-methods
POST
access-control-allow-origin
https://dlive.tv
access-control-max-age
86400
content-length
0
date
Thu, 28 Jul 2022 06:52:32 GMT
server
istio-envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
0
sodar
pagead2.googlesyndication.com/pagead/ Frame E753
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220726&jk=3450251239526917&rc=05AMjm62WgIKano9xIB0QjE2bpRcB7SjsSUUwFgoxjGaaaxXyObCpGJgsSDtzlgZMY1f7TihfgzYsPnEtmvjN248ufGOFg6P64tSaKGaqS86WwRrlymy-UAwOZWdReU7BGNjig0deZF8k40DV_HrLAh4wDBmeUOQp6Gc73B1h4oe7D8r23TKglryB5aXN5Ur7SMzLn2Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

6
m.stripe.com/ Frame 9B28
156 B
522 B
XHR
General
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.27.131.183 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-27-131-183.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
5d438da208c0f8d8fabcb5ca99a69cad1520d32b892f22ec5b86221491ceaff2
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 28 Jul 2022 06:52:32 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
application/json;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
4JAIKwid8f35vx5JMDPHWQJTURDOey7UpTPwaznZUPM.js
pagead2.googlesyndication.com/bg/ Frame B60D
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/4JAIKwid8f35vx5JMDPHWQJTURDOey7UpTPwaznZUPM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e090082b089df1fdf9bf1e493033c75902535110ce7b2ed4a533f06b39d950f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 11:42:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
328184
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13903
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 24 Jul 2023 11:42:48 GMT
/
graphigo.prd.dlive.tv/
146 B
331 B
Fetch
General
Full URL
https://graphigo.prd.dlive.tv/
Requested by
Host: dlive.tv
URL: https://dlive.tv/js/chunk-vendors.02ca80b7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.191.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-191-36.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
a138af9bff3f5d020b4dd92a1031c1db5f34117f1acfd0b07262b10d0b09187c

Request headers

fingerprint
8c5f260ea9123b0009dbac77d6bcc3ab
accept-language
de-DE,de;q=0.9
gacid
536569996.1658991155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
x-dlive-mversion
302b3406bfae84e66f4716c75e6c66122f4c7738
accept
*/*
x-dlive-mtype
web
Referer
https://dlive.tv/
content-type
application/json
x-dlive-mid
8c5f260ea9123b0009dbac77d6bcc3ab

Response headers

date
Thu, 28 Jul 2022 06:52:32 GMT
server
istio-envoy
vary
Origin
content-type
application/json
access-control-allow-origin
https://dlive.tv
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
content-length
146
/
graphigo.prd.dlive.tv/ Frame
0
0
Preflight
General
Full URL
https://graphigo.prd.dlive.tv/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.191.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-191-36.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,fingerprint,gacid,x-dlive-mid,x-dlive-mtype,x-dlive-mversion
Access-Control-Request-Method
POST
Origin
https://dlive.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Fingerprint, Gacid, X-Dlive-Mid, X-Dlive-Mtype, X-Dlive-Mversion
access-control-allow-methods
POST
access-control-allow-origin
https://dlive.tv
access-control-max-age
86400
content-length
0
date
Thu, 28 Jul 2022 06:52:32 GMT
server
istio-envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
0
bc02341a-8561-11eb-a5d7-0e5861c697dd
images-sihv2.prd.dlivecdn.com/fit-in/50x50/filters:quality(90)/avatar/
4 KB
4 KB
Image
General
Full URL
https://images-sihv2.prd.dlivecdn.com/fit-in/50x50/filters:quality(90)/avatar/bc02341a-8561-11eb-a5d7-0e5861c697dd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
d3687468688c34c510da02ac715fd4c18498c61ec8139959fc17a25c5839f0f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 07:44:00 GMT
via
1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
server
istio-envoy
age
3452912
etag
"dbe9480fb8fa779440289f17a57c884056b1d8b6"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=2592000
x-envoy-upstream-service-time
43
x-amz-cf-pop
FRA2-C1
content-length
3860
x-amz-cf-id
kDe4QLqS0uK54m-BYRLhvFJ4t3tuEz_kDgaAhk4hZr5lb3npJBcoIA==
expires
Sun, 19 Jun 2022 07:44:00 GMT
4c3496d0-d3c5-11ec-bbd3-2a41ddc46296
images-sihv2.prd.dlivecdn.com/fit-in/50x50/filters:quality(90)/avatar/
4 KB
5 KB
Image
General
Full URL
https://images-sihv2.prd.dlivecdn.com/fit-in/50x50/filters:quality(90)/avatar/4c3496d0-d3c5-11ec-bbd3-2a41ddc46296
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
5fe1f39d2897d22f4afd93a5200729505cd9d261df27218e9eba7199a0d33f25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 08 Jul 2022 02:24:21 GMT
via
1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
server
istio-envoy
age
1744091
etag
"4e4b3bfe4e4d9234b279aad466e09c349300a235"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=2592000
x-envoy-upstream-service-time
129
x-amz-cf-pop
FRA2-C1
content-length
4409
x-amz-cf-id
bs6jd5CaLTPYuRvjo5zTDwiAY-SxjC2f9bs-hlZ1SzUYMblVYPSoYQ==
expires
Sat, 09 Jul 2022 02:24:21 GMT
464dbeee-9ca4-11eb-bbbd-b23d0cea717c
images-sihv2.prd.dlivecdn.com/fit-in/50x50/filters:quality(90)/avatar/
5 KB
5 KB
Image
General
Full URL
https://images-sihv2.prd.dlivecdn.com/fit-in/50x50/filters:quality(90)/avatar/464dbeee-9ca4-11eb-bbbd-b23d0cea717c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
ebcd418aeebf15be4b06905bcd70c96bd63068d8d5d3505ef1e1714477debcf1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 08 Jul 2022 01:27:19 GMT
via
1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
server
istio-envoy
age
1747513
etag
"08a512f467ee33816b818ff3ff7ea132cd588784"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=2592000
x-envoy-upstream-service-time
77
x-amz-cf-pop
FRA2-C1
content-length
4989
x-amz-cf-id
Oe0j4wRUUEzsy-jhqTZdXRozYblSraZeIkYPMQPYt2lSTZ0Q4TQo9w==
expires
Sat, 09 Jul 2022 01:27:19 GMT
19a336e1-0cec-11ec-a9ae-0e5861c697dd
images-sihv2.prd.dlivecdn.com/fit-in/50x50/filters:quality(90)/avatar/
4 KB
4 KB
Image
General
Full URL
https://images-sihv2.prd.dlivecdn.com/fit-in/50x50/filters:quality(90)/avatar/19a336e1-0cec-11ec-a9ae-0e5861c697dd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
ffdb921d0fdc037dcf222f0dcce84f8d6da834dae23a91be5a44c3ae8e816c0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 09 Jul 2022 20:19:00 GMT
via
1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
server
istio-envoy
age
1593212
etag
"97dad8073867ef80c78703b1062d5a3e91620983"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=2592000
x-envoy-upstream-service-time
140
x-amz-cf-pop
FRA2-C1
content-length
3895
x-amz-cf-id
-0GzzNk7HRyzn9HXEzynivlw7xEZbOjIhVm0YUFwDhua8fO_q3ehxQ==
expires
Sun, 10 Jul 2022 20:19:00 GMT
26c35f0d-74d6-11ec-9d17-72dc28a4c730
images-sihv2.prd.dlivecdn.com/fit-in/50x50/filters:quality(90)/avatar/
5 KB
5 KB
Image
General
Full URL
https://images-sihv2.prd.dlivecdn.com/fit-in/50x50/filters:quality(90)/avatar/26c35f0d-74d6-11ec-9d17-72dc28a4c730
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
a9b66c4fdb97741c15171d0595ab754cdccb37cd67494fc1558315642db8beb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 23:34:41 GMT
via
1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
server
istio-envoy
age
1322271
etag
"c2fdf8c5f9ea738c3cba706ff57fab219101c050"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=2592000
x-envoy-upstream-service-time
73
x-amz-cf-pop
FRA2-C1
content-length
4880
x-amz-cf-id
j0AEA3XyIsszS7-WlNqAHhy_EeM0YWDcJH8uYnBuBQedPc7ZSJxCow==
expires
Wed, 13 Jul 2022 23:34:41 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 34D5
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssj5pbPbbnulwjg6whbOc_V2nNy4NLN7fFpqYE6DA3iYpSyHaT5hSeHg2nmtxMO7QD4Y3uDIjOQlkjzYDau0gR3SQw&sig=Cg0ArKJSzNWKNEPyuujQEAE&cid=CAASF-RoC1zig2KLSKvBkTV2IvxCPnr7WAyh&id=lidar2&mcvt=1016&p=0,0,256,128&mtos=1016,1016,1016,1016,1016&tos=1016,0,0,0,0&v=20220725&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3835943102&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658991156685&rpt=883&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 06:52:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
graphigo.prd.dlive.tv/
61 B
245 B
Fetch
General
Full URL
https://graphigo.prd.dlive.tv/
Requested by
Host: dlive.tv
URL: https://dlive.tv/js/chunk-vendors.02ca80b7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.191.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-191-36.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
2697fa0b50e719c2e4840b62ef1a1b5c0e883e9c5ae8e3e75a326a8365bc9bb5

Request headers

fingerprint
8c5f260ea9123b0009dbac77d6bcc3ab
accept-language
de-DE,de;q=0.9
gacid
536569996.1658991155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
x-dlive-mversion
302b3406bfae84e66f4716c75e6c66122f4c7738
accept
*/*
x-dlive-mtype
web
Referer
https://dlive.tv/
content-type
application/json
x-dlive-mid
8c5f260ea9123b0009dbac77d6bcc3ab

Response headers

date
Thu, 28 Jul 2022 06:52:32 GMT
server
istio-envoy
vary
Origin
content-type
application/json
access-control-allow-origin
https://dlive.tv
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
content-length
61
/
graphigo.prd.dlive.tv/ Frame
0
0
Preflight
General
Full URL
https://graphigo.prd.dlive.tv/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.191.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-191-36.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,fingerprint,gacid,x-dlive-mid,x-dlive-mtype,x-dlive-mversion
Access-Control-Request-Method
POST
Origin
https://dlive.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Fingerprint, Gacid, X-Dlive-Mid, X-Dlive-Mtype, X-Dlive-Mversion
access-control-allow-methods
POST
access-control-allow-origin
https://dlive.tv
access-control-max-age
86400
content-length
0
date
Thu, 28 Jul 2022 06:52:32 GMT
server
istio-envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
0
generate_204
tpc.googlesyndication.com/ Frame B60D
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?1s5tDg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 06:52:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
/
graphigo.prd.dlive.tv/
74 B
259 B
Fetch
General
Full URL
https://graphigo.prd.dlive.tv/
Requested by
Host: dlive.tv
URL: https://dlive.tv/js/chunk-vendors.02ca80b7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.191.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-191-36.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
964c98c9cbd3e72bc6d5a081289113e03f67842c7b7a9e79d8fe2ccf83b71358

Request headers

fingerprint
8c5f260ea9123b0009dbac77d6bcc3ab
accept-language
de-DE,de;q=0.9
gacid
536569996.1658991155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
x-dlive-mversion
302b3406bfae84e66f4716c75e6c66122f4c7738
accept
*/*
x-dlive-mtype
web
Referer
https://dlive.tv/
content-type
application/json
x-dlive-mid
8c5f260ea9123b0009dbac77d6bcc3ab

Response headers

date
Thu, 28 Jul 2022 06:52:33 GMT
server
istio-envoy
vary
Origin
content-type
application/json
access-control-allow-origin
https://dlive.tv
access-control-allow-credentials
true
x-envoy-upstream-service-time
78
content-length
74
/
graphigo.prd.dlive.tv/ Frame
0
0
Preflight
General
Full URL
https://graphigo.prd.dlive.tv/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.191.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-191-36.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,fingerprint,gacid,x-dlive-mid,x-dlive-mtype,x-dlive-mversion
Access-Control-Request-Method
POST
Origin
https://dlive.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Fingerprint, Gacid, X-Dlive-Mid, X-Dlive-Mtype, X-Dlive-Mversion
access-control-allow-methods
POST
access-control-allow-origin
https://dlive.tv
access-control-max-age
86400
content-length
0
date
Thu, 28 Jul 2022 06:52:32 GMT
server
istio-envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
0
/
graphigo.prd.dlive.tv/
20 B
204 B
Fetch
General
Full URL
https://graphigo.prd.dlive.tv/
Requested by
Host: dlive.tv
URL: https://dlive.tv/js/chunk-vendors.02ca80b7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.191.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-191-36.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
88ecf92326f1ff8da3d81eb38e1a84528de5661b7ec30b895ba82c43118380af

Request headers

fingerprint
8c5f260ea9123b0009dbac77d6bcc3ab
accept-language
de-DE,de;q=0.9
gacid
536569996.1658991155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
x-dlive-mversion
302b3406bfae84e66f4716c75e6c66122f4c7738
accept
*/*
x-dlive-mtype
web
Referer
https://dlive.tv/
content-type
application/json
x-dlive-mid
8c5f260ea9123b0009dbac77d6bcc3ab

Response headers

date
Thu, 28 Jul 2022 06:52:33 GMT
server
istio-envoy
vary
Origin
content-type
application/json
access-control-allow-origin
https://dlive.tv
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
content-length
20
/
graphigo.prd.dlive.tv/ Frame
0
0
Preflight
General
Full URL
https://graphigo.prd.dlive.tv/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.191.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-191-36.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,fingerprint,gacid,x-dlive-mid,x-dlive-mtype,x-dlive-mversion
Access-Control-Request-Method
POST
Origin
https://dlive.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Fingerprint, Gacid, X-Dlive-Mid, X-Dlive-Mtype, X-Dlive-Mversion
access-control-allow-methods
POST
access-control-allow-origin
https://dlive.tv
access-control-max-age
86400
content-length
0
date
Thu, 28 Jul 2022 06:52:32 GMT
server
istio-envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
0
all
csm.eu.criteo.net/ Frame DDD6
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=i48gl9YgHm1q9XK-uPocXaKN2gGGXFXHnsEZyP8GEicz2eABzh027ULZXuFsG1M7njLK98cJW7aMA4CWfGywIOG4rzxJPbjcWPP1zbuOGrxTKF3x9-fKdIfc0W-6oSjIPoWlnX52nwXF6wenRM-bNXB5fUb8gVo1ha0b3hSNaE0UG5a3NPtaoTQZjzIxKMIuSs5JZAhYVaIL_H9zrZFZ17r9fKD1zCd7jUT3VEjkQebyOwDs6-dengSUGQB9QYA3gp1_4Q&sds=2&rev=82250&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuIyLgAN_0cKixV0AAIlb4s_6hSv9tu0bzNLWA&u=%7CxSHFEmyFXVAsYaEvjRC7h7TqxZ4zM5RNGJIhyLWRj7M%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zrKB14s976jz4tkhQfDtJjnQxzPTFB2tPTvLmz1CmX5G7-cQ9U0CQ-w-eR99IocmghrWzT-ARDQsc9W-pOMOvSU3rJmxcV_SYROy5sQby3IzLHP9qx-k4a00eQ-_4TVTDbZ9J8ym5Sm5rCpGuSJbS8wXTM5UhFVanvGPMyM93lPo0TSX8e_Pbg9qOzz86lra0DXL9SjEoIgbTATR-6YYKDY7UsfNC3cpCkrUNCVYdX6YwUi28YzQ3br-0ffWb9u5PqzWU7aNhOjI9s8_SRP2uVqf8fOEx9u4Tlhe29Keko0UBblGhfCjHu-VxYXuHqN8bOf_OI8HUao3qrmlUsn03PLjD2qjIH1AyxWUPoxlndIVxl1g33iFLQ54dk7GvJo9OE9HvBFU5QHlskHLKO-aFxA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYBBJLjLiYsf-N_SqrATvyohQyZ7SsVyl_JP3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTgwMjUyODg3MzU4NTc2oAHVttLqA8gBCakCTWgFD6IgsT6oAwGqBIACT9Dwfy4t0BY9LnSHN5w53Y7cbj8e_v6zdWXLYnuE-njVq3bzcgP6Q9brFfWnVL34yikMoHTjan1W3u-pK2rQMYiePgmZUAFSaAJhPVMNQt7AvkVA7e2qSDwOYlpKxWLuXqxs8wo_b42xlTQldj5XJeQM0Gjhgnn7PLCNsdA9hzx4K1dKIOEY1sKBILi1VNAzj6-jUcgbE7shsDOyBwi0pnJ246BATcYFQvlXmomKjUgl0KfwMPioMvZ3t2nEV51t1-w2osLjjFfP6jsEbdiZ6ChNrWFGuJxyT3pacFcGpGtcEqRzbrPpnVC_4ztUle0PEE6O9s2uPu6Se_Hy3WHASoAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3_T4GETXZntLzgkconSctpKqqivA%26client%3Dca-pub-3180252887358576%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 28 Jul 2022 06:52:32 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220726&jk=3450251239526917&bg=!g4ClgMTNAAacadVKvGk7ACkAdvg8WnzWMnIAPLAD8xtcbzGicH2rr3BLhm8x8WTO-Po8pimfCyi5hgIAAAELUgAAAAZoAQcKAO5GJkWyeN7-HT0mmri3Wcq8fnL0yaG9w7oEXJF790PumGf6Qg1HEtVsw7Cdhp1LUpikRg32ED2G7plpsdoTxm1RxuUWy-LAT6vH8hJVc_yRjAUXYeTrCGF_Ei7C3GzYRGMiAfWQYkKgjoF5OV2lVIGkU9ODbI30rOnT0K4T6kBodQiM5ZfgO2-2YstUpKHiiLKyCggwCTrjJjj8ckLDFrW6Zo4UX37BjugVHjfvoIGCgMdxHIyo94FhGKpntDMcEMDBKWs-m7MiglxfAVRbZs70kXbfxmbmATLN0IpIBzLNKn_FwhK8PTCvnMeDKnDvmQKUAkezYBzPTvuEaxgx6sw9qfCZoWtXrHcHW3oSpGeU1A_JJ9CInDxg3Hy54jPUkKGQYhGYhAUs8ygqAdqRJRdWISd43k4sYRI-4rlBRlDSOoXnEL2NVt76KNr5zVee16Uy_MoLG2aLsyv1C2E94FZ73uuaTYSdUPzQ0usP43DpLQGmHdRan_LLnaj3kOBHqydZ-dX_QZLyNTA8I8IWPnGimQl51l4wI8v0od_h0a7EB0YfTUlJW_mJDgbjP31IQmlQJnVaGQ7UnUx5fxXInk5nKqwW1bPtUAjumA5ISAjigNYoWYkMhtRiQZIt6af3FEu4A5vjsWcoA2lD2ocXdzIcUg115uMVtne7n91Ymb97uqhsKzRIqP2QAie4LLsPJzkcHvhNcXA13OnxlB4PBvLV6sGjrkhj64zhjeirHVdXOxavXrPmX-wnLKmffiekyhkZJIeaHdV9rBZaXw2VAiOZir785gKFcGim7JNv7VeNStzguGTJ2BwcE01EBnbbR-UlfMjmGEEZ7uhWKiNYy4AQe_AKsw0WW_8Yyfo5tgzvSw4O_G59SiMD54lIjS-5gk5BhaCg1Ou5HPplBnTVZOAz7WXNlGLw8H8W0mY8g1YkyQNz_tmO8ql9Id6hMumhKKoNho-K6x1dAzKnN4GS4T1aXRF8O4Wg2V3d91PeRzJrBdyRCpdD2TWrKW78WhQKS8cQSahWD7nsZkUCmKu5K4QFOk4QrElGJOfPdK_y0Xaql-GpXpS8G_Kf0bL3rD33cOVtIBEaOOtv8cTVA0DYGjF_DK63G6FLyHWP6ErC6Blr7dBRUb5u25gSLqvr5GCKCNL2rsjVGe2tZpGwmZWi_VV33FkM75rldYtJQ2WFxmmI3YVE-35y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlive.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google.com
URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf5BmkUAAAAAKYk6gV1OzK05pOv99MOQoXSIrgj&co=aHR0cHM6Ly9kbGl2ZS50djo0NDM.&hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=invisible&cb=xxita58r164g
Domain
www.google.com
URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf5BmkUAAAAAKYk6gV1OzK05pOv99MOQoXSIrgj&co=aHR0cHM6Ly9kbGl2ZS50djo0NDM.&hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=invisible&cb=ljv6mtholdp1

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| fbq function| _fbq string| GoogleAnalyticsObject function| ga function| gtag object| dataLayer function| gtag_report_conversion object| __INITIAL_STATE__ object| __APOLLO_STATE__ object| google_tag_manager object| webpackJsonp object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator object| google_js_reporting_queue number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| recaptcha object| regeneratorRuntime object| __core-js_shared__ object| core object| SocialSharing object| __SENTRY__ function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| adsbygoogle function| setImmediate function| clearImmediate function| vueRecaptchaApiLoaded object| closure_lm_141452 object| webpackChunkstripe_js_v3 function| Stripe object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_image_requests object| googletag object| GoogleGcLKhOms

19 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AMjm62UrLnaMy4w_pwb66kQ_r5PKCLYslINUG3dXYugrZ_sYBAhxK899d2pOPBmWBMWNJTu3oA0BrBukjWLmITE
.dlive.tv/ Name: _gcl_au
Value: 1.1.871582889.1658991155
.dlive.tv/ Name: _ga
Value: GA1.2.536569996.1658991155
.dlive.tv/ Name: _gid
Value: GA1.2.941246965.1658991155
.dlive.tv/ Name: _gat
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUmfzJFVV55WRttbdUyucN6qCpEqA3FKupp0x-VykP6fdAMx4-1wlWs8K5IM
.dlive.tv/ Name: _fbp
Value: fb.1.1658991156214.71760207
.facebook.com/ Name: fr
Value: 0Q2woZnF6Fv6ISbqb..Bi4jIu...1.0.Bi4jIu.
.dlive.tv/ Name: __gads
Value: ID=8a72d699961ed059-2286b187dbcd006c:T=1658991150:RT=1658991150:S=ALNI_MZ-sPkK06YxaDdOjohoJZrettM4pA
.casalemedia.com/ Name: CMID
Value: YuIyL6PBNCd3mi8hvznWYgAA
.casalemedia.com/ Name: CMPS
Value: 1173
.casalemedia.com/ Name: CMPRO
Value: 1173
.quantserve.com/ Name: d
Value: EGIBCQHcJoEA
.quantserve.com/ Name: mc
Value: 62e2322f-d5202-f489e-e0e58
.casalemedia.com/ Name: CMTS
Value: 1214
.innovid.com/ Name: uuid
Value: 7c7dcba0-ee07-427b-a8b0-749d4a175499-20220728 02:52:32
m.stripe.com/ Name: m
Value: 71bee784-4b27-4c58-a207-104f79a5e0b812b492
.dlive.tv/ Name: __stripe_mid
Value: f3121a8d-aa3f-4e39-82e9-e6c1b620730cc22854
.dlive.tv/ Name: __stripe_sid
Value: 7c607c85-44de-4992-8fc9-b7a54b8c60cb6d4081

11 Console Messages

Source Level URL
Text
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3180252887358576&output=html&h=256&slotname=5715510314&adk=3835943102&adf=2777427726&pi=t.ma~as.5715510314&w=128&lmt=1658991156&rafmt=12&psa=0&format=128x256&url=https%3A%2F%2Fdlive.tv%2FJohnDukeofLancaster%3Fref%3Djohndukeoflancaster%25F0%259F%2593%258C%25F0%259F%2591%2589%2520%2520Pe&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658991156327&bpp=3&bdt=1488&idt=339&shv=r20220726&mjsv=m202207200101&ptt=9&saldr=aa&abxe=1&correlator=2280627204853&frm=20&pv=2&ga_vid=536569996.1658991155&ga_sid=1658991157&ga_hid=199643736&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=60&ady=432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C21066429%2C31060047%2C31067825&oid=2&pvsid=3450251239526917&tmod=1778090356&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nmroB0ocZr&p=https%3A//dlive.tv&dtd=356
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4AmI4MEV3NThjoLBu8cg7dwMI4LNbZKfFYVjiC4xrnJR6Op02OrHJuAI3Ps8fx_nSn_lCMxDp3mmWY-MxzzO_1PgixZXy_a&google_gid=CAESEJ5AV0URXoyXlviNcgLyd5I&google_cver=1
Message:
Failed to load resource: the server responded with a status of 451 ()
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
rendering warning URL: https://dlive.tv/js/fp.f9075a70.js
Message:
WARNING: Too many active WebGL contexts. Oldest context will be lost.
rendering warning URL: https://dlive.tv/js/fp.f9075a70.js
Message:
WARNING: Too many active WebGL contexts. Oldest context will be lost.
rendering warning URL: https://dlive.tv/js/fp.f9075a70.js
Message:
WARNING: Too many active WebGL contexts. Oldest context will be lost.
rendering warning URL: https://dlive.tv/js/fp.f9075a70.js
Message:
WARNING: Too many active WebGL contexts. Oldest context will be lost.
rendering warning URL: https://dlive.tv/js/fp.f9075a70.js
Message:
WARNING: Too many active WebGL contexts. Oldest context will be lost.
rendering warning URL: https://dlive.tv/js/fp.f9075a70.js
Message:
WARNING: Too many active WebGL contexts. Oldest context will be lost.
rendering warning URL: https://dlive.tv/js/fp.f9075a70.js
Message:
WARNING: Too many active WebGL contexts. Oldest context will be lost.
rendering warning URL: https://dlive.tv/js/fp.f9075a70.js
Message:
WARNING: Too many active WebGL contexts. Oldest context will be lost.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options https://twitter.com/ https://liveclips.tidy.live

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.de
ag.innovid.com
cat.fr.eu.criteo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
csm.eu.criteo.net
dlive.tv
firebase.googleapis.com
firebaseinstallations.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
graphigo.prd.dlive.tv
id.rlcdn.com
image.dlivecdn.com
image6.pubmatic.com
images-sihv2.prd.dlivecdn.com
images.prd.dlivecdn.com
imasdk.googleapis.com
js.stripe.com
m.stripe.com
m.stripe.network
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel.rubiconproject.com
q.stripe.com
rtb.nl.eu.criteo.com
rtb.openx.net
secure-gl.imrworldwide.com
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.google.com
104.18.19.126
13.224.189.40
13.224.189.59
13.224.189.97
13.225.78.65
13.225.78.7
13.225.78.98
142.250.186.130
142.250.186.66
178.250.0.139
178.250.0.160
178.250.0.162
18.203.191.36
198.47.127.19
2600:9000:21f3:e000:1e:a43d:b640:93a1
2606:4700::6811:180e
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:806::200a
2a00:1450:4001:809::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:810::200a
2a00:1450:4001:811::2002
2a00:1450:4001:811::200a
2a00:1450:4001:812::2003
2a00:1450:4001:813::2003
2a00:1450:4001:813::200e
2a00:1450:4001:828::2002
2a00:1450:4001:828::2008
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2002
2a00:1450:400c:c0c::9a
2a02:2638:1::2
2a02:2638::3
2a02:2638::b
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a05:d01c:1d8:8102:8e6d:8fd7:763c:360f
35.186.253.211
35.244.174.68
52.27.131.183
54.187.119.242
69.173.144.139
03909521c309a2ed7e0ced7b22947775210e808cc70d316990d62523af9d3b88
05ddbeaac2fbb181473e0132c7284b023e75f1d327f2b52dc65b4a6c628f7501
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0963e8fafab4414545a6f3b371134e681bbd4d3131bfb4d1c71fa037e9fc0cb3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d2a4f9ccb27f9bc1c23f114550d30849ef6a6c327ee5f24032a739a77d9440e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
16852b4466ece5fc584b17d175ebc4cfc6b4712e6e4335c3806090b9b9e05b0f
1a3c2c834455b520a9428873c3094f316d977cf34c851bb646997cdf5291c855
1ad19cb478e2a59667da1edac49673323c6d72f9ba4e05f0a85077aa8f81531b
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1ce69af7f5304df3e475e01e5a53625b9e61a128163f9b3490d82c17fa2a1085
1defa6af79c0d214fdbe9efe83691891afbfc2ef2553a83f9658285238a3a45d
202e6721e0b5a8c7d29d455a76b42d1268b349779b201b10138a99285efbe5cd
217d6a113ce3cfddd32cf7e589abdd2c589671d73dc8a5fa7f52546c9496f2f9
2697fa0b50e719c2e4840b62ef1a1b5c0e883e9c5ae8e3e75a326a8365bc9bb5
270e4e2979b35caab131d3cf34184e998daec34e9e9eabb1944bb802ad7fe199
2736097a7727ffff60f339d18ac5e433e38b04ead346e23791a8967c5cb120d2
278619fba75881d0200291cbd6ce7e726bc65284aaef81edbfb63d89e23068ef
27f20787cb7785cbc1e1dd2ec277b354de99294cf7988a79c4684cdabaf4ab89
2a3ec55e837800d0d161244326feebfc8e64e5d40af3fd253a37bf9595ecd474
2c10f1d18b0ae512dd75695c1154f8e2d4a73c4d4c1954deea33269c2780a34c
2c3dd2af3dd9b9df55ed0306a801ae90aea41b215649ef643fe74d84f6ba4f83
2c67958321af4975ab888c0d7a8f877c1dd6ca1d0f62484cc0ebb989857b677f
35eae31f1edbc6a8a19d94108b90d41166fd13ac638cdb453be24237b97376ab
365839f78f08d794367c60ade2150ddeb9623745f3d0090f7ab64ef72d507b7c
37e4adcfbcce42746f62d981bead6c9008fceb24b0f52932dde9dcdec8c691c9
38aa2b64a9382b1b53a17bf0f14d6878978aa7cbc25ffceb17bc34acd0e9fb89
3a3b16b240941839f7c00bb8301ca12341542cd31f218fec0dc5adc6aa945ba9
3c87c809e60f7bf196887bfbc7c644df6ac4ea6ab8c2157121024c220feec807
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f24aa5e29a3626c93713d49868aff4d6bf8bfd3926fb97b8da71fe87d3fa4c3
3fc105e3ed8538af2d236793466a63e75558807dca6da3c6627d404c6a3cec47
40add70250698c9f609ac64b24eeb766e9f278f6be4fd1e5f37ad8b64f39261d
417ff25a921b685c79438b057440a5090d09557a46e070797aa53b94ce138954
42c9e4f9d8c14ea0ecac49e147f029a6bb58b69e544bd63667e5b0e64169f631
43d3e2450f905c2218345fd8633cf4095ad4df8f144b36a24c29ad1c31d575a6
458f4c0f8d0b4db16fb6d11e922a11b41ff0473eb0e66b2c3a3b8629877578af
4597cc11e8807aad881e549eb32baa0a51c6a2650083a8efbc492cfb6813e15f
476c08e35ff1a75dec99a69c7968eaaa8dc4bace11c1899246dd23ef280731c5
490076e2016dc0369da94a9b87216802c8066536ffad55eb113ae4939f7a112b
491b971b83f9f72c1fafd08df729f81b0a898caf76f54dee0657c4726db8bd65
4d4d53565b487abb8ca0734422d8b7f74f28d3663be3ec6449cf6e782fdd7897
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f8575879a3acc0eb2133535d31e2042d91b760cfa660c1d91fc1d5c4140ce27
505a404677249615ccbb9ae231e01cb53065ccc0831c062898c3332ffae8ad48
51c67cffce9721211b7791e56da33552e97e79403e0bdab0790d50f89fe25e51
559d9c78f1d07a7572f30e8e0d8921de20784b36a5362956dc0d0fc564688207
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55f6a4768f112d6aadf377432f2d8ba76dd0ef08858d3492f130760d4dee72a1
5687f6efa5ec7a7260d86a3759ddb7637221022e0dbe8bdfe62b09fbf2eb83f0
59b233b1e5b32aba0a25fa6eff2a3067f65c2f454e2e89d3d37f55f643016d86
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5aeca3b44d1a071a3a4271a080470f383d077f1c0d1298845266e690449e6607
5b44eac830a5834187b3b105d2e0f7dae8ac7eac94deb09c2e8029f5ee23e0fc
5d438da208c0f8d8fabcb5ca99a69cad1520d32b892f22ec5b86221491ceaff2
5e5a94de853c1057705bdc6c5073252210879f65fa775a9113282585d09bf0f3
5ed6cf19eb395079549de43cf0d11116da52efc934c1a2366182b981b747eed3
5fe1f39d2897d22f4afd93a5200729505cd9d261df27218e9eba7199a0d33f25
613e7703528887ec639fbe5165b22ce6f72768a423ecd698f05e3ece6ce90ff4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62dd546fc7355675c0f9795d5dd00ecf1ca7c01fd154009be7674a1be646159e
63862631b4b302889a01a4a7580190949eb577448d4743d180c32af369d1cd1b
64d2c94f105aa89f733e51b81c045de674b47325ef4f04526ec9bb632c44fd91
682bb04c67cdff407e66ab8aa0b14030e2bc584ea89d1244b259d674dbce1a0f
68df0baa3cb0c1b2487547e3eb39dcd39741debb1b764fbe87e61dff868d6b9c
6a12e86762df56fee549a38bbcc9f65c71b1184a87bdac7b4117b9292b042724
6ab87d403383f4952057e5d962231bd1c9690bd65a07e1099121d8fb21f43e31
6bae33bfd98d7c0667c2940e469cf2f4630323b12e3b1709c11893f5753ea6dc
6c38242b49d72a797b1e1b1ba17e0a63e1955058f92d920d1dc6a2f615325abc
70260ef094479aac8c41f0d836a2344d51c398ab407e53a2d9ceafcb4c9dbec5
70919733331eaa791af6cf21f105f1813986921e256ad2b27e305fafaa38f9f5
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72fee95d99db544bd23408376039e7bcd6be5a62a07455d803cdea5f09826522
734f7f5710e61ee9d7cd7b09bec687cc168451be3a08a96368161425899ac6cf
73a2bd6033c03ae2c73803cd86040666cb5ebdcfc5b295c997301d4bcb812d45
7854493c1ea4d008d1c1253f6775b69148172691754c3ee6bab019652b197f9c
78eb700cb99c31c9c7a897019e4fd564dc1a263142354827347fed4975c5ade1
796790011787f11d22433f6df05b65f731db83b99adc17abc78a53439777cbb8
798d7664432368ad28f52c5fa8a5b483c858536b7a287bfaaa482ad65d6ab181
7b432e2d4627c71e58721ed69cd1daa7db68e03f9d24f682d1559ad1e3339ccb
7c6232f7e5d3dc89db0fd7c31ab24f9738c838d3b0d521293a515e9c8d640930
7e454af03785e815c5751d97066722d3e1f3ce3fe15d77fb46a8ee85453ccae0
7fea3fd64483d40644ef2475fd06741ad5e37f62ca7b5579867d581f4c73eb29
80120183da3d98e2d1743b762768c95f0ef331b0eafa260b2dac5f17a1e80a8d
813866e86ad75fa92bd7cb5414adbf17a757c257ccb1c0ba8f643515f6949acc
81406883bcfa608ee01ab1e6732dc7be7ddc18033d5f74c6b368d3c3a395a9ce
8246ab022641fbdc93fe91b13f91fc90f9f4c83f95676cb77fe4cfa817a0fc10
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8507c101497074eec0941fda0097850c4bf4b7fbce5d58364170285dc3a56923
87282a0cd434aa5e9bc6fed44cf0c425d22033fa6de15415b5bca9c30c273a72
87326fddbe83e2e2257825f2a59160fbbd79387937443635222a2bbedef5d415
87f506f78e321364cdf702e5a4c01785d52e5fb6c5204d7af2052d845209984a
88ecf92326f1ff8da3d81eb38e1a84528de5661b7ec30b895ba82c43118380af
8a4b834bdca3eaa98f72633d954f121f3984ff8a6144fdc26f91a89589c84c83
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d0ab7244e1f1880ced8f1c54d49df6b12cf7c35058fe72ff99c0f656e4e7f3d
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f07e91bcdb7d78af76dfd2a22f7e0069319dd639acffcf6c81e64b584682ff8
933d00215d72c5e7da6d6b7e3de5ae866a06c91db6004d7074ccff232a4450e9
9355d77f0bc5c3b82c87e7cf3b1aebffecb38a1bf4aad602b18730924e59f1c5
964c98c9cbd3e72bc6d5a081289113e03f67842c7b7a9e79d8fe2ccf83b71358
965594e7a0ad13cc9f91f30fe0f4803f4a4420c2b212cecc769616f7106c50ec
984dfdc51aca8f0f28efe79b3a445c8d810fa09494b9b5b1adf7b3ace9ecd78b
987f8f0f31093925c6c9e523795f9acaa718d4ff2dd36c0960837e1f2bd6e1b0
98df8a99289644025e27c571cfe215aa321319dc6dec429577f6ce6a75046645
9a1d9096d52a7b0df66eed04d6ee4ca39229bad41da981f127ed20d99be04f51
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b7f1a9cefd53b91c9855c8bf3e0246197d9938c3fb9c605b9d436aec8860433
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a138af9bff3f5d020b4dd92a1031c1db5f34117f1acfd0b07262b10d0b09187c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a361cd9d61774df4e730ec0ca7669d201f3bd926adb47ac97fd22ab32c935de6
a3e68cfd41b06aa8e397840b14b3275466c1af26a833cdb9294f5d09006f7ace
a407bad2c5c1c6331c406392e74465bca0603fb1040b476e6592fe6fd4a56faf
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a9b66c4fdb97741c15171d0595ab754cdccb37cd67494fc1558315642db8beb8
aa3cc1cd2b0eb2e38ffeaa07affe9695ac3dc223caf306a032f3fb724fe24e37
acce3a3867515e58f283e0c165fb272a6505734056ef48130f241f29e5ecb728
ad581b9fc5dad93d828d6e179674fda43a906b99766a446ad1fee79837d005bd
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aff5044598fc9b35c279d3faebe0bc11bac63cce1d4f7430ea29799a590fb67a
b000024822b9ff03155ccf7ce22a40ecb3e398047bf8d8e54e3d3690b0e0765b
b06133444a8abc33f325293499604e5500c06d5ecf3c4e4bcdf3e35ec8758001
b09b8621d60eb4eb4d4abdccdd6ebb1b96ba416d82dadc0d10b1a2f338ebd2d5
b13b8f89a79c883eb205b34adf7ea6afad13e4e7834f0487a3e9335dcaf09d24
b25c7a627d4ad17b1142a0f7054af321a93005e31cccca89b62e721a257e83ad
b327fbba869f1d27f803ff0ec28e40cd5eccc3296042e988100b2996c74b9157
b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb
b3e26bd3f9f3787bfbca8cbeb25bb18f94079945bbf635d42a2f2b0e0d3824a7
b7807a4aff09f38acd13cbe98b6b176284915dc567a08ff346295899b8232144
b8d6e469faf39e34a29f5e23ec95130f638228b4eed2ff9712620e1a3178641f
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bbaf4f31fb42d42b0a48ddc4584280871b0b2125d46113a319f334253c72069f
bfa3757b0b12ce7467cab7ac1006cb331839b07ac6148dbaafaa8ab36181736a
c0e4ad2704d0256c52c44773f280b0f8ee4b07bba6cc8a1d471e8cb83ad780f3
c10e4a00b58f25f24c8baa456c2ed0b9a4e78737673c5e712c7a65304631b259
c7e26992c153ce32d329005c1a4c55b59370e8708f1f9492d2ab89cf710e8da4
c8d7725fb10ed8713d4151041984f1916eec80edc8ae9287561c75bb6ee72231
cc5e65f3bf4a6f565b2e549b9b401450a1e7d283ffe50dd4a906b5375808b851
cfe8bc2278f881adbad724cd23290fc912ceee3ae88fa44f47593e965c2865b9
d1f48c60b686a7496585c4188d6d8daff56b5f8589393a567a9356bef23155e0
d2d400314f9f432b5ef84f572a0e757355775fa4f7c9ef5b4485282c04dc825a
d365ac36564f5abd416a5900180391600d2246c054bffae0aee9d99292fbced4
d3687468688c34c510da02ac715fd4c18498c61ec8139959fc17a25c5839f0f4
d58feb3f4258baed38409e15bbbb193141e7d00dffa32d8d0eb21d7a5049d66f
d63a043c20196bc1059d5c2ef73316b7ceb55e5a80428c6fae13f85b6b899e84
d7cef1aa5757ca08b140bc78f0cb52f57d00f50e4c9b673e155a7937b432325f
d904a67086a38df9cdb00b789dde6057e2c963a3cbd50239fba21a72a65099d5
dcc29607c926fd6ef68c74c120990f9366d140b379c263201963dff2b363cd0a
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
df8d4dce3a125f0aae35e7ed52f08be4fe3b2147b920a10cc8ca0afe369b2b25
e090082b089df1fdf9bf1e493033c75902535110ce7b2ed4a533f06b39d950f3
e1ba0ed886231ec5fe0d736e0c736dfe0a149efff518a3036b3e104cb7b41d20
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b58a351151e4da3ebfac8c923fc7c19c7bbbd6696d716a2f3465bf869f1138
e6fea926310537ae680f9587567921294e66513a5d5d8299dce854f91e5c53e3
eaff9867c0a50f7650f9756485a60565818b652fe116d75daae86b415a4011cc
ebcd418aeebf15be4b06905bcd70c96bd63068d8d5d3505ef1e1714477debcf1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efeb005732182dceaa90346ef38802ea5d6478855c72de196954fb86dd623f23
f14da4331ba3dd43e90430ab6e446cf47e3ba334a3824907707967759b6b9500
f18f37f0de4c81362d51b4a754cb9613044604d3958c09744db3105106280c20
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5ce8ecc153c4e51d77a8480af2c1ceeb0c94a94f30b78d23151cacef80e6e32
f6877f65f9fc453c8cf04a967c2d1c17fd84cb17bca2ea28c98005129348b81c
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f7b87ca8f1c03690ef1698d9ce66f4e28d7ab0758052a5cee54bedf5bebd6a66
f7f01741c95888204e2f41823796beb7afd2302f55994fe5cba0904d8fb45878
f985e23afb2477c0b9eafef2ae4a4d969ed5668644133594f85484e00fc61497
fa7733a6615646ab657db7f98027148b388f14f18774f8878012bb3fe6ab8d29
ffdb921d0fdc037dcf222f0dcce84f8d6da834dae23a91be5a44c3ae8e816c0f