v1.liveisl.com Open in urlscan Pro
2a00:1450:4001:827::2013 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://v3.fullhdmatch.live/
Effective URL:
http://v1.liveisl.com/
Submission: On October 18 via api (October 18th 2022, 6:27:29 pm UTC) from US — Scanned from DE

Summary HTTP 386 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 41 IPs in 7 countries across 35 domains to perform 386 HTTP transactions. The main IP is 2a00:1450:4001:827::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is v1.liveisl.com.

This is the only time v1.liveisl.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	2a00:1450:400... 2a00:1450:4001:827::2013	15169 (GOOGLE) (GOOGLE)
6	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
4	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:1ec:46::45 2620:1ec:46::45	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
1	2a02:26f0:480... 2a02:26f0:480:f::213:7ee1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
27	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1 2	2606:50c0:800... 2606:50c0:8001::153	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:831::2009	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:45e2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:14a0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
31	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	52.200.239.86 52.200.239.86	14618 (AMAZON-AES) (AMAZON-AES)
2	184.73.100.94 184.73.100.94	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	107.20.140.231 107.20.140.231	14618 (AMAZON-AES) (AMAZON-AES)
2	52.167.85.21 52.167.85.21	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
58	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1 8	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	193.33.186.13 193.33.186.13	52148 (RACKSRV) (RACKSRV)
1	3.66.136.156 3.66.136.156	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:225... 2600:9000:2250:4800:0:a8f6:f880:93a1	16509 (AMAZON-02) (AMAZON-02)
1	139.45.197.239 139.45.197.239	9002 (RETN-AS) (RETN-AS)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
86	111.90.158.152 111.90.158.152	45839 (SHINJIRU-...) (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd)
1 1	159.89.213.228 159.89.213.228	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
24	89.104.117.213 89.104.117.213	50340 (SELECTEL-MSK) (SELECTEL-MSK)
386	41

6 2a00:1450:4001:827::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

v3.fullhdmatch.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.liveisl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)

cdn.shareaholic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m9m6e2w5.stackpathcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

pro.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7ee1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:50c0:8001::153 (United States) 1 redirects

ASN54113 (FASTLY, US)

ljii.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:45e2 (United States)

ASN13335 (CLOUDFLARENET, US)

ipapi.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.200.239.86 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-239-86.compute-1.amazonaws.com

analytics.shareaholic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.73.100.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-100-94.compute-1.amazonaws.com

www.shareaholic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.20.140.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-140-231.compute-1.amazonaws.com

partner.shareaholic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.167.85.21 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

i.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

58 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.33.186.13 (United Kingdom)

ASN52148 (RACKSRV, GB)
PTR: web1.gambla.co.uk

mrfixitstips.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.66.136.156 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com

laligaexpert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.secure.espncdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:4800:0:a8f6:f880:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.shaftscore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.239 (United Kingdom)

ASN9002 (RETN-AS, GB)

oaphoace.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

86 111.90.158.152 (Kajang, Malaysia)

ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY)
PTR: server1.kamon.la

111.90.158.152	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.89.213.228 (Frankfurt am Main, Germany) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

0wsr11478c3h1.play-flussonic.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 89.104.117.213 (Moscow, Russian Federation)

ASN50340 (SELECTEL-MSK, RU)

e1.play-flussonic.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
85	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 147	1 MB
27	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43	328 KB
27	gstatic.com fonts.gstatic.com www.gstatic.com	333 KB
25	play-flussonic.cloud e1.play-flussonic.cloud Failed e2.play-flussonic.cloud Failed 0wsr11478c3h1.play-flussonic.cloud	5 MB
14	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 363	265 KB
14	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44 ajax.googleapis.com — Cisco Umbrella Rank: 306	40 KB
13	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 78 www.google.com — Cisco Umbrella Rank: 2	2 KB
9	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 193	418 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32 region1.google-analytics.com — Cisco Umbrella Rank: 2668	40 KB
5	google.de adservice.google.de — Cisco Umbrella Rank: 8724	1 KB
5	blogger.com www.blogger.com — Cisco Umbrella Rank: 8726	119 KB
4	shareaholic.com analytics.shareaholic.com — Cisco Umbrella Rank: 20864 partner.shareaholic.com — Cisco Umbrella Rank: 25813	1 KB
4	stackpathcdn.com m9m6e2w5.stackpathcdn.com — Cisco Umbrella Rank: 22307	156 KB
4	clarity.ms www.clarity.ms — Cisco Umbrella Rank: 565 i.clarity.ms — Cisco Umbrella Rank: 5274	25 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 61	234 KB
4	shareaholic.net cdn.shareaholic.net — Cisco Umbrella Rank: 23586 www.shareaholic.net — Cisco Umbrella Rank: 20535	13 KB
3	liveisl.com v1.liveisl.com	34 KB
3	fullhdmatch.live v3.fullhdmatch.live	37 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 720	83 KB
2	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 888	975 B
2	github.io 1 redirects ljii.github.io — Cisco Umbrella Rank: 356101	2 KB
2	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 14980	5 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	87 KB
2	typekit.net p.typekit.net — Cisco Umbrella Rank: 601 use.typekit.net — Cisco Umbrella Rank: 473	18 KB
2	histats.com s10.histats.com — Cisco Umbrella Rank: 17901 s4.histats.com Failed	11 KB
2	fontawesome.com pro.fontawesome.com — Cisco Umbrella Rank: 5406	198 KB
1	oaphoace.net oaphoace.net — Cisco Umbrella Rank: 85111	357 B
1	shaftscore.com static.shaftscore.com	502 KB
1	espncdn.com s.secure.espncdn.com — Cisco Umbrella Rank: 14626	182 KB
1	laligaexpert.com laligaexpert.com	50 KB
1	mrfixitstips.co.uk mrfixitstips.co.uk — Cisco Umbrella Rank: 326727	62 KB
1	ipapi.co ipapi.co — Cisco Umbrella Rank: 18429	542 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 216	28 KB
0	Failed function sub() { [native code] }. Failed
0	bing.com Failed c.bing.com Failed
386	35

	Domain	Requested by
58	tpc.googlesyndication.com	googleads.g.doubleclick.net cdn.ampproject.org pagead2.googlesyndication.com tpc.googlesyndication.com
27	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
27	pagead2.googlesyndication.com	v3.fullhdmatch.live pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com cdn.ampproject.org v1.liveisl.com tpc.googlesyndication.com
24	e1.play-flussonic.cloud	v1.liveisl.com e1.play-flussonic.cloud
15	www.gstatic.com	googleads.g.doubleclick.net
14	cdn.ampproject.org	googleads.g.doubleclick.net pagead2.googlesyndication.com
13	fonts.googleapis.com	googleads.g.doubleclick.net v1.liveisl.com
12	fonts.gstatic.com	v3.fullhdmatch.live fonts.googleapis.com
9	www.googletagservices.com	googleads.g.doubleclick.net
8	www.google.com	1 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
5	adservice.google.com	pagead2.googlesyndication.com
5	adservice.google.de	pagead2.googlesyndication.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
5	www.blogger.com	v3.fullhdmatch.live v1.liveisl.com
4	m9m6e2w5.stackpathcdn.com	cdn.shareaholic.net
4	www.googletagmanager.com	v3.fullhdmatch.live www.googletagmanager.com v1.liveisl.com
3	v1.liveisl.com	v1.liveisl.com ajax.googleapis.com
3	v3.fullhdmatch.live	v3.fullhdmatch.live
2	maxcdn.bootstrapcdn.com	v1.liveisl.com maxcdn.bootstrapcdn.com
2	i.clarity.ms	www.clarity.ms
2	partner.shareaholic.com	m9m6e2w5.stackpathcdn.com
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	www.shareaholic.net	cdn.shareaholic.net
2	analytics.shareaholic.com	m9m6e2w5.stackpathcdn.com
2	ljii.github.io	1 redirects v3.fullhdmatch.live
2	blogger.googleusercontent.com	v3.fullhdmatch.live v1.liveisl.com
2	connect.facebook.net	v3.fullhdmatch.live connect.facebook.net
2	s10.histats.com	v3.fullhdmatch.live s10.histats.com
2	www.clarity.ms	v3.fullhdmatch.live www.clarity.ms
2	pro.fontawesome.com	v3.fullhdmatch.live pro.fontawesome.com
2	cdn.shareaholic.net	v3.fullhdmatch.live v1.liveisl.com
1	0wsr11478c3h1.play-flussonic.cloud	1 redirects
1	oaphoace.net	v1.liveisl.com
1	static.shaftscore.com	v1.liveisl.com
1	s.secure.espncdn.com	v1.liveisl.com
1	laligaexpert.com	v1.liveisl.com
1	mrfixitstips.co.uk	v1.liveisl.com
1	ajax.googleapis.com	v1.liveisl.com
1	region1.google-analytics.com	www.googletagmanager.com
1	use.typekit.net	v3.fullhdmatch.live
1	ipapi.co	ljii.github.io
1	cdnjs.cloudflare.com	v3.fullhdmatch.live
1	p.typekit.net	client
0	e2.play-flussonic.cloud Failed	v1.liveisl.com
0	111.90.158.152 Failed	v1.liveisl.com
0	c.bing.com Failed
0	s4.histats.com Failed	s10.histats.com
386	47

This site contains links to these domains. Also see Links.

Domain
telegram.me
chat.whatsapp.com
ssl.gstatic.com
copybloggerthemes.com
www.blogger.com

Subject Issuer	Validity	Valid
cdn.shareaholic.net R3	`2022-09-08` - `2022-12-07`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-01` - `2023-01-01`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-28` - `2022-10-26`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.blogger.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.stackpathcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-04` - `2023-05-31`	a year	crt.sh
histats.com R3	`2022-09-30` - `2022-12-29`	3 months	crt.sh
shareaholic.com Amazon	`2022-06-01` - `2023-06-29`	a year	crt.sh
*.shareaholic.net R3	`2022-10-18` - `2023-01-16`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.shareaholic.com R3	`2022-10-14` - `2023-01-12`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.mrfixitstips.co.uk R3	`2022-09-26` - `2022-12-25`	3 months	crt.sh
laligaexpert.com R3	`2022-10-08` - `2023-01-06`	3 months	crt.sh
a.espncdn.com Entrust Certification Authority - L1K	`2022-08-30` - `2023-09-30`	a year	crt.sh
static.shaftscore.com Amazon	`2022-08-09` - `2023-09-07`	a year	crt.sh
oaphoace.net R3	`2022-08-01` - `2022-10-30`	3 months	crt.sh
*.play-flussonic.cloud R3	`2022-08-03` - `2022-11-01`	3 months	crt.sh

This page contains 47 frames:

Primary Page: http://v1.liveisl.com/
Frame ID: B3B552E44579BA21CDDE3BE3553EE7D0
Requests: 102 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20190131/zrt_lookup.html
Frame ID: C843813C3D94E985DA7DD3149B9C73DA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&adk=1812271804&adf=3025194257&lmt=1666113798&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fv3.fullhdmatch.live%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&dt=1666117639195&bpp=3&bdt=382&idt=245&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6044018443256&frm=20&pv=2&ga_vid=879531801.1666117639&ga_sid=1666117639&ga_hid=1359530120&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706&oid=2&pvsid=299274748308071&tmod=2027473447&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=268
Frame ID: 02D845953DDFDB1DDDE55F392EB9838F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=280&slotname=6901856940&adk=2242244602&adf=2029293275&pi=t.ma~as.6901856940&w=1058&fwrn=4&fwrnh=100&lmt=1666113798&rafmt=1&format=1058x280&url=http%3A%2F%2Fv3.fullhdmatch.live%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1666117639199&bpp=3&bdt=387&idt=269&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6044018443256&frm=20&pv=1&ga_vid=879531801.1666117639&ga_sid=1666117639&ga_hid=1359530120&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=271&ady=89&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706&oid=2&pvsid=299274748308071&tmod=2027473447&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=ImimEoLhwG&p=http%3A//v3.fullhdmatch.live&dtd=274
Frame ID: E7425C47E2E8CCE24614BE0EB1632EEE
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=90&slotname=8770876385&adk=2790283832&adf=3278629357&pi=t.ma~as.8770876385&w=300&lmt=1666113798&format=300x90&url=http%3A%2F%2Fv3.fullhdmatch.live%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1666117639205&bpp=1&bdt=393&idt=273&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1058x280&nras=1&correlator=6044018443256&frm=20&pv=1&ga_vid=879531801.1666117639&ga_sid=1666117639&ga_hid=1359530120&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706&oid=2&pvsid=299274748308071&tmod=2027473447&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoenEr%7C&abl=CS&pfx=0&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&xpc=m3UUxSgejr&p=http%3A//v3.fullhdmatch.live&dtd=283
Frame ID: 555E17C42DDFF74F91D0C2BC1574C1D1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=600&slotname=4932437216&adk=145586122&adf=507318885&pi=t.ma~as.4932437216&w=300&lmt=1666113798&format=300x600&url=http%3A%2F%2Fv3.fullhdmatch.live%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1666117639206&bpp=1&bdt=393&idt=291&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1058x280%2C300x90&nras=1&correlator=6044018443256&frm=20&pv=1&ga_vid=879531801.1666117639&ga_sid=1666117639&ga_hid=1359530120&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1029&ady=649&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706&oid=2&pvsid=299274748308071&tmod=2027473447&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=G7A6y1BS4D&p=http%3A//v3.fullhdmatch.live&dtd=295
Frame ID: 6F250F3B79BFBC43F125D0C10CADAB45
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1
Frame ID: D4B459F03EE7E1E2DB2682A4B2FA2DB7
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1
Frame ID: B0D01D3FF70826F4DADD308E9FB37782
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/error_handler.js
Frame ID: 96D0BE4B72E2FAC385C9A61A131D67B2
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6E4B0BDB2B3BC6BC20668B77E7E8D8B1
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js
Frame ID: F5F256124731036517868B69CDCFE13B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js
Frame ID: ADB12C7CD3504D52D3E7DE971C37AB9B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: ED471BBC5FA6E29C363BA0084CE597AD
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BD15E5B550522097932354E7F0F44B3E
Requests: 1 HTTP requests in this frame

Frame: http://111.90.158.152/smarg/embed.html?proto=dash
Frame ID: B6F42472706B85C91FBE8F35AD000734
Requests: 1 HTTP requests in this frame

Frame: http://111.90.158.152/smarg/embed.html?proto=dash
Frame ID: FDC7FDF7631C2C62E46C58DA5FBF5A23
Requests: 1 HTTP requests in this frame

Frame: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
Frame ID: 9B16D180C307824B77EAF7A77B981183
Requests: 1 HTTP requests in this frame

Frame: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
Frame ID: C7B06CC0712229C23FC72F60ECA83480
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20190131/zrt_lookup.html
Frame ID: 9E85BCEB4599C2D9A5DADD5B80829FE2
Requests: 1 HTTP requests in this frame

Frame: http://111.90.158.152:8080/mlaliga/embed.html
Frame ID: E2B6D2B8A0F00801CBEAB9F17E7D2709
Requests: 1 HTTP requests in this frame

Frame: http://111.90.158.152:8080/mlaliga/embed.html
Frame ID: 0FC51F71E865A0BD4A9CB508546372DE
Requests: 1 HTTP requests in this frame

Frame: https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash
Frame ID: 8E949A52977ADA30BD561858F51CB9C6
Requests: 1 HTTP requests in this frame

Frame: https://e2.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash
Frame ID: CE6A91833FE858C617FCC33D7DCBB309
Requests: 1 HTTP requests in this frame

Frame: http://111.90.158.152/smarg/embed.html?proto=dash
Frame ID: 00E8A173347146967D32DF8B1F45AED7
Requests: 1 HTTP requests in this frame

Frame: http://111.90.158.152/smarg/embed.html?proto=dash
Frame ID: 77D751E0E9B1448732DEEF65A68C2D7C
Requests: 1 HTTP requests in this frame

Frame: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
Frame ID: 407CA7454423867E85615AAD31E52019
Requests: 21 HTTP requests in this frame

Frame: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
Frame ID: 7E822332BCB7DEDF311401ED92F7197F
Requests: 25 HTTP requests in this frame

Frame: http://111.90.158.152:8080/mlaliga/embed.html
Frame ID: C6485D561E9D13DAA4A1131FD2E05DCD
Requests: 18 HTTP requests in this frame

Frame: http://111.90.158.152:8080/mlaliga/embed.html
Frame ID: C265B56D7051E052BFA4A0EFD658AF25
Requests: 19 HTTP requests in this frame

Frame: https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash
Frame ID: 2E4D9683F2FDA2EE8FDA76B93E0ECE58
Requests: 24 HTTP requests in this frame

Frame: https://e2.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash
Frame ID: 1945FB1A9CC168ECD577ED7C892F6263
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&adk=1812271804&adf=3025194257&lmt=1666115423&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fv1.liveisl.com%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&dt=1666117641737&bpp=4&bdt=233&idt=427&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4620595806669&frm=20&pv=2&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=452
Frame ID: 8733C34A07CECD0E4FE4F33B6CEE3E28
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=280&slotname=6901856940&adk=1857815128&adf=1354072737&pi=t.ma~as.6901856940&w=1070&fwrn=4&fwrnh=100&lmt=1666115423&rafmt=1&format=1070x280&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1666117641741&bpp=3&bdt=237&idt=461&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=265&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=v4Z6UraZ3h&p=http%3A//v1.liveisl.com&dtd=472
Frame ID: D5061E22F818D8289AA847BF9099B465
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=600&slotname=2717681267&adk=1225042227&adf=786590329&pi=t.ma~as.2717681267&w=300&lmt=1666115423&format=300x600&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1666117641981&bpp=2&bdt=477&idt=249&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1070x280&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenpoEr%7C&abl=CS&pfx=0&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Lbm8MIT28l&p=http%3A//v1.liveisl.com&dtd=278
Frame ID: 3C13138EAE1F148D6E10EE680DAE61C3
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=600&slotname=4361688005&adk=1347955886&adf=1655106637&pi=t.ma~as.4361688005&w=300&lmt=1666115423&format=300x600&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1666117641984&bpp=1&bdt=479&idt=281&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1070x280%2C300x600&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenpoEr%7C&abl=CS&pfx=0&cms=1&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&xpc=YPPXtNXYME&p=http%3A//v1.liveisl.com&dtd=285
Frame ID: 02558EAA8A544AC139A8AAA1C398755A
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=250&slotname=1735524661&adk=2414387011&adf=2333964761&pi=t.ma~as.1735524661&w=300&lmt=1666115423&format=300x250&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1666117641985&bpp=1&bdt=480&idt=323&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1070x280%2C300x600%2C300x600&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenpoEr%7C&abl=CS&pfx=0&fu=32768&bc=23&ifi=5&uci=a!5&fsb=1&xpc=tXXvPppXDk&p=http%3A//v1.liveisl.com&dtd=326
Frame ID: 36E21E6C3C5036E44E23EB6F6E9E7506
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=280&slotname=6901856940&adk=337926735&adf=4219446632&pi=t.ma~as.6901856940&w=1200&fwrn=4&fwrnh=100&lmt=1666115423&rafmt=1&format=1200x280&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1666117642068&bpp=1&bdt=564&idt=283&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D15f31edc2a33f86c-22fc8a0b4ace00d9%3AT%3D1666117642%3ART%3D1666117642%3AS%3DALNI_MZfqHSQJ58OqsnJ4ejm0I5AGpDzyw&gpic=UID%3D00000b74cd3c6003%3AT%3D1666117642%3ART%3D1666117642%3AS%3DALNI_MZvS0hdo7qNRUbT-yyvxHt5KZPLTA&prev_fmts=0x0%2C1070x280%2C300x600%2C300x600%2C300x250&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=991&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=6&uci=a!6&fsb=1&xpc=Zml3vKDMAg&p=http%3A//v1.liveisl.com&dtd=287
Frame ID: 3E290232E7488911AD6B7089F9F4B0B3
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js
Frame ID: 19B5B435D1D42D907695C87EA1EE485A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js
Frame ID: CC864B4940CE760D9C1254723F2CE795
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1
Frame ID: DB88D382ED810C472DF199FD2B2FF38D
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1
Frame ID: 828115E91945AE5A4FCCA1A6E00C89C1
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js
Frame ID: 34D8D74D57F2C3D651F3F8E9D00D82FA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js
Frame ID: F83CF4F22801AE4CA5CEF473B5373DF7
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 76586421BE09E27CC8118195BE9AD800
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js
Frame ID: 78C5E02FBE234A2103529333375EB31A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F143E67F363E887ED32CECF8ED8B3D2B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FC547A5A6705298760DBCDB57A0E6CCD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

LiveISL.com▷FUTBOL TV EN VIVO - Ver Partidos de futbol gratis en vivo online y tus Deportes favoritos▷FUTBOL TV EN VIVO - Ver Partidos de futbol gratis en vivo online y tus Deportes favoritos▷FUTBOL TV EN VIVO - Ver Partidos de futbol gratis en vivo online y tus Deportes favoritos▷FUTBOL TV EN VIVO - Ver Partidos de futbol gratis en vivo online y tus Deportes favoritos▷FUTBOL TV EN VIVO - Ver Partidos de futbol gratis en vivo online y tus Deportes favoritos▷FUTBOL TV EN VIVO - Ver Partidos de futbol gratis en vivo online y tus Deportes favoritos▷FUTBOL TV EN VIVO - Ver Partidos de futbol gratis en vivo online y tus Deportes favoritos▷FUTBOL TV EN VIVO - Ver Partidos de futbol gratis en vivo online y tus Deportes favoritos

Page URL History Show full URLs

http://v3.fullhdmatch.live/ Page URL
http://v1.liveisl.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

386
Requests

68 %
HTTPS

71 %
IPv6

35
Domains

47
Subdomains

41
IPs

7
Countries

24568 kB
Transfer

39110 kB
Size

26
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://telegram.me/newtv12
Title: Join us on Telegram

Search URL Search Domain Scan URL

URL: https://chat.whatsapp.com/b4xklzlqnzr8v7s0lixdz2%22
Title: Join Whatsapp Group

Search URL Search Domain Scan URL

URL: https://chat.whatsapp.com/B4xklZlqNZr8V7s0LIXdz2
Title: Join Whatsapp Group

Search URL Search Domain Scan URL

URL: https://telegram.me/newtv11
Title: Join us on Telegram

Search URL Search Domain Scan URL

URL: https://ssl.gstatic.com/onebox/media/sports/logos/0iShHhASp5q1SL4JhtwJiw_96x96.png

Search URL Search Domain Scan URL

URL: https://copybloggerthemes.com/
Title: Copy Blogger Themes

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://v3.fullhdmatch.live/ Page URL
http://v1.liveisl.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

http://ljii.github.io/m/m.js HTTP 301
https://ljii.github.io/m/m.js

Request Chain 116

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 120

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=AEF80FFACDDE446890497A94D9D85FA8&RedC=c.clarity.ms&MXFR=2ED97E9C20A1683F29636CDD24A16690

Request Chain 145

http://fonts.googleapis.com/css?family=Montserrat:200,300,400,500,600,700,800,900|Roboto:300,400,500,700,900 HTTP 307
https://fonts.googleapis.com/css?family=Montserrat:200,300,400,500,600,700,800,900|Roboto:300,400,500,700,900

Request Chain 146

http://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css HTTP 307
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Request Chain 162

https://0wsr11478c3h1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash HTTP 302
https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash

Request Chain 165

https://0wsr11478c3h1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash HTTP 302
https://e2.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash

Request Chain 172

https://0wsr11478c3h1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash HTTP 302
https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash

Request Chain 173

https://0wsr11478c3h1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash HTTP 302
https://e2.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash

386 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
v3.fullhdmatch.live/ 156 KB
32 KB 475ms
256ms Document
text/html 2a00:1450:4001:827::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://v3.fullhdmatch.live/

Protocol

HTTP/1.1

Server

2a00:1450:4001:827::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

08c03c0c23991313191d271c06e0b7a4ec091b72e08fefc9b438dc4e052ef236

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, max-age=0
Content-Encoding: gzip
Content-Length: 32307
Content-Type: text/html; charset=UTF-8
Date: Tue, 18 Oct 2022 18:27:18 GMT
ETag: W/"75ffd23d7af87d71c6b0d9396faf51af0cb00592f50f7a58a91668d492111b1a"
Expires: Tue, 18 Oct 2022 18:27:18 GMT
Last-Modified: Tue, 18 Oct 2022 17:23:18 GMT
Server: GSE
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H2 200 shareaholic.js Show response
cdn.shareaholic.net/assets/pub/ 10 KB
5 KB 46ms
13ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.shareaholic.net/assets/pub/shareaholic.js
Requested by: Host: v3.fullhdmatch.live
URL: http://v3.fullhdmatch.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 53c311faa86a6220eedcc8ca4329e87c2b28f84a47f0b41f9c04937790ae93ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v3.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:18 GMT
content-encoding: gzip
last-modified: Mon, 03 Oct 2022 22:06:54 GMT
server: nginx
x-amz-request-id: K87N5EG892W3A30P
etag: "c3860fcea29c634ad082b216015eaa52"
x-hw: 1666117638.cds109.fr8.hn,1666117638.cds285.fr8.c
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1200, public
x-hello-human: Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges: bytes
content-length: 4286
x-amz-id-2: SRsVLrZJkEYb+K+U6HYZEII1FkjnMJ9k8qD0boJ9jURJLeILCiFoXghtpoeObRaXGloUbVlJ3QA=

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
43 KB 62ms
27ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-128386009-12

Requested by

Host: v3.fullhdmatch.live
URL: http://v3.fullhdmatch.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

00c5b1e788c31532c637e8ba691112a4e40d0d4c7d657eb7e4428f9fca53a70f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v3.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43045
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 18 Oct 2022 18:27:18 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
74 KB 40ms
35ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TE2HPRNHSJ

Requested by

Host: v3.fullhdmatch.live
URL: http://v3.fullhdmatch.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7520a8d8815d763f4cdd78661b5daa06f0cc2d631e33313b2e8362cb8bdb993b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v3.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76145
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 18 Oct 2022 18:27:19 GMT

GET
H2 200 all.css
pro.fontawesome.com/releases/v5.15.3/css/ 170 KB
32 KB 94ms
40ms Stylesheet
text/css 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.15.3/css/all.css
Requested by: Host: v3.fullhdmatch.live
URL: http://v3.fullhdmatch.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 839ce8e32e994f4fb4af526183b8f41ba67e47c7025746cc94e7e6a53d3d3453

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v3.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:18 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 28 Jun 2021 17:21:37 GMT
server: cloudflare
x-amz-request-id: N0PKCPQ3PM6RBAKC
age: 3059478
etag: W/"a28e912c1a41becec7f68848d739d5c0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31556926
cf-ray: 75c353cafbe95c1a-FRA
x-amz-id-2: aw82ywh73IhwmplNnVd7b/nDyVQAVGqcyke+YhYpb/IPlIs5X/3FQDESsKxQEcR4urJjHIigMtM=

GET
H2 200 d83chgwc9t Show response
www.clarity.ms/tag/ 2 KB
2 KB 402ms
111ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/d83chgwc9t
Requested by: Host: v3.fullhdmatch.live
URL: http://v3.fullhdmatch.live/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f64ee7777b9e05b8ae362ec6cc59591c7c173601ca863918c98e5bad116d35f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v3.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: application/x-javascript
date: Tue, 18 Oct 2022 18:27:18 GMT
cache-control: no-cache, no-store
expires: -1
x-azure-ref: 0B/BOYwAAAADFzVPNWHkFTL215x1FDIY6QU1TMDRFREdFMTkwNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

GET
H/1.1 200
OK js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 74ms
17ms Script
application/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://s10.histats.com/js15_as.js
Requested by: Host: v3.fullhdmatch.live
URL: http://v3.fullhdmatch.live/
Protocol: HTTP/1.1
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v3.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:17:38 GMT
content-encoding: gzip
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 51.254.41.128/25
x-iplb-request-id: B2A2D181:B476_2E69C9F0:0050_634EF007_1C7A2:2DABD
etag: W/"-375139978"
x-iplb-instance: 32087
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-cdn-pop: rbx1
accept-ranges: bytes
content-length: 4547
x-request-id: 960757978

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 201ms
7ms Stylesheet
text/css 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=byr0bra&ht=tk&f=6846.15528.15529.15530&a=4009364&app=typekit&e=css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v3.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:19 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 166 KB
57 KB 66ms
44ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: v3.fullhdmatch.live
URL: http://v3.fullhdmatch.live/

Protocol

HTTP/1.1

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6301c3dabe488c9e57eedc4771863805e246b0c0e5d5850e80bd897694f9e61b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v3.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:27:19 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 58121
X-XSS-Protection: 0
Server: cafe
ETag: 14735226309675999109
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Tue, 18 Oct 2022 18:27:19 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 166 KB
54 KB 122ms
43ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: v3.fullhdmatch.live
URL: http://v3.fullhdmatch.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

197fc21fc05fe1d5a71a73a4ed44906c7846b77eaf22f7592b9901268123eb91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v3.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55043
x-xss-protection: 0
server: cafe
etag: 11097779110327624030
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 18:27:19 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 34ms
8ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: v3.fullhdmatch.live
URL: http://v3.fullhdmatch.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f711182c4381f0b702671ce864c0e634d6233ebb4698633aa42171e82f702338

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://v3.fullhdmatch.live/
Origin: http://v3.fullhdmatch.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 18 Oct 2022 18:27:19 GMT
content-md5: mdZtyVqBKRuctB1e3moZ0w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1689
x-fb-rlafr: 0
x-fb-debug: Lymv1kKO2lRx6dzV0gXU7Rb+g+TSX+2pk+piOgKAdgG4TQn0jlF/pNZb8dVZV/bHoUUsAu/XmmeVE1TWhFJL+Q==
x-fb-trip-id: 686109401
x-fb-content-md5: 04af678c95afb3063d8950c38f340df9
cross-origin-opener-policy: same-origin-allow-popups
etag: "13cf4e7561a00afe3c2f7e03a74a4c27"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
priority: u=3,i
expires: Tue, 18 Oct 2022 18:30:16 GMT

GET
H2 200 AVvXsEhTbmPn3y_gcOLrV74mmAKLL-FVtw4fLibkON773KoSrRDlRQXtHFGU7yE4HPeJPXL0RVDCHrwU9vVFBr5OrkGNUhZ_fqhPX6cRR8sMyE32QI9vjt7UULmBf2gbiUB2o9KtG5X550cFv1FoaVfs-NayJ114LIP7lJl_LJPzRxRkFL_eSCZ6R1_BHhuiFA=s150
blogger.googleusercontent.com/img/a/ 3 KB
3 KB 354ms
275ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEhTbmPn3y_gcOLrV74mmAKLL-FVtw4fLibkON773KoSrRDlRQXtHFGU7yE4HPeJPXL0RVDCHrwU9vVFBr5OrkGNUhZ_fqhPX6cRR8sMyE32QI9vjt7UULmBf2gbiUB2o9KtG5X550cFv1FoaVfs-NayJ114LIP7lJl_LJPzRxRkFL_eSCZ6R1_BHhuiFA=s150

Requested by

Host: v3.fullhdmatch.live
URL: http://v3.fullhdmatch.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3db460c0f0d9a415a5d2bbd7f2894e985a7bcc2afd8b00eb6496cc1b713cb962

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v3.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:19 GMT
x-content-type-options: nosniff
server: fife
etag: "v14d7"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Untitled.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3183
x-xss-protection: 0
expires: Wed, 19 Oct 2022 18:27:19 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 166 KB
54 KB 97ms
45ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8695615805843515

Requested by

Host: v3.fullhdmatch.live
URL: http://v3.fullhdmatch.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6df1976c55f3a24537a5154471fae69a728a41592b621336e4f41c0f6298c1a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://v3.fullhdmatch.live/
Origin: http://v3.fullhdmatch.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55054
x-xss-protection: 0
server: cafe
etag: 15754382621156774356
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 18:27:19 GMT

GET
H2

200

m.js Show response
ljii.github.io/m/
Redirect Chain

http://ljii.github.io/m/m.js
https://ljii.github.io/m/m.js

2 KB
1 KB

57ms
8ms

Script
application/javascript

2606:50c0:8001::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://ljii.github.io/m/m.js

Requested by

Host: v3.fullhdmatch.live
URL: http://v3.fullhdmatch.live/

Protocol

Server

2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

2210d7f2fdcb4c59037b12206d575f736bcc20aae48f3a6936231594c93a3302

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v3.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-fastly-request-id: 2c69bd7423e67248a8a78c683501855b70a28086
strict-transport-security: max-age=31556952
content-encoding: gzip
via: 1.1 varnish
date: Tue, 18 Oct 2022 18:27:18 GMT
age: 585
x-cache: HIT
x-cache-hits: 7
x-proxy-cache: HIT
content-length: 937
x-served-by: cache-fra19124-FRA
last-modified: Tue, 18 Oct 2022 09:55:14 GMT
server: GitHub.com
x-github-request-id: 080E:5487:246D6C8:25A01FB:634E7819
x-timer: S1666117639.988630,VS0,VE1
etag: W/"634e7802-7e0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
expires: Tue, 18 Oct 2022 10:05:33 GMT

Redirect headers

X-Fastly-Request-ID: d22b8a3c7724665f3ad94cd5f55f27bbf5883297
Date: Tue, 18 Oct 2022 18:27:18 GMT
Via: 1.1 varnish
Age: 831
X-Cache: HIT
Connection: keep-alive
Content-Length: 162
X-Served-By: cache-fra19156-FRA
Server: GitHub.com
X-GitHub-Request-Id: 0857:129C:3037423:31D482E:634EECC8
X-Timer: S1666117639.931375,VS0,VE2
Vary: Accept-Encoding
Content-Type: text/html
Location: https://ljii.github.io/m/m.js
permissions-policy: interest-cohort=()
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ 87 KB
28 KB 40ms
18ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: v3.fullhdmatch.live
URL: http://v3.fullhdmatch.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v3.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4749932
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27958
last-modified: Mon, 04 May 2020 23:01:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb09ed3-15d84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xDc3SmELKnFjNdho%2BtlH9Gl08U9Gcfpj1IzqLXrngcRbCePRONyWMy8h6ZL48TSt%2FYPowTUR4ubxci5ZsxQJvuLtIixzJHsyxZpf40Rn9M9U757%2Bc9jXDMUmuWX8VStm4dwv9ePEGVisgb517mLvPtEt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75c353cbebf9bb37-FRA
expires: Sun, 08 Oct 2023 18:27:19 GMT

GET
H/1.1 200
OK cookienotice.js Show response
v3.fullhdmatch.live/js/ 6 KB
3 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:827::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://v3.fullhdmatch.live/js/cookienotice.js

Requested by

Host: v3.fullhdmatch.live
URL: http://v3.fullhdmatch.live/

Protocol

HTTP/1.1

Server

2a00:1450:4001:827::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v3.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:27:19 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 18 Oct 2022 16:51:29 GMT
Server: sffe
Vary: Accept-Encoding
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Type: text/javascript
Cache-Control: public, max-age=604800
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 2026
X-XSS-Protection: 0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Expires: Tue, 25 Oct 2022 18:27:19 GMT

GET
H2 200 1583485740-widgets.js Show response
www.blogger.com/static/v1/widgets/ 154 KB
56 KB 117ms
23ms Script
text/javascript 2a00:1450:4001:831::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/1583485740-widgets.js

Requested by

Host: v3.fullhdmatch.live
URL: http://v3.fullhdmatch.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37512059e7516519ceed7ba00ca5d7523cc5d15ca922435b692ac3678bad5496

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v3.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 08:29:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35865
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56805
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 06:52:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Wed, 18 Oct 2023 08:29:34 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 94ms
17ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128386009-12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v3.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 18 Oct 2022 17:15:57 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4282
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 18 Oct 2022 19:15:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
75 KB 34ms
33ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TE2HPRNHSJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128386009-12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b0f4d5c2876c80d64a5a08bb895553b12aa17ce4638a83b00728cb005ea93da5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v3.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76148
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 18 Oct 2022 18:27:19 GMT

GET
H2 200 fa-regular-400.woff2
pro.fontawesome.com/releases/v5.15.3/webfonts/ 165 KB
165 KB 61ms
30ms Font
font/woff2 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.15.3/webfonts/fa-regular-400.woff2
Requested by: Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.15.3/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4de49631fe60b17010f7cda29a6236ca6ad6102ea204e5c31d2c1e79ee276938

Request headers

Referer: https://pro.fontawesome.com/releases/v5.15.3/css/all.css
Origin: http://v3.fullhdmatch.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:19 GMT
cf-cache-status: HIT
x-amz-request-id: 503AKVAR42W5RHVE
age: 89809
content-length: 168768
x-amz-id-2: 1V4/hVGD7FI1WbhDIsb6U7V3xKxF3AuLU7F/ILNG041XISHvOI4WI90tvGrvQKAzqC8S7Y3HGJM=
last-modified: Mon, 28 Jun 2021 17:23:20 GMT
server: cloudflare
etag: "d8689b99dce7c881d3130f3c91cfefdf"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 75c353cc5f095c14-FRA

GET
H2 200 6xKudSxYI9__J9CYLUv0BnYASA.woff2
fonts.gstatic.com/s/sen/v2/ 10 KB
10 KB 88ms
20ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sen/v2/6xKudSxYI9__J9CYLUv0BnYASA.woff2

Requested by

Host: v3.fullhdmatch.live
URL: http://v3.fullhdmatch.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23b2fd21777b1f79dcd57f38ec1254fde451e11aa5ebc24938b1079a7b4e8a6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://v3.fullhdmatch.live/
Origin: http://v3.fullhdmatch.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 09:05:13 GMT
x-content-type-options: nosniff
age: 552126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10244
x-xss-protection: 0
last-modified: Thu, 23 Jul 2020 19:38:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Oct 2023 09:05:13 GMT

GET
H2 200 6xKjdSxYI9_3nPWNAGn5LA.woff2
fonts.gstatic.com/s/sen/v2/ 10 KB
10 KB 78ms
16ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sen/v2/6xKjdSxYI9_3nPWNAGn5LA.woff2

Requested by

Host: v3.fullhdmatch.live
URL: http://v3.fullhdmatch.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

165ec2e19d2faa9e3562a32cd4e82e03ab835c7ebd6e7a66b589d6687b5fb3d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://v3.fullhdmatch.live/
Origin: http://v3.fullhdmatch.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 07:45:52 GMT
x-content-type-options: nosniff
age: 384087
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10108
x-xss-protection: 0
last-modified: Thu, 23 Jul 2020 19:43:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 14 Oct 2023 07:45:52 GMT

GET
H/1.1 200
OK sprite_v1_6.css.svg
v3.fullhdmatch.live/responsive/ 7 KB
3 KB 40ms
27ms Other
image/svg+xml 2a00:1450:4001:827::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://v3.fullhdmatch.live/responsive/sprite_v1_6.css.svg

Requested by

Host: v3.fullhdmatch.live
URL: http://v3.fullhdmatch.live/

Protocol

HTTP/1.1

Server

2a00:1450:4001:827::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v3.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:27:19 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 18 Oct 2022 08:51:56 GMT
Server: sffe
Vary: Accept-Encoding
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Type: image/svg+xml
Cache-Control: public, max-age=604800
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 2244
X-XSS-Protection: 0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Expires: Tue, 25 Oct 2022 18:27:19 GMT

GET
H2 200 main.js Show response
m9m6e2w5.stackpathcdn.com/v2/d1d50b0d/ 148 KB
41 KB 103ms
11ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://m9m6e2w5.stackpathcdn.com/v2/d1d50b0d/main.js
Requested by: Host: cdn.shareaholic.net
URL: https://cdn.shareaholic.net/assets/pub/shareaholic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 0419e69120a1482daf1f15c02e3f33243fdb086d90cbb69d3bab8aa4de064056

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v3.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:19 GMT
content-encoding: gzip
last-modified: Mon, 03 Oct 2022 22:06:50 GMT
server: nginx
x-amz-request-id: K87QD2K8DXHZWH5P
etag: "cdf3dea93c7b2a9f7a21e20e85edc782"
x-hw: 1666117639.cds012.fr8.hn,1666117639.cds228.fr8.c
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-hello-human: Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges: bytes
content-length: 41827
x-amz-id-2: GTUlIra7KWNBKe1Yl5neNCwH6a9gfP8X2Uu3AKXKMFbKc0/VLejwjV/nMHwRHok7L7gVAFqKONU=

GET
H2 200 country_name Show response
ipapi.co/ 7 B
542 B 274ms
225ms Fetch
text/plain 2606:4700:20::ac43:45e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ipapi.co/country_name

Requested by

Host: ljii.github.io
URL: http://ljii.github.io/m/m.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:20::ac43:45e2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80db4ccdca106d37b920206331fcfe3e9e50a9e763d89b54ce3ad5ac8cf30f03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v3.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:19 GMT
x-content-type-options: nosniff
referrer-policy: same-origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Host, Origin
allow: GET, HEAD, POST, OPTIONS, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: http://v3.fullhdmatch.live
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HHtYeImDr4CzUbcX7MzC%2FRTPr6fzUcpgmHzZR%2BIaMaSN4CIhILvd4gv5THUFc6ABDvmccmWCEmpPRPRS0%2FaES4oDMrME%2BaRoKYpl6NCagkA7j23GCPCPRr6u8O8BSZfJQ%2FJb6OPm"}],"group":"cf-nel","max_age":604800}
x-frame-options: DENY
cf-ray: 75c353cc9ae1bb89-FRA
content-length: 7

GET
H2 200 l
use.typekit.net/af/f3ba4f/00000000000000003b9b12fa/27/ 18 KB
18 KB 66ms
7ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/f3ba4f/00000000000000003b9b12fa/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: v3.fullhdmatch.live
URL: http://v3.fullhdmatch.live/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: d954556a9ec67e4ce63d993d026abf4b6cab1fdd80d3df2d55a76f8c8aaef415

Request headers

Referer: http://v3.fullhdmatch.live/
Origin: http://v3.fullhdmatch.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:19 GMT
server: nginx
etag: "e2418760f00448874f89ae40256bf9d1d180c197"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 18512

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 300 KB
85 KB 20ms
8ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=c591632670d342883d29399b7ac43253

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f1e1dbea60536b45ce0a89366505945bb7dc4d38afdb97f34230de0869025771

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://v3.fullhdmatch.live/
Origin: http://v3.fullhdmatch.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 18 Oct 2022 18:27:19 GMT
content-md5: 5VCfMoewRVCi7YkEcCPpvA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86935
x-fb-rlafr: 0
x-fb-debug: /lnrBCpP1G573cqDcwJBj+WZVFmOrYH/qdfybkXLOwGRbYsc6YqkI+leFaFvo7vW+ZF3yHH/xuRjYdwo6RalpQ==
x-fb-content-md5: 7a4483eed9341559f0c660c2e435d20b
cross-origin-opener-policy: same-origin-allow-popups
etag: "150cbb9485d9297cd594c1237d4f260b"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 18 Oct 2023 17:26:46 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/ 353 KB
116 KB 103ms
74ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8695615805843515&plah=v3.fullhdmatch.live

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4b61957a7f81c371fcb736ae466bb791a3bb7f4b04f7dbc314d5311c268b18e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v3.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118722
x-xss-protection: 0
server: cafe
etag: 9858308648203831227
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 18:27:19 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221013/r20190131/ Frame C843 10 KB
5 KB 55ms
14ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221013/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://v3.fullhdmatch.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 83687
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 19:12:32 GMT
etag: 9671129459699598864
expires: Mon, 31 Oct 2022 19:12:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET 0.php
s4.histats.com/stats/ 0
0

GET
H2 200 cc_511.js Show response
s10.histats.com/counters/ 15 KB
6 KB 54ms
16ms Script
application/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_511.js
Requested by: Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 056c49d5e33c04e80cc64e849f28b2d64398c56a86650788fe73207fa4c6823c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v3.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:17:49 GMT
content-encoding: br
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 51.254.41.128/25
etag: "1364484781"
content-type: application/javascript; charset=UTF-8
x-cdn-pop: rbx1
accept-ranges: bytes
content-length: 5984
x-request-id: 799769172

POST
H2 204 collect
region1.google-analytics.com/g/ 0
349 B 66ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-TE2HPRNHSJ&gtm=2oeah0&_p=1359530120&cid=879531801.1666117639&ul=en-us&sr=1600x1200&_s=1&sid=1666117639&sct=1&seg=0&dl=http%3A%2F%2Fv3.fullhdmatch.live%2F&dt=FullHDMatch.Live%20%7C%20Watch%20Live%20Football%20Match%20%3B%20Highlights%20%7C%20Watch%20Full%20Football%20Matches&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TE2HPRNHSJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v3.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:27:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://v3.fullhdmatch.live
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 56ms
28ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1359530120&t=pageview&_s=1&dl=http%3A%2F%2Fv3.fullhdmatch.live%2F&ul=en-us&de=UTF-8&dt=FullHDMatch.Live%20%7C%20Watch%20Live%20Football%20Match%20%3B%20Highlights%20%7C%20Watch%20Full%20Football%20Matches&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=577343109&gjid=1474774843&cid=879531801.1666117639&tid=UA-128386009-12&_gid=1864351887.1666117639&_r=1&gtm=2ouah0&z=2146197422

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://v3.fullhdmatch.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:27:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://v3.fullhdmatch.live
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 50ms
28ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1359530120&t=pageview&_s=1&dl=http%3A%2F%2Fv3.fullhdmatch.live%2F&ul=en-us&de=UTF-8&dt=FullHDMatch.Live%20%7C%20Watch%20Live%20Football%20Match%20%3B%20Highlights%20%7C%20Watch%20Full%20Football%20Matches&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=870641734&gjid=880859069&cid=879531801.1666117639&tid=UA-128386009-12&_gid=1864351887.1666117639&_r=1&_slc=1&z=1599355804

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://v3.fullhdmatch.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:27:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://v3.fullhdmatch.live
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 e
analytics.shareaholic.com/ 43 B
382 B 321ms
100ms Ping
image/gif 52.200.239.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.shareaholic.com/e

Requested by

Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/d1d50b0d/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.200.239.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-200-239-86.compute-1.amazonaws.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Content-Security-Policy	referrer always

Request headers

Referer: http://v3.fullhdmatch.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:27:19 GMT
content-security-policy: referrer always
vary: Origin
content-type: image/gif
access-control-allow-origin: http://v3.fullhdmatch.live
p3p: CP="OTI DSP COR DEVo ADMa OUR CONo IND COM INT ONL PUR STA OTC"
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
referer-policy: unsafe-url
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 49dbc561232684067adc2160963ff9c6.json Show response
www.shareaholic.net/config/ 4 KB
2 KB 285ms
93ms XHR
application/json 184.73.100.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shareaholic.net/config/49dbc561232684067adc2160963ff9c6.json
Requested by: Host: cdn.shareaholic.net
URL: https://cdn.shareaholic.net/assets/pub/shareaholic.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.73.100.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-73-100-94.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ccd269eaad41f7da4278132de69c6f5006b1b25370e9dc4d6f38b9e9ef90e6ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v3.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-client-geo-country: DE,Deutschland
date: Tue, 18 Oct 2022 10:13:18 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0)
x-client-geo-metrocode
content-length: 1356
x-client-geo-region
server: nginx
etag: W/"ccd269eaad41f7da4278132de69c6f50"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
x-varnish: 616889509 608561489
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Etag, Access-Control-Allow-Origin, x-client-geo-latlong, x-client-geo-country, x-client-geo-city, x-client-geo-zip, x-client-geo-region, x-client-geo-metrocode
cache-control: max-age=3, public, must-revalidate
x-client-geo-city
x-client-geo-zip
access-control-max-age: 2000
accept-ranges: bytes
access-control-allow-headers: *
x-client-geo-latlong: 51.299300,9.491000

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 399 B
701 B 58ms
22ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=v3.fullhdmatch.live&callback=_gfp_s_&client=ca-pub-8695615805843515&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8695615805843515&plah=v3.fullhdmatch.live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4beedc60b96b54bcb461514a9ef3cf3aac4a650cc5b5ae7dacb56086c713160c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v3.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 256
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 89ms
34ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=v3.fullhdmatch.live

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v3.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 58ms
22ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=v3.fullhdmatch.live

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v3.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 02D8 267 KB
59 KB 660ms
627ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&adk=1812271804&adf=3025194257&lmt=1666113798&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fv3.fullhdmatch.live%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&dt=1666117639195&bpp=3&bdt=382&idt=245&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6044018443256&frm=20&pv=2&ga_vid=879531801.1666117639&ga_sid=1666117639&ga_hid=1359530120&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706&oid=2&pvsid=299274748308071&tmod=2027473447&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=268

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef2116475431e0880e17c8e61c46f01a112ce8c57f55ead481d3183e7e0d3c9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://v3.fullhdmatch.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 59959
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 18:27:20 GMT
expires: Tue, 18 Oct 2022 18:27:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E742 97 KB
33 KB 818ms
795ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=280&slotname=6901856940&adk=2242244602&adf=2029293275&pi=t.ma~as.6901856940&w=1058&fwrn=4&fwrnh=100&lmt=1666113798&rafmt=1&format=1058x280&url=http%3A%2F%2Fv3.fullhdmatch.live%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1666117639199&bpp=3&bdt=387&idt=269&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6044018443256&frm=20&pv=1&ga_vid=879531801.1666117639&ga_sid=1666117639&ga_hid=1359530120&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=271&ady=89&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706&oid=2&pvsid=299274748308071&tmod=2027473447&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=ImimEoLhwG&p=http%3A//v3.fullhdmatch.live&dtd=274

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc6e8968ddd4b60324624cbec0c6109dafa5d300c2a1110b4585cda76c45139

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://v3.fullhdmatch.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33424
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 18:27:20 GMT
expires: Tue, 18 Oct 2022 18:27:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 555E 436 B
235 B 257ms
248ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=90&slotname=8770876385&adk=2790283832&adf=3278629357&pi=t.ma~as.8770876385&w=300&lmt=1666113798&format=300x90&url=http%3A%2F%2Fv3.fullhdmatch.live%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1666117639205&bpp=1&bdt=393&idt=273&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1058x280&nras=1&correlator=6044018443256&frm=20&pv=1&ga_vid=879531801.1666117639&ga_sid=1666117639&ga_hid=1359530120&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706&oid=2&pvsid=299274748308071&tmod=2027473447&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoenEr%7C&abl=CS&pfx=0&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&xpc=m3UUxSgejr&p=http%3A//v3.fullhdmatch.live&dtd=283

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f939f3939e6b712078490af7ea310a7323c7c6071d9d40d87dd64b9c2142c559

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://v3.fullhdmatch.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 18:27:19 GMT
expires: Tue, 18 Oct 2022 18:27:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6F25 64 KB
12 KB 991ms
990ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=600&slotname=4932437216&adk=145586122&adf=507318885&pi=t.ma~as.4932437216&w=300&lmt=1666113798&format=300x600&url=http%3A%2F%2Fv3.fullhdmatch.live%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1666117639206&bpp=1&bdt=393&idt=291&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1058x280%2C300x90&nras=1&correlator=6044018443256&frm=20&pv=1&ga_vid=879531801.1666117639&ga_sid=1666117639&ga_hid=1359530120&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1029&ady=649&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706&oid=2&pvsid=299274748308071&tmod=2027473447&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=G7A6y1BS4D&p=http%3A//v3.fullhdmatch.live&dtd=295

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14eba6d81888442a920651520a43bad2247f6baef2d9c6e8a6bc46971178083a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://v3.fullhdmatch.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-expose-headers: x-google-amp-ad-validated-version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 12035
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 18:27:20 GMT
expires: Tue, 18 Oct 2022 18:27:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2-c/s/0.6.42/ 53 KB
23 KB 102ms
102ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2-c/s/0.6.42/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/d83chgwc9t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d97ca913935c9897ac4e255d17e14c8a3f0d8513681fe5b6736c4921fc5dd078

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v3.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:19 GMT
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
etag: "1d8e1772970c9d4"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
x-azure-ref: 0B/BOYwAAAABoH7X3zZyoQ5j+8BapIBDfQU1TMDRFREdFMTkwNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 buttons.js Show response
m9m6e2w5.stackpathcdn.com/v2/d1d50b0d/ 179 KB
37 KB 13ms
13ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://m9m6e2w5.stackpathcdn.com/v2/d1d50b0d/buttons.js
Requested by: Host: cdn.shareaholic.net
URL: https://cdn.shareaholic.net/assets/pub/shareaholic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 8123dc2bf66e2ac6977d94fe97c53156eeccde550b99431793c630e765897aee

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v3.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:19 GMT
content-encoding: gzip
last-modified: Mon, 03 Oct 2022 22:06:50 GMT
server: nginx
x-amz-request-id: K87KX5DZ3K2JV1FN
etag: "49e3d95d37cfa985c04180587e25647b"
x-hw: 1666117639.cds012.fr8.hn,1666117639.cds004.fr8.c
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-hello-human: Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges: bytes
content-length: 37579
x-amz-id-2: QcId8CFo5Zdm964rH7sV9qNV7j1bLZLu88hMuZQKgH/qbLt+cH7Jlb63uuDidJUKRywCaU+hM6o=

GET
H2 200 partners.js Show response
partner.shareaholic.com/ 0
265 B 330ms
107ms Script
application/javascript 107.20.140.231
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://partner.shareaholic.com/partners.js?location=http%3A%2F%2Fv3.fullhdmatch.live%2F&canonical=http%3A%2F%2Fv1.liveisl.com%2F&cl=es&id_sync=99277c79-5f4d-48c6-adfa-ae58c020ea9c&pvs=1&site=49dbc561232684067adc2160963ff9c6
Requested by: Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/d1d50b0d/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.20.140.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-20-140-231.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v3.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:27:20 GMT
vary: Accept-Encoding, User-Agent
p3p: CP='OTI DSP COR DEVo ADMa OUR CONo IND COM INT ONL PUR STA OTC'
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 204 collect Show response
i.clarity.ms/ 0
160 B 529ms
198ms XHR
text/plain 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-c/s/0.6.42/clarity.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: http://v3.fullhdmatch.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: http://v3.fullhdmatch.live
date: Tue, 18 Oct 2022 18:27:19 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
DATA 200
OK truncated
/ 492 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4299f2aaa46eea61cff7da0f945e26cf0ace8a35ea912182e7df2a9958db8e10

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v3.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/ 151 KB
54 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b5670c5f23a28f85b4e0db49aa2258084e7ca0a0f2634cbfcea0709dede7d17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v3.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55062
x-xss-protection: 0
server: cafe
etag: 125320347866529335
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 18:27:20 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 81ms
26ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=v3.fullhdmatch.live

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v3.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 74ms
23ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=v3.fullhdmatch.live

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v3.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/ Frame D4B4 10 KB
4 KB 14ms
14ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://v3.fullhdmatch.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 83948
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 19:08:12 GMT
etag: 9671129459699598864
expires: Mon, 31 Oct 2022 19:08:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/ Frame B0D0 10 KB
4 KB 15ms
15ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://v3.fullhdmatch.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 83948
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 19:08:12 GMT
etag: 9671129459699598864
expires: Mon, 31 Oct 2022 19:08:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 error_handler.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/ Frame D4B4 7 KB
3 KB 81ms
18ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/error_handler.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

24990b0f369ea0118c5422ecd9f8e32c7396494bd79534d3b94994776c1f7fb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:11:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83725
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3294
x-xss-protection: 0
server: cafe
etag: 14289603424516195473
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 19:11:55 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame D4B4 4 KB
709 B 84ms
30ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Oct 2022 18:27:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 16:27:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Oct 2022 18:27:20 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D4B4 205 B
294 B 75ms
21ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 17:21:15 GMT
x-content-type-options: nosniff
age: 3965
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 18 Oct 2023 17:21:15 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D4B4 604 B
1 KB 68ms
14ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 17:20:18 GMT
x-content-type-options: nosniff
age: 4022
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 18 Oct 2023 17:20:18 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/elements/html/ Frame D4B4 19 KB
9 KB 77ms
16ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a091a670b6bf03510fc7a1b3c74a417c4a8c8937f7fb0c9a1517a95bdd7ab18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:05:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1298
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8235
x-xss-protection: 0
server: cafe
etag: 7715946797152839796
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 18:05:42 GMT

GET
H2 200 error_handler.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/ Frame B0D0 7 KB
3 KB 73ms
19ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/error_handler.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

24990b0f369ea0118c5422ecd9f8e32c7396494bd79534d3b94994776c1f7fb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:11:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83725
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3294
x-xss-protection: 0
server: cafe
etag: 14289603424516195473
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 19:11:55 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B0D0 8 KB
1 KB 74ms
28ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Oct 2022 18:27:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 16:40:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Oct 2022 18:27:20 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B0D0 152 KB
47 KB 78ms
25ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Oct 2022 18:27:20 GMT

GET
H2 200 1d54d8cacad5994e062108e03542c880.js Show response
www.gstatic.com/mysidia/ Frame B0D0 33 KB
14 KB 61ms
16ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1d54d8cacad5994e062108e03542c880.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 06:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 389135
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Mon, 10 Oct 2022 20:37:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Jan 2023 06:21:45 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E742 8 KB
895 B 76ms
24ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=280&slotname=6901856940&adk=2242244602&adf=2029293275&pi=t.ma~as.6901856940&w=1058&fwrn=4&fwrnh=100&lmt=1666113798&rafmt=1&format=1058x280&url=http%3A%2F%2Fv3.fullhdmatch.live%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1666117639199&bpp=3&bdt=387&idt=269&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6044018443256&frm=20&pv=1&ga_vid=879531801.1666117639&ga_sid=1666117639&ga_hid=1359530120&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=271&ady=89&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706&oid=2&pvsid=299274748308071&tmod=2027473447&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=ImimEoLhwG&p=http%3A//v3.fullhdmatch.live&dtd=274

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Oct 2022 18:27:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 16:33:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Oct 2022 18:27:20 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/ Frame E742 2 KB
902 B 122ms
36ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 17:14:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4357
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 17:14:43 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/ Frame E742 23 KB
9 KB 104ms
19ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 12:02:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23061
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9578
x-xss-protection: 0
server: cafe
etag: 2674910403068493586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 12:02:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/ Frame E742 3 KB
1 KB 94ms
35ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 17:21:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3973
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 17:21:07 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/ Frame E742 17 KB
7 KB 100ms
15ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 16:39:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6451
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 16:39:49 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E742 152 KB
46 KB 76ms
24ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Oct 2022 18:27:20 GMT

GET
H3 200 1d54d8cacad5994e062108e03542c880.js Show response
www.gstatic.com/mysidia/ Frame E742 33 KB
13 KB 73ms
14ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1d54d8cacad5994e062108e03542c880.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 06:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 389135
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Mon, 10 Oct 2022 20:37:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Jan 2023 06:21:45 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E742 0
0 60ms
59ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CnC5LB_BOY66uIcOVywW3hpS4B-CfwdNsq526hvkPrpiFhdIuEAEg56LCS2CVwqaCsAegAeenmN8CyAEJqQIHK1nUeXywPqgDAcgDywSqBOABT9D5boOLQuwXIC5MdjZ_hx5QpEIKlhvAR_S6P6Riy8M1lcsqOFmoCm3Y6r3yZRYAmbBhw_8hMD-JBe0M5TvBAvhHx5DDGgVJ9XlGMqsKEKKjNMPNnThyZanJsYhbCutZETtYNUAR2KrEEc0eRodFxZpkRW0LgDiTkfmNpaYgIEwDiSzyjzh2q-f-eGc28o0XLsh_yLVEgpaRMaGnX7UaMhhXPGalZbSwO9LYbxOes-38oCfNjqakOByAnhZqqcy7OOMAabCkV-XuNyHjq5bcIKSBM3Hq85a8dZSfHnP2oRLABMXS4dDjA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeB2OegAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEJCFCtIIEQiA4YBwEAEYHzIC6wI6AoBAgAoByAsB2BMMiBQC0BUBmBYBgBcBshccChoIABIUcHViLTg2OTU2MTU4MDU4NDM1MTUYAA&sigh=JJriMotv3Ck&uach_m=[UACH]&cid=CAQSGwDq26N9-J0p0dV10AYx_-OKY9UIPysn5nCpHRgBIA4&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=280&slotname=6901856940&adk=2242244602&adf=2029293275&pi=t.ma~as.6901856940&w=1058&fwrn=4&fwrnh=100&lmt=1666113798&rafmt=1&format=1058x280&url=http%3A%2F%2Fv3.fullhdmatch.live%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1666117639199&bpp=3&bdt=387&idt=269&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6044018443256&frm=20&pv=1&ga_vid=879531801.1666117639&ga_sid=1666117639&ga_hid=1359530120&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=271&ady=89&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706&oid=2&pvsid=299274748308071&tmod=2027473447&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=ImimEoLhwG&p=http%3A//v3.fullhdmatch.live&dtd=274
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 18 Oct 2022 18:27:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 18 Oct 2022 18:27:20 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/2664815176595261024/ Frame E742 18 KB
18 KB 63ms
25ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2664815176595261024/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

914ed31c7f957f4e8dbf859a17327018ece2bdbe265221081f9883209315b61a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 09:44:22 GMT
x-content-type-options: nosniff
age: 549778
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18337
x-xss-protection: 0
last-modified: Wed, 18 May 2022 12:38:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 12 Oct 2023 09:44:22 GMT

GET
DATA 200
OK truncated
/ Frame E742 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E742 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 error_handler.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/ Frame 96D0 7 KB
3 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/error_handler.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

24990b0f369ea0118c5422ecd9f8e32c7396494bd79534d3b94994776c1f7fb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:11:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83725
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3294
x-xss-protection: 0
server: cafe
etag: 14289603424516195473
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 19:11:55 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 96D0 8 KB
895 B 23ms
22ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Oct 2022 18:27:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 17:11:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Oct 2022 18:27:20 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 96D0 152 KB
46 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Oct 2022 18:27:20 GMT

GET
H3 200 1d54d8cacad5994e062108e03542c880.js Show response
www.gstatic.com/mysidia/ Frame 96D0 33 KB
13 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1d54d8cacad5994e062108e03542c880.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 06:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 389135
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Mon, 10 Oct 2022 20:37:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Jan 2023 06:21:45 GMT

GET
H3 200 subresource.wbn
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/ Frame B0D0 0
86 KB 43ms
14ms Other
application/webbundle 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/subresource.wbn

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:06:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1280
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87739
x-xss-protection: 0
server: cafe
etag: 17000915530602879223
vary: Accept-Encoding
content-type: application/webbundle
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 18:06:00 GMT

GET
H/1.1 200
OK load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/ Frame B0D0 2 KB
2 KB 38ms
38ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

HTTP/1.1

Server

-, , ASN (),

Reverse DNS

Software

Resource Hash

788b4b39048d65197e129cde12a0318b15613d13cbaf3b6dd35b5fd91e8be6c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
X-Content-Type-Options: nosniff, nosniff
content-type: text/javascript; charset=utf-8

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B0D0 0
0 60ms
60ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CguIlB_BOY6j-IMGLygXYvpPQA9_S2P5s_tnUld4Qhbbpz8gCEAEg56LCS2CVwqaCsAegAdP89tUDyAEJqQIHK1nUeXywPqgDAcgDywSqBNwBT9AA6tqwDjXK4K1XNIjxPrpZqJX_HHDuI6Fiu2kfZegoXaS8ONLF78DNiX_BHr-Xmx4yuxmva6SqyLtM2u6W_pUb84r9G2yvwGK-j4v-mHefW5i999rtSE9FBtH8CxZRoU8jy8FCsRpTw1WKlz0O2narOH8lI0-JMBuxnPdfY-2I1RzzNvjhmzH9h3iGoNg4TLB4j7cPA0q8A4_AaXIJSroYHirWmTU0ZYygZ_j72Gyf-mCwlo46ZeRmlo4-9Yf-FMUcl5lleTswiNIF4FCT1XouaG5FniCA0RKL-sAEiobayZYEkgUECAQYAZIFBAgFGASgBi6AB5bc7MgBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ3YEF0ggRCIDhgHAQARgfMgLrAjoCgECACgHICwGYDMi4naqUBLgTgwTYEw7QFQGAFwGyFxwKGggAEhRwdWItODY5NTYxNTgwNTg0MzUxNRgA&sigh=XwdP77Eypv4&uach_m=[UACH]&cid=CAQSGwDq26N99TBc0x4V1mEZUhBBlLpCGkK3Ee0fGRgBIA4&template_id=515

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 18 Oct 2022 18:27:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/ Frame B0D0 23 KB
23 KB 57ms
57ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

HTTP/1.1

Server

-, , ASN (),

Reverse DNS

Software

Resource Hash

6437289baad6bb04808039cf10f373d013011467b6904fcd3937ce9c981d6f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
X-Content-Type-Options: nosniff, nosniff
content-type: text/javascript; charset=utf-8

GET
H3 200 290213119572298948
tpc.googlesyndication.com/simgad/ Frame B0D0 970 B
997 B 15ms
14ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/290213119572298948?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c4885210d309a9a034d612e9ab2c94165b0c6f1bf5e528005b985ae04c9e65b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 22:32:23 GMT
x-content-type-options: nosniff
age: 417297
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 970
x-xss-protection: 0
last-modified: Wed, 11 May 2022 10:49:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 13 Oct 2023 22:32:23 GMT

GET
DATA 200
OK truncated
/ Frame B0D0 195 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B0D0 246 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d1abe31a63ea69ba668691d6bf5853ad2b3dc5c6ebfb44d4c79c2ab53146d572

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B0D0 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012210071758000/ Frame 6F25 221 KB
61 KB 80ms
14ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210071758000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=600&slotname=4932437216&adk=145586122&adf=507318885&pi=t.ma~as.4932437216&w=300&lmt=1666113798&format=300x600&url=http%3A%2F%2Fv3.fullhdmatch.live%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1666117639206&bpp=1&bdt=393&idt=291&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1058x280%2C300x90&nras=1&correlator=6044018443256&frm=20&pv=1&ga_vid=879531801.1666117639&ga_sid=1666117639&ga_hid=1359530120&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1029&ady=649&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706&oid=2&pvsid=299274748308071&tmod=2027473447&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=G7A6y1BS4D&p=http%3A//v3.fullhdmatch.live&dtd=295

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf0aa24d09af1cf519a71ab5810beada6d9519e92e9203719edae4f47c793630

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 17 Oct 2022 17:09:22 GMT
age: 91078
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61557
x-xss-protection: 0
server: sffe
etag: "6f919b986f193e5c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 17 Oct 2023 17:09:22 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012210071758000/v0/ Frame 6F25 14 KB
5 KB 102ms
36ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210071758000/v0/amp-ad-exit-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce909c4473953c4cb77c836309b8a3c7bcd8c5c75cacd504804e230017c1d8ec

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 17 Oct 2022 17:09:22 GMT
age: 91078
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5208
x-xss-protection: 0
server: sffe
etag: "79c6a9d24c248711"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 17 Oct 2023 17:09:22 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012210071758000/v0/ Frame 6F25 94 KB
28 KB 77ms
37ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210071758000/v0/amp-analytics-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9149b5f9e35be0572e7809bbe20cdaca83abaa455747390c2a0a2432736df52

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 17 Oct 2022 17:09:22 GMT
age: 91078
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28805
x-xss-protection: 0
server: sffe
etag: "61ef65d2d2d03d2c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 17 Oct 2023 17:09:22 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012210071758000/v0/ Frame 6F25 72 KB
16 KB 84ms
44ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210071758000/v0/amp-animation-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8d155725fe88d694620d079e6e05f63984d946ce379b51e4479b484e3081059

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 17 Oct 2022 17:09:25 GMT
age: 91075
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16673
x-xss-protection: 0
server: sffe
etag: "ff7b504924452205"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 17 Oct 2023 17:09:25 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012210071758000/v0/ Frame 6F25 5 KB
2 KB 81ms
42ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210071758000/v0/amp-fit-text-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0be6f22877adc569a912e863f73a544a719254fb769e5fae863a68a3226a77d7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 17 Oct 2022 17:09:22 GMT
age: 91078
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1904
x-xss-protection: 0
server: sffe
etag: "cd31ad97eaf70e3d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 17 Oct 2023 17:09:22 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012210071758000/v0/ Frame 6F25 40 KB
13 KB 82ms
43ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210071758000/v0/amp-form-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63a6662d57c222f2ddd2a524dad8141679764784629d3c19a4ce438bd180a4fe

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 17 Oct 2022 17:09:22 GMT
age: 91078
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12962
x-xss-protection: 0
server: sffe
etag: "81bd7ae64421add4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 17 Oct 2023 17:09:22 GMT

GET
H3 200 es.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6F25 3 KB
3 KB 20ms
16ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/es.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 01:00:33 GMT
x-content-type-options: nosniff
server: cafe
age: 62807
etag: 15820072736840818134
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2687
x-xss-protection: 0
expires: Wed, 19 Oct 2022 01:00:33 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6F25 295 B
319 B 18ms
15ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 09:39:44 GMT
x-content-type-options: nosniff
server: cafe
age: 31656
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Wed, 19 Oct 2022 09:39:44 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6F25 0
17 B 62ms
59ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C6XvQB_BOY-CNIdKdywWz6Ly4DbqTwcpovOXj2_YO1_D0_QgQASDnosJLYJXCpoKwB6AB8ajGzgPIAQmpAgcrWdR5fLA-qAMByAMIqgTlAU_Q3Vlc10qyZ0kYuAycZkn5ArN2vhD6ieMFT9BP-Y5eyrctvGL2pTxdSjcSqlVHLkmWW-ALotlwgtzNnQYQT6Z9U6TyQA5ANPdX6BL1Izpz4ebUfsR86QFOIIKyDzZzQ9e4mMiNJifWi2J0Ifo6NJnV9hi4TIc2btXvhM5gwE8LcQVqc2biHPz66-BEfcAIlfHErc_on2yUJE-FKRM-ihBLXJbeK9PdJBJZIUlTdDoIMvxoSsyOv8_0F6gubCcRhelCo1vIin2dSNirxvE14uEX1-Q61m0GiMu4LL5sYpysfrkap7zABLr_2fHxA5IFBAgEGAGSBQQIBRgEoAYugAf31rkxqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQoeQO0ggRCIDhgHAQARgfMgLrAjoCgECACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItODY5NTYxNTgwNTg0MzUxNRgA&sigh=cYwqFwuF9Bg&uach_m=[UACH]&cid=CAQSGwDq26N9WMzaPIODJ_X0eMPIFAfLAXdmPt2l0BgBIA4&template_id=419

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=600&slotname=4932437216&adk=145586122&adf=507318885&pi=t.ma~as.4932437216&w=300&lmt=1666113798&format=300x600&url=http%3A%2F%2Fv3.fullhdmatch.live%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1666117639206&bpp=1&bdt=393&idt=291&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1058x280%2C300x90&nras=1&correlator=6044018443256&frm=20&pv=1&ga_vid=879531801.1666117639&ga_sid=1666117639&ga_hid=1359530120&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1029&ady=649&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706&oid=2&pvsid=299274748308071&tmod=2027473447&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=G7A6y1BS4D&p=http%3A//v3.fullhdmatch.live&dtd=295
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 18 Oct 2022 18:27:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 subresource.wbn
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/ Frame 96D0 0
86 KB 13ms
13ms Other
application/webbundle 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/subresource.wbn

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:06:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1280
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87739
x-xss-protection: 0
server: cafe
etag: 17000915530602879223
vary: Accept-Encoding
content-type: application/webbundle
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 18:06:00 GMT

GET
H/1.1 200
OK load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/ Frame 96D0 2 KB
2 KB 17ms
17ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

HTTP/1.1

Server

-, , ASN (),

Reverse DNS

Software

Resource Hash

788b4b39048d65197e129cde12a0318b15613d13cbaf3b6dd35b5fd91e8be6c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
X-Content-Type-Options: nosniff, nosniff
content-type: text/javascript; charset=utf-8

GET
H/1.1 200
OK abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/ Frame 96D0 23 KB
23 KB 15ms
15ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

HTTP/1.1

Server

-, , ASN (),

Reverse DNS

Software

Resource Hash

6437289baad6bb04808039cf10f373d013011467b6904fcd3937ce9c981d6f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
X-Content-Type-Options: nosniff, nosniff
content-type: text/javascript; charset=utf-8

GET
DATA 200
OK truncated
/ Frame E742 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cccabc8727cb6288e07cb25db11c24112e286a49866da3f54007c35a7639f87f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6F25 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2f0ea5e4453ad31d9753ee5ccda2d774d8ef5c886fe1997d01ea8564d0278d19

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 2764.svg
tpc.googlesyndication.com/sadbundle/13116085375167173279/images/ Frame 6F25 144 B
169 B 15ms
15ms Image
image/svg+xml 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/13116085375167173279/images/2764.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5385c72811d04d2e59aa671d5448ee6162dd86098fbff00ea20ea37e93396339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 22:17:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 158997
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 18:20:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 16 Oct 2023 22:17:23 GMT

GET
H3 200 3122.jpg
tpc.googlesyndication.com/sadbundle/13116085375167173279/images/ Frame 6F25 47 KB
47 KB 24ms
23ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/13116085375167173279/images/3122.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e74daeb59e33900c5b0368788e4abfac629450748db66c9fa3043fe0e5370744

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 09:44:14 GMT
x-content-type-options: nosniff
age: 549786
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48124
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 18:20:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 12 Oct 2023 09:44:14 GMT

GET
H3 200 3123.svg
tpc.googlesyndication.com/sadbundle/13116085375167173279/images/ Frame 6F25 4 KB
2 KB 21ms
20ms Image
image/svg+xml 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/13116085375167173279/images/3123.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27ee33b267f9acbac4dc3a15b204ba8801cbc35a62c1df140f75fd0822660a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 15:33:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 528855
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1909
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 18:20:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 12 Oct 2023 15:33:05 GMT

GET
H3 200 3138.svg
tpc.googlesyndication.com/sadbundle/13116085375167173279/images/ Frame 6F25 7 KB
2 KB 21ms
20ms Image
image/svg+xml 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/13116085375167173279/images/3138.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43e534e9a4fd1ab9e8086724b8e2e8113490d35d82bdeb8403a936c6ceed1f21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 15:33:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 528855
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2173
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 18:20:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 12 Oct 2023 15:33:05 GMT

GET
H3 200 21112.svg
tpc.googlesyndication.com/sadbundle/13116085375167173279/images/ Frame 6F25 15 KB
4 KB 23ms
22ms Image
image/svg+xml 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/13116085375167173279/images/21112.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a90eaae6e8b4647b24381977d7a0328faf314a1a270d1b50fef7bd108c9b9b23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 15:33:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 528855
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4082
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 18:20:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 12 Oct 2023 15:33:05 GMT

GET
H3 200 21113.svg
tpc.googlesyndication.com/sadbundle/13116085375167173279/images/ Frame 6F25 18 KB
8 KB 20ms
19ms Image
image/svg+xml 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/13116085375167173279/images/21113.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8a3b4d5e6a0344f91c660574728fefe05d0f49d6cbd9dfb03a4d696b484cca5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 05:26:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 392468
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7852
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 18:20:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 14 Oct 2023 05:26:12 GMT

GET
H/1.1 200
OK window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/ Frame B0D0 3 KB
3 KB 0ms
0ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

HTTP/1.1

Server

-, , ASN (),

Reverse DNS

Software

Resource Hash

14037f9fdb099dcf3199b1b2e18683ccb33182bea08fded83e346c923b25bf92

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
X-Content-Type-Options: nosniff, nosniff
content-type: text/javascript; charset=utf-8

GET
H/1.1 200
OK qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/ Frame B0D0 17 KB
17 KB 0ms
0ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

HTTP/1.1

Server

-, , ASN (),

Reverse DNS

Software

Resource Hash

fafe94fc03a1a9cc6a9f7a77b978a143719cdfd9f410f47e7135e0bf3260c76f

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
X-Content-Type-Options: nosniff, nosniff
content-type: text/javascript; charset=utf-8

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame E742 28 KB
28 KB 45ms
14ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:44:44 GMT
x-content-type-options: nosniff
age: 553356
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Oct 2023 08:44:44 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6E4B 143 B
166 B 15ms
14ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 717
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 18:15:23 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/ Frame 96D0 3 KB
3 KB 0ms
0ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

HTTP/1.1

Server

-, , ASN (),

Reverse DNS

Software

Resource Hash

14037f9fdb099dcf3199b1b2e18683ccb33182bea08fded83e346c923b25bf92

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
X-Content-Type-Options: nosniff, nosniff
content-type: text/javascript; charset=utf-8

GET
H/1.1 200
OK qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/ Frame 96D0 17 KB
17 KB 0ms
0ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

HTTP/1.1

Server

-, , ASN (),

Reverse DNS

Software

Resource Hash

fafe94fc03a1a9cc6a9f7a77b978a143719cdfd9f410f47e7135e0bf3260c76f

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
X-Content-Type-Options: nosniff, nosniff
content-type: text/javascript; charset=utf-8

GET
H3 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012210071758000/ 23 KB
8 KB 44ms
15ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210071758000/amp4ads-host-v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df10239e9f31b0a8cc0b08685e86e23f36ea9d3be2319b2b9027a34285289d86

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v3.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 17 Oct 2022 17:09:26 GMT
age: 91074
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7854
x-xss-protection: 0
server: sffe
etag: "e3e32df4901536ad"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 17 Oct 2023 17:09:26 GMT

GET
H3 200 es.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6F25 3 KB
3 KB 14ms
14ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/es.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012210071758000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 01:00:33 GMT
x-content-type-options: nosniff
server: cafe
age: 62807
etag: 15820072736840818134
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2687
x-xss-protection: 0
expires: Wed, 19 Oct 2022 01:00:33 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6F25 295 B
319 B 14ms
14ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012210071758000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 09:39:44 GMT
x-content-type-options: nosniff
server: cafe
age: 31656
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Wed, 19 Oct 2022 09:39:44 GMT

GET
H3 200 7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js Show response
pagead2.googlesyndication.com/bg/ Frame F5F2 36 KB
16 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec9114246d6354284832e8623b156ead037da4840b78134aaff6a2673e620b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 06:21:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43573
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15945
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 06:21:07 GMT

GET
DATA 200
OK truncated
/ Frame B0D0 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 521efd7ea11bd79c8e1dcb42df087e04c88a4325e18e968b6a464f1b4c48bcc1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6E4B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
18 B

33ms
33ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 18:27:20 GMT
expires: Tue, 18 Oct 2022 18:27:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 18:27:20 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
i.clarity.ms/ 0
48 B 194ms
193ms XHR
text/plain 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-c/s/0.6.42/clarity.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash

Request headers

Accept: application/x-clarity-gzip
Referer: http://v3.fullhdmatch.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: http://v3.fullhdmatch.live
date: Tue, 18 Oct 2022 18:27:20 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H3 200 7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js Show response
pagead2.googlesyndication.com/bg/ Frame ADB1 36 KB
16 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec9114246d6354284832e8623b156ead037da4840b78134aaff6a2673e620b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 06:21:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43573
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15945
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 06:21:07 GMT

GET
H3 200 sodar
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 90ms
40ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221013&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v3.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11374
x-xss-protection: 0

GET

c.gif
c.bing.com/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=AEF80FFACDDE446890497A94D9D85FA8&RedC=c.clarity.ms&MXFR=2ED97E9C20A1683F29636CDD24A16690

0
0

GET
H/1.1 200
OK Primary Request / Show response
v1.liveisl.com/ 153 KB
27 KB 307ms
165ms Document
text/html 2a00:1450:4001:827::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://v1.liveisl.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:827::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6c0f64d0c20bad379c90653e2a863e6cbeb355b2d0230d8e37a60ff06f30eacf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://v3.fullhdmatch.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, max-age=0
Content-Encoding: gzip
Content-Length: 27480
Content-Type: text/html; charset=UTF-8
Date: Tue, 18 Oct 2022 18:27:21 GMT
ETag: W/"e047ddc1c44e0bf85bbba296860d352213d78f1cc9a9143ac6ac3dd52ee9e9c8"
Expires: Tue, 18 Oct 2022 18:27:21 GMT
Last-Modified: Tue, 18 Oct 2022 17:50:23 GMT
Server: GSE
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H3 200 sodar2.js
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v3.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Oct 2022 18:27:21 GMT

GET
H3 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame ED47 0
0 15ms
14ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://v3.fullhdmatch.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 522
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 18:18:39 GMT
expires: Wed, 18 Oct 2023 18:18:39 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET aframe
www.google.com/recaptcha/api2/ Frame BD15 0
0

POST collect
region1.google-analytics.com/g/ 0
0

POST collect
i.clarity.ms/ 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame E742 0
0

POST activeview
pagead2.googlesyndication.com/pcs/ Frame 6F25 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame B0D0 0
0

GET
H3 200 2975350028-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 35 KB
8 KB 56ms
24ms Stylesheet
text/css 2a00:1450:4001:831::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css

Requested by

Host: v1.liveisl.com
URL: http://v1.liveisl.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

288536942edd2d9002fff4b7d9085f331ff73ea9cd24653e78e6a17ea09c5a0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.liveisl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 08:11:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36932
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7776
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 00:50:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Wed, 18 Oct 2023 08:11:49 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
42 KB 30ms
28ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-128386009-14

Requested by

Host: v1.liveisl.com
URL: http://v1.liveisl.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

732168df53bbc5637515dc63fc4a27bb169089e8825ae99e4c01448fc3d9ff7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.liveisl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43045
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 18 Oct 2022 18:27:21 GMT

GET
H2 200 shareaholic.js Show response
cdn.shareaholic.net/assets/pub/ 10 KB
4 KB 13ms
12ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.shareaholic.net/assets/pub/shareaholic.js
Requested by: Host: v1.liveisl.com
URL: http://v1.liveisl.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 53c311faa86a6220eedcc8ca4329e87c2b28f84a47f0b41f9c04937790ae93ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.liveisl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:21 GMT
content-encoding: gzip
last-modified: Mon, 03 Oct 2022 22:06:54 GMT
server: nginx
x-amz-request-id: K87N5EG892W3A30P
etag: "c3860fcea29c634ad082b216015eaa52"
x-hw: 1666117641.cds109.fr8.hn,1666117641.cds285.fr8.c
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1200, public
x-hello-human: Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges: bytes
content-length: 4286
x-amz-id-2: SRsVLrZJkEYb+K+U6HYZEII1FkjnMJ9k8qD0boJ9jURJLeILCiFoXghtpoeObRaXGloUbVlJ3QA=

GET
H3 200 css2
fonts.googleapis.com/ 395 B
313 B 25ms
24ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Permanent+Marker

Requested by

Host: v1.liveisl.com
URL: http://v1.liveisl.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e6d91eb2f38a9f08227d73aa307bffdcbf5a0623366e513f9652691f4185f54c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.liveisl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Oct 2022 18:27:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 17:48:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Oct 2022 18:27:21 GMT

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.3/ 82 KB
30 KB 30ms
15ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js

Requested by

Host: v1.liveisl.com
URL: http://v1.liveisl.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.liveisl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 13 Oct 2022 07:57:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 469771
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 29707
X-XSS-Protection: 0
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Vary: Accept-Encoding
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Fri, 13 Oct 2023 07:57:50 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 166 KB
54 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: v1.liveisl.com
URL: http://v1.liveisl.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1eb9b73f36bea013f05892268b4a32f864fe34e82da110e1e2eaa0609daae4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.liveisl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55040
x-xss-protection: 0
server: cafe
etag: 11928087697979284599
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 18:27:21 GMT

GET
H3 200 AVvXsEi9AqEfdseAdhNsTgp9MUYN4iZV8E7Q0uB6O3Q25qYbOl5pR9DyTjHkQ73k7QEdvm9RF3nWFh3eOKpy7nsnPMmULeG0eGpia_z5Hlcalwl-hw08QOgcggjTu-UKJLsS7f7cFdTvMkytdox9INxvLRyAZqPViNOjIEkaOPxAc81bMMtk2xnYaM-lvPBnUg=s200
blogger.googleusercontent.com/img/a/ 1 KB
1 KB 304ms
272ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEi9AqEfdseAdhNsTgp9MUYN4iZV8E7Q0uB6O3Q25qYbOl5pR9DyTjHkQ73k7QEdvm9RF3nWFh3eOKpy7nsnPMmULeG0eGpia_z5Hlcalwl-hw08QOgcggjTu-UKJLsS7f7cFdTvMkytdox9INxvLRyAZqPViNOjIEkaOPxAc81bMMtk2xnYaM-lvPBnUg=s200

Requested by

Host: v1.liveisl.com
URL: http://v1.liveisl.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5be9a295048310ed5e10a49d3dc52124193100bfbc1e9954590483e7703df913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.liveisl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v1516"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Untitled.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1069
x-xss-protection: 0
expires: Wed, 19 Oct 2022 18:27:21 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 167 KB
54 KB 49ms
46ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8695615805843515

Requested by

Host: v1.liveisl.com
URL: http://v1.liveisl.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

538c0d41a54726248f1eebd7fc1da771675f5635ba14c6f4d1e3f745d327e433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://v1.liveisl.com/
Origin: http://v1.liveisl.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55149
x-xss-protection: 0
server: cafe
etag: 8747280682551465337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 18:27:21 GMT

GET
H2 200 MRF2022_Crystal-Palace-v-Wolves-1038x584.jpg
mrfixitstips.co.uk/wp-content/uploads/2022/10/ 62 KB
62 KB 124ms
41ms Image
image/jpeg 193.33.186.13
RACKSRV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrfixitstips.co.uk/wp-content/uploads/2022/10/MRF2022_Crystal-Palace-v-Wolves-1038x584.jpg
Requested by: Host: v1.liveisl.com
URL: http://v1.liveisl.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.33.186.13 , United Kingdom, ASN52148 (RACKSRV, GB),
Reverse DNS: web1.gambla.co.uk
Software: nginx /
Resource Hash: 7afdaea61634105c70e981c756567fc04351851dc3d6838bdde06e2c49981d65

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.liveisl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Tue, 18 Oct 2022 18:27:21 GMT
referrer-policy
last-modified: Sun, 16 Oct 2022 10:19:10 GMT
server: nginx
etag: "f898-5eb24309664fa"
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 63640
expires: Sat, 17 Dec 2022 18:27:21 GMT

GET
H2 200 atletico-madrid-vs-rayo-vallecano.jpg
laligaexpert.com/wp-content/uploads/2021/12/ 70 KB
50 KB 70ms
29ms Image
image/jpeg 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://laligaexpert.com/wp-content/uploads/2021/12/atletico-madrid-vs-rayo-vallecano.jpg
Requested by: Host: v1.liveisl.com
URL: http://v1.liveisl.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ea18c3a5e32aa1c7d32dfbcb23ca8bda53abdc5725f493722eef442be359dd21

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.liveisl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:21 UTC
content-encoding: br
display: staticcontent_sol
x-ezoic-cdn: Hit ds;mm;d44c2c61ba8dd54c352cdedd101a7568;2-180181-7;01224a97-a53d-49c5-484a-250083d6ab05
x-middleton-display: staticcontent_sol
x-httpd-modphp: 1
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
response: 200
last-modified: Tue, 18 Oct 2022 14:07:36 GMT
server: nginx
etag: "1198e-5e1fb6cec0000-gzip"
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
content-type: image/jpeg
cache-control: public, max-age=2592000
x-proxy-cache: HIT

GET
H2 200 16x9.jpg
s.secure.espncdn.com/stitcher/artwork/ 181 KB
182 KB 676ms
361ms Image
image/jpeg 2a02:26f0:3500:16::215:148d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.secure.espncdn.com/stitcher/artwork/16x9.jpg?height=720&width=1280&source=https://artwork.espncdn.com/events/401454251/16x9/1280x720_20221006230955.jpg&cb=12&templateId=espn.core.dtc.large.16x9.1&showBadge=true&package=ESPN_PLUS
Requested by: Host: v1.liveisl.com
URL: http://v1.liveisl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 64ee894d9ca27339849c299d8da9f2fd77008e69ae62f64385ffb49ea8311bc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.liveisl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 18 Oct 2022 18:27:22 GMT
cache-control: max-age=10601
accept-ranges: bytes
content-length: 185353
edge-cache-key: artwork-16x9
content-type: image/jpeg

GET
H2 200 La-Liga-Shaft-1-1024x576.png
static.shaftscore.com/wp-content/uploads/2022/10/ 501 KB
502 KB 73ms
17ms Image
image/png 2600:9000:2250:4800:0:a8f6:f880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.shaftscore.com/wp-content/uploads/2022/10/La-Liga-Shaft-1-1024x576.png
Requested by: Host: v1.liveisl.com
URL: http://v1.liveisl.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:4800:0:a8f6:f880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1501c2356ed979a478b1724cb8609d6e791a9ab3f69ea1f7d43d9998cd9fca96

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.liveisl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 03:58:47 GMT
x-amz-version-id: null
via: 1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront)
last-modified: Tue, 18 Oct 2022 03:04:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 52115
etag: "9064082c4fa31ef7986268c3e7078b5d"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 512933
x-amz-cf-id: 1sgiVMEbFbzj_DHHqkMC3eyh5zNxu0NrEkdjSoyjTL6Uev_1ZJ7Dng==

GET
H/1.1 200
OK cookienotice.js Show response
v1.liveisl.com/js/ 6 KB
3 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:827::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://v1.liveisl.com/js/cookienotice.js

Requested by

Host: v1.liveisl.com
URL: http://v1.liveisl.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:827::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.liveisl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 18:31:00 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 86181
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 2026
X-XSS-Protection: 0
Last-Modified: Mon, 17 Oct 2022 16:59:08 GMT
Server: sffe
Vary: Accept-Encoding
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Type: text/javascript
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Expires: Mon, 24 Oct 2022 18:31:00 GMT

GET
H3 200 1583485740-widgets.js Show response
www.blogger.com/static/v1/widgets/ 154 KB
56 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:831::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/1583485740-widgets.js

Requested by

Host: v1.liveisl.com
URL: http://v1.liveisl.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37512059e7516519ceed7ba00ca5d7523cc5d15ca922435b692ac3678bad5496

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.liveisl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 08:29:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35867
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56805
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 06:52:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Wed, 18 Oct 2023 08:29:34 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128386009-14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.liveisl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 18 Oct 2022 17:15:57 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4284
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 18 Oct 2022 19:15:57 GMT

GET
H2 204 5452820 Show response
oaphoace.net/401/ 0
357 B 56ms
14ms Script
text/plain 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://oaphoace.net/401/5452820

Requested by

Host: v1.liveisl.com
URL: http://v1.liveisl.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.liveisl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-trace-id: 7c79b4cd6a691839b78ae5246baeee88
pragma: no-cache
date: Tue, 18 Oct 2022 18:27:21 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H3

200

css
fonts.googleapis.com/
Redirect Chain

http://fonts.googleapis.com/css?family=Montserrat:200,300,400,500,600,700,800,900|Roboto:300,400,500,700,900
https://fonts.googleapis.com/css?family=Montserrat:200,300,400,500,600,700,800,900|Roboto:300,400,500,700,900

22 KB
1 KB

23ms
23ms

Stylesheet
text/css

2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:200,300,400,500,600,700,800,900|Roboto:300,400,500,700,900

Requested by

Host: v1.liveisl.com
URL: http://v1.liveisl.com/

Protocol

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

844829ead970ef4bc2d2bbf57fdb51755fc2a9794feeb52068563fcce6786f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.liveisl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Oct 2022 18:27:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 18:18:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Oct 2022 18:27:21 GMT

Redirect headers

Location: https://fonts.googleapis.com/css?family=Montserrat:200,300,400,500,600,700,800,900|Roboto:300,400,500,700,900
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2

200

font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/
Redirect Chain

http://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

30 KB
7 KB

49ms
25ms

Stylesheet
text/css

2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: v1.liveisl.com
URL: http://v1.liveisl.com/

Protocol

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.liveisl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 723
age: 23343314
cdn-cachedat: 11/15/2021 21:49:00
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 8b677d48aa464c28c0815c97adbbe174
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 75c353dc6d099b21-FRA
cdn-requestpullsuccess: True

Redirect headers

Location: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 114ms
112ms Stylesheet
text/css 2a00:1450:4001:831::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=108396564623544663&zx=c6fd2049-273a-4573-b0c9-bc8e7225dcbf

Requested by

Host: v1.liveisl.com
URL: http://v1.liveisl.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.liveisl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Tue, 18 Oct 2022 18:27:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 Oct 2022 18:27:21 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.js Show response
m9m6e2w5.stackpathcdn.com/v2/d1d50b0d/ 148 KB
41 KB 1401ms
1399ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://m9m6e2w5.stackpathcdn.com/v2/d1d50b0d/main.js
Requested by: Host: cdn.shareaholic.net
URL: https://cdn.shareaholic.net/assets/pub/shareaholic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 0419e69120a1482daf1f15c02e3f33243fdb086d90cbb69d3bab8aa4de064056

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.liveisl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:21 GMT
content-encoding: gzip
last-modified: Mon, 03 Oct 2022 22:06:50 GMT
server: nginx
x-amz-request-id: K87QD2K8DXHZWH5P
etag: "cdf3dea93c7b2a9f7a21e20e85edc782"
x-hw: 1666117641.cds012.fr8.hn,1666117641.cds228.fr8.c
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-hello-human: Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges: bytes
content-length: 41827
x-amz-id-2: GTUlIra7KWNBKe1Yl5neNCwH6a9gfP8X2Uu3AKXKMFbKc0/VLejwjV/nMHwRHok7L7gVAFqKONU=

GET
H/1.1 404
Not Found embed.html
111.90.158.152/smarg/ Frame B6F4 0
0 378ms
189ms Document
text/html 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152/smarg/embed.html?proto=dash
Requested by: Host: v1.liveisl.com
URL: http://v1.liveisl.com/
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer: http://v1.liveisl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 18 Oct 2022 18:31:54 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

GET
H3 200 Fh4uPib9Iyv2ucM6pGQMWimMp004La2Cfw.woff2
fonts.gstatic.com/s/permanentmarker/v16/ 29 KB
29 KB 18ms
17ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/permanentmarker/v16/Fh4uPib9Iyv2ucM6pGQMWimMp004La2Cfw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Permanent+Marker

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4884fec2c73aa52a2461073c1b87d1ceb80f400520391b43f97ca7d3c39eeb24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://v1.liveisl.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 23:25:31 GMT
x-content-type-options: nosniff
age: 586910
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29564
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 17:55:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Oct 2023 23:25:31 GMT

GET
H/1.1 404
Not Found embed.html
111.90.158.152/smarg/ Frame FDC7 0
0 343ms
169ms Document
text/html 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152/smarg/embed.html?proto=dash
Requested by: Host: v1.liveisl.com
URL: http://v1.liveisl.com/
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer: http://v1.liveisl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 18 Oct 2022 18:31:54 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

GET
H/1.1 200
OK embed.html
111.90.158.152/mocitsarkalaif/ Frame 9B16 0
0 370ms
183ms Document
text/html 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
Requested by: Host: v1.liveisl.com
URL: http://v1.liveisl.com/
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash

Request headers

Referer: http://v1.liveisl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 775
Content-Type: text/html
Date: Tue, 18 Oct 2022 18:31:53 GMT
Server: Streamer 22.10
X-Route-Time: 438
X-Run-Time: 107
X-Sid: 634eebd9-d584-42e6-a67a-4bb6ebf708cd

GET embed.html
111.90.158.152/mocitsarkalaif/ Frame C7B0 0
0

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:200,300,400,500,600,700,800,900|Roboto:300,400,500,700,900

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://v1.liveisl.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 13:14:53 GMT
x-content-type-options: nosniff
age: 364348
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Oct 2023 13:14:53 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 17ms
16ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:200,300,400,500,600,700,800,900|Roboto:300,400,500,700,900

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://v1.liveisl.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 05:09:29 GMT
x-content-type-options: nosniff
age: 393472
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Oct 2023 05:09:29 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/ 353 KB
116 KB 64ms
64ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8695615805843515&plah=v1.liveisl.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

910383f79555d6f0da5769a690b82e7d6b04de4cf323c7c3094c9c4c686869b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.liveisl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118722
x-xss-protection: 0
server: cafe
etag: 5793516209781536029
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 18:27:21 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221013/r20190131/ Frame 9E85 10 KB
4 KB 19ms
14ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221013/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://v1.liveisl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 83689
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 19:12:32 GMT
etag: 9671129459699598864
expires: Mon, 31 Oct 2022 19:12:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 153ms
16ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: http://v1.liveisl.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 752
age: 5471
cdn-cachedat: 08/17/2022 18:20:14
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: d16fe7d6545c99772968ec49ac391fb9
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 75c353de0df09010-FRA
cdn-requestpullsuccess: True

GET embed.html
111.90.158.152/mlaliga/ Frame E2B6 0
0

GET embed.html
111.90.158.152/mlaliga/ Frame 0FC5 0
0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 21ms
20ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=155027656&t=pageview&_s=1&dl=http%3A%2F%2Fv1.liveisl.com%2F&dr=http%3A%2F%2Fv3.fullhdmatch.live%2F&ul=en-us&de=UTF-8&dt=LiveISL.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1009302421&gjid=377845063&cid=474046002.1666117642&tid=UA-128386009-14&_gid=1902646774.1666117642&_r=1&gtm=2ouah0&z=292601280

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://v1.liveisl.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:27:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://v1.liveisl.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

embed.html
e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/ Frame 8E94
Redirect Chain

https://0wsr11478c3h1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash
https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash

0
0

GET
H3 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 266ms
266ms Stylesheet
text/css 2a00:1450:4001:831::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=108396564623544663&zx=c6fd2049-273a-4573-b0c9-bc8e7225dcbf

Requested by

Host: v1.liveisl.com
URL: http://v1.liveisl.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.liveisl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Tue, 18 Oct 2022 18:27:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 Oct 2022 18:27:22 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 48ms
47ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://v1.liveisl.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET

embed.html
e2.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/ Frame CE6A
Redirect Chain

https://0wsr11478c3h1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash
https://e2.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash

0
0

GET
H/1.1 404
Not Found embed.html Show response
111.90.158.152/smarg/ Frame 00E8 564 B
392 B 166ms
166ms Document
text/html 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152/smarg/embed.html?proto=dash
Requested by: Host: v1.liveisl.com
URL: http://v1.liveisl.com/
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f

Request headers

Referer: http://v1.liveisl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 18 Oct 2022 18:31:54 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

GET
H/1.1 404
Not Found embed.html Show response
111.90.158.152/smarg/ Frame 77D7 564 B
392 B 189ms
188ms Document
text/html 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152/smarg/embed.html?proto=dash
Requested by: Host: v1.liveisl.com
URL: http://v1.liveisl.com/
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f

Request headers

Referer: http://v1.liveisl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 18 Oct 2022 18:31:54 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

GET
H/1.1 200
OK embed.html Show response
111.90.158.152/mocitsarkalaif/ Frame 407C 2 KB
1 KB 167ms
167ms Document
text/html 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
Requested by: Host: v1.liveisl.com
URL: http://v1.liveisl.com/
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: e0c0df92b5a53316fd9a0fd3798e0baf4bf144686012112844a1e63cfde47d87

Request headers

Referer: http://v1.liveisl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 775
Content-Type: text/html
Date: Tue, 18 Oct 2022 18:31:53 GMT
Server: Streamer 22.10
X-Route-Time: 185
X-Run-Time: 150
X-Sid: 634eebd9-d584-42e6-a67a-4bb6ebf708cd

GET
H/1.1 200
OK embed.html Show response
111.90.158.152/mocitsarkalaif/ Frame 7E82 2 KB
1 KB 171ms
171ms Document
text/html 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
Requested by: Host: v1.liveisl.com
URL: http://v1.liveisl.com/
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: e0c0df92b5a53316fd9a0fd3798e0baf4bf144686012112844a1e63cfde47d87

Request headers

Referer: http://v1.liveisl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 775
Content-Type: text/html
Date: Tue, 18 Oct 2022 18:31:53 GMT
Server: Streamer 22.10
X-Route-Time: 142
X-Run-Time: 68
X-Sid: 634eebd9-d584-42e6-a67a-4bb6ebf708cd

GET
H/1.1 200
OK embed.html Show response
111.90.158.152/mlaliga/ Frame C648 2 KB
1 KB 203ms
191ms Document
text/html 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/mlaliga/embed.html
Requested by: Host: v1.liveisl.com
URL: http://v1.liveisl.com/
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: 19a0f9d58966dfd0f7f58de135c7d4f3463f8fd3f083f17b524e464a56c8b228

Request headers

Referer: http://v1.liveisl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 770
Content-Type: text/html
Date: Tue, 18 Oct 2022 18:31:53 GMT
Server: Streamer 22.10
X-Route-Time: 394
X-Run-Time: 126
X-Sid: 634eebd9-a4fd-4b21-bc0a-8e6c15a1c728

GET
H/1.1 200
OK embed.html Show response
111.90.158.152/mlaliga/ Frame C265 2 KB
1 KB 328ms
166ms Document
text/html 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/mlaliga/embed.html
Requested by: Host: v1.liveisl.com
URL: http://v1.liveisl.com/
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: 19a0f9d58966dfd0f7f58de135c7d4f3463f8fd3f083f17b524e464a56c8b228

Request headers

Referer: http://v1.liveisl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 770
Content-Type: text/html
Date: Tue, 18 Oct 2022 18:31:53 GMT
Server: Streamer 22.10
X-Route-Time: 94
X-Run-Time: 108
X-Sid: 634eebd9-a4fd-4b21-bc0a-8e6c15a1c728

GET
H/1.1

200
OK

embed.html Show response
e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/ Frame 2E4D
Redirect Chain

https://0wsr11478c3h1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash
https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash

2 KB
1 KB

266ms
133ms

Document
text/html

89.104.117.213
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash
Requested by: Host: v1.liveisl.com
URL: http://v1.liveisl.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.104.117.213 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software: Streamer 22.08.1 /
Resource Hash: 5ef56de4bc30f0d947aae0e49ab0d007b8f693da48810d86a481750a9e7c1c3c

Request headers

Referer: http://v1.liveisl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 787
Content-Type: text/html
Date: Tue, 18 Oct 2022 18:27:21 GMT
Server: Streamer 22.08.1
X-Route-Time: 87781
X-Run-Time: 531
X-Sid: 634ef00a-7d90-49b6-867d-5ff2b5901c3f

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: *
content-length: 0
date: Tue, 18 Oct 2022 18:27:22 GMT
location: https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash
strict-transport-security: max-age=15724800; includeSubDomains
x-duration: 0.001392364501953125
x-request-id: 4683f5ce-8829-40a6-bc1d-9c4ab54de642

GET

embed.html
e2.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/ Frame 1945
Redirect Chain

https://0wsr11478c3h1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash
https://e2.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash

0
0

GET
H/1.1 200
OK default Show response
v1.liveisl.com/feeds/posts/ 40 KB
4 KB 164ms
164ms XHR
text/javascript 2a00:1450:4001:827::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://v1.liveisl.com/feeds/posts/default?alt=json-in-script&max-results=20&callback=jQuery213036820288402682144_1666117641605&_=1666117641606

Requested by

Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:827::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

c2b47320adc1e427a1234366a38883d8de08b950cb428b06f21ef2d040bb3311

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: http://v1.liveisl.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:27:22 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 18 Oct 2022 17:50:23 GMT
Server: blogger-renderd
ETag: W/"a9538fa3c4baed850800c7cca289028ef78c9edd75c3ef7e9320618603202997"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 3963
X-XSS-Protection: 0
Expires: Tue, 18 Oct 2022 18:27:23 GMT

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
274 B 65ms
27ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=v1.liveisl.com&callback=_gfp_s_&client=ca-pub-8695615805843515&gpid_exp=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

925a568589e442d18b799561988bfdf08dbe884bfd69e39897e5c4ddcb0607f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.liveisl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 252
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 23ms
22ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=v1.liveisl.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.liveisl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 24ms
23ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=v1.liveisl.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.liveisl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 56ms
55ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Fv1.liveisl.com%2F&tn=DIV&id=cookieChoiceInfo&cls=cookie-choices-info%20singleton-element&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: v1.liveisl.com
URL: http://v1.liveisl.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.liveisl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:27:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8733 247 KB
58 KB 742ms
739ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&adk=1812271804&adf=3025194257&lmt=1666115423&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fv1.liveisl.com%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&dt=1666117641737&bpp=4&bdt=233&idt=427&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4620595806669&frm=20&pv=2&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=452

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b9a3ca1e0816b7a7784e64450326bfe04a45e79adb9f929aeff3614d772b72e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://v1.liveisl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 59386
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 18:27:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D506 89 KB
31 KB 796ms
795ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=280&slotname=6901856940&adk=1857815128&adf=1354072737&pi=t.ma~as.6901856940&w=1070&fwrn=4&fwrnh=100&lmt=1666115423&rafmt=1&format=1070x280&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1666117641741&bpp=3&bdt=237&idt=461&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=265&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=v4Z6UraZ3h&p=http%3A//v1.liveisl.com&dtd=472

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11cd2251996b8968ef201f62407e3cbac497c7fda5735a436c2370d3a1d15d71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://v1.liveisl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 32063
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 18:27:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3C13 64 KB
12 KB 463ms
461ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=600&slotname=2717681267&adk=1225042227&adf=786590329&pi=t.ma~as.2717681267&w=300&lmt=1666115423&format=300x600&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1666117641981&bpp=2&bdt=477&idt=249&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1070x280&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenpoEr%7C&abl=CS&pfx=0&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Lbm8MIT28l&p=http%3A//v1.liveisl.com&dtd=278

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0fd985047ffa195756e1bd689a684c2df83baac1022ac7be2fd8fa037515cb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://v1.liveisl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-expose-headers: x-google-amp-ad-validated-version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 11890
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 18:27:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0255 100 KB
34 KB 445ms
444ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=600&slotname=4361688005&adk=1347955886&adf=1655106637&pi=t.ma~as.4361688005&w=300&lmt=1666115423&format=300x600&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1666117641984&bpp=1&bdt=479&idt=281&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1070x280%2C300x600&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenpoEr%7C&abl=CS&pfx=0&cms=1&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&xpc=YPPXtNXYME&p=http%3A//v1.liveisl.com&dtd=285

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7b77ae7942b4f4f954aae414f69551d6ffbb256552f0cc6169f26acea9352cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://v1.liveisl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 34622
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 18:27:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK main.b52cd07e8ae9526c861a.css
111.90.158.152/flu/player/ Frame 407C 6 KB
6 KB 188ms
188ms Stylesheet
text/css 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/flu/player/main.b52cd07e8ae9526c861a.css
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: 9477b0eabcf7c7f172e669724aabb59ab4560a0c38b3285bef9565375e5b0340

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:53 GMT
Last-Modified: Sun, 25 Sep 2022 08:13:48 GMT
Server: Streamer 22.10
Etag: 379e5bd2fc45559235269c31dba4271dc3a41a64
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 5648

GET
H/1.1 200
OK core-js.b52cd07e8ae9526c861a.js Show response
111.90.158.152/flu/player/ Frame 407C 71 KB
25 KB 176ms
174ms Script
application/javascript 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/flu/player/core-js.b52cd07e8ae9526c861a.js
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: a4bde84b13036b0ad7990f9c01c125afb0739602543fd297be1bc1fd93c5e42b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:53 GMT
Content-Encoding: gzip
Last-Modified: Sun, 25 Sep 2022 08:13:48 GMT
Server: Streamer 22.10
Etag: 5a7dfdb5e2509ae8f30d43ac4ca6f88801d0d679
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 24901

GET
H/1.1 200
OK sentry.b52cd07e8ae9526c861a.js Show response
111.90.158.152/flu/player/ Frame 407C 77 KB
23 KB 176ms
174ms Script
application/javascript 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/flu/player/sentry.b52cd07e8ae9526c861a.js
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: 954feaac3e4d250adaa4bff3627232864e0adbbd335a3acb429f52d08d5a4c66

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:53 GMT
Content-Encoding: gzip
Last-Modified: Sun, 25 Sep 2022 08:13:48 GMT
Server: Streamer 22.10
Etag: bf2ee16b7a48a31f16f748c9b67d3073c9178912
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 23068

GET
H/1.1 200
OK panzoom.b52cd07e8ae9526c861a.js Show response
111.90.158.152/flu/player/ Frame 407C 11 KB
5 KB 184ms
183ms Script
application/javascript 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/flu/player/panzoom.b52cd07e8ae9526c861a.js
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: 8675f1eb8a8978acc4c76b7ff445871ed2ef295f2461827ac61a9d448d02772f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:53 GMT
Content-Encoding: gzip
Last-Modified: Sun, 25 Sep 2022 08:13:48 GMT
Server: Streamer 22.10
Etag: 50f9af6077c08ffb8a69e4adeae224d189e850de
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 4490

GET
H/1.1 200
OK clappr.b52cd07e8ae9526c861a.js Show response
111.90.158.152/flu/player/ Frame 407C 611 KB
164 KB 396ms
208ms Script
application/javascript 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/flu/player/clappr.b52cd07e8ae9526c861a.js
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: 39fec21f2b95d865e125ffeeb13a6cdd2a061737c9fac5e165ee2f5f5d77becd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:54 GMT
Content-Encoding: gzip
Last-Modified: Sun, 25 Sep 2022 08:13:48 GMT
Server: Streamer 22.10
Etag: 4d290f75ee840c0377ee73b03bd011b841b52e79
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 167737

GET
H/1.1 200
OK flussonic.b52cd07e8ae9526c861a.js Show response
111.90.158.152/flu/player/ Frame 407C 68 KB
20 KB 459ms
168ms Script
application/javascript 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/flu/player/flussonic.b52cd07e8ae9526c861a.js
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: 3e37dde1511f709d545a811b6deafab9f231592a3f98d2a9d2eee94e3f8214e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:54 GMT
Content-Encoding: gzip
Last-Modified: Sun, 25 Sep 2022 08:13:48 GMT
Server: Streamer 22.10
Etag: 14ca6fa805b28e355b44c54888f183d00cb63fff
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 19578

GET
H/1.1 200
OK shaka-player.b52cd07e8ae9526c861a.js Show response
111.90.158.152/flu/player/ Frame 407C 367 KB
119 KB 508ms
179ms Script
application/javascript 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/flu/player/shaka-player.b52cd07e8ae9526c861a.js
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: 2ad4fac75b3a44d5f39df03e2ba742123e4922702737065c973a7b5f00099951

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:54 GMT
Content-Encoding: gzip
Last-Modified: Sun, 25 Sep 2022 08:13:48 GMT
Server: Streamer 22.10
Etag: aa279fdb35d7296f02e3b0216350e603d5f0c8d2
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 120958

GET
H/1.1 200
OK main.b52cd07e8ae9526c861a.js Show response
111.90.158.152/flu/player/ Frame 407C 538 KB
148 KB 536ms
189ms Script
application/javascript 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/flu/player/main.b52cd07e8ae9526c861a.js
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: b33af96afa6fdad71f651f1168fa09ffd8406518d9b64eda37c08905c32c967f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:54 GMT
Content-Encoding: gzip
Last-Modified: Sun, 25 Sep 2022 08:13:48 GMT
Server: Streamer 22.10
Etag: 65bfbb7ebdaa884ab12b81cbddb8fb7ddce46651
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 151213

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 36E2 87 KB
31 KB 413ms
410ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=250&slotname=1735524661&adk=2414387011&adf=2333964761&pi=t.ma~as.1735524661&w=300&lmt=1666115423&format=300x250&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1666117641985&bpp=1&bdt=480&idt=323&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1070x280%2C300x600%2C300x600&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenpoEr%7C&abl=CS&pfx=0&fu=32768&bc=23&ifi=5&uci=a!5&fsb=1&xpc=tXXvPppXDk&p=http%3A//v1.liveisl.com&dtd=326

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93105cd34643124ed3c75950288c7a349d91f46ff7f2022c04c3fc3d0163fed1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://v1.liveisl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 32155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 18:27:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK main.b52cd07e8ae9526c861a.css
111.90.158.152/flu/player/ Frame 7E82 6 KB
6 KB 275ms
168ms Stylesheet
text/css 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/flu/player/main.b52cd07e8ae9526c861a.css
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: 9477b0eabcf7c7f172e669724aabb59ab4560a0c38b3285bef9565375e5b0340

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:54 GMT
Last-Modified: Sun, 25 Sep 2022 08:13:48 GMT
Server: Streamer 22.10
Etag: 379e5bd2fc45559235269c31dba4271dc3a41a64
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 5648

GET
H/1.1 200
OK core-js.b52cd07e8ae9526c861a.js Show response
111.90.158.152/flu/player/ Frame 7E82 71 KB
25 KB 501ms
174ms Script
application/javascript 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/flu/player/core-js.b52cd07e8ae9526c861a.js
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: a4bde84b13036b0ad7990f9c01c125afb0739602543fd297be1bc1fd93c5e42b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:54 GMT
Content-Encoding: gzip
Last-Modified: Sun, 25 Sep 2022 08:13:48 GMT
Server: Streamer 22.10
Etag: 5a7dfdb5e2509ae8f30d43ac4ca6f88801d0d679
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 24901

GET
H/1.1 200
OK sentry.b52cd07e8ae9526c861a.js Show response
111.90.158.152/flu/player/ Frame 7E82 77 KB
23 KB 531ms
185ms Script
application/javascript 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/flu/player/sentry.b52cd07e8ae9526c861a.js
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: 954feaac3e4d250adaa4bff3627232864e0adbbd335a3acb429f52d08d5a4c66

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:54 GMT
Content-Encoding: gzip
Last-Modified: Sun, 25 Sep 2022 08:13:48 GMT
Server: Streamer 22.10
Etag: bf2ee16b7a48a31f16f748c9b67d3073c9178912
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 23068

GET
H/1.1 200
OK panzoom.b52cd07e8ae9526c861a.js Show response
111.90.158.152/flu/player/ Frame 7E82 11 KB
5 KB 674ms
172ms Script
application/javascript 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/flu/player/panzoom.b52cd07e8ae9526c861a.js
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: 8675f1eb8a8978acc4c76b7ff445871ed2ef295f2461827ac61a9d448d02772f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:54 GMT
Content-Encoding: gzip
Last-Modified: Sun, 25 Sep 2022 08:13:48 GMT
Server: Streamer 22.10
Etag: 50f9af6077c08ffb8a69e4adeae224d189e850de
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 4490

GET
H/1.1 200
OK clappr.b52cd07e8ae9526c861a.js Show response
111.90.158.152/flu/player/ Frame 7E82 611 KB
164 KB 790ms
186ms Script
application/javascript 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/flu/player/clappr.b52cd07e8ae9526c861a.js
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: 39fec21f2b95d865e125ffeeb13a6cdd2a061737c9fac5e165ee2f5f5d77becd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:54 GMT
Content-Encoding: gzip
Last-Modified: Sun, 25 Sep 2022 08:13:48 GMT
Server: Streamer 22.10
Etag: 4d290f75ee840c0377ee73b03bd011b841b52e79
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 167737

GET
H/1.1 200
OK flussonic.b52cd07e8ae9526c861a.js Show response
111.90.158.152/flu/player/ Frame 7E82 68 KB
20 KB 848ms
173ms Script
application/javascript 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/flu/player/flussonic.b52cd07e8ae9526c861a.js
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: 3e37dde1511f709d545a811b6deafab9f231592a3f98d2a9d2eee94e3f8214e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:54 GMT
Content-Encoding: gzip
Last-Modified: Sun, 25 Sep 2022 08:13:48 GMT
Server: Streamer 22.10
Etag: 14ca6fa805b28e355b44c54888f183d00cb63fff
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 19578

GET
H/1.1 200
OK shaka-player.b52cd07e8ae9526c861a.js Show response
111.90.158.152/flu/player/ Frame 7E82 367 KB
119 KB 912ms
199ms Script
application/javascript 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/flu/player/shaka-player.b52cd07e8ae9526c861a.js
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: 2ad4fac75b3a44d5f39df03e2ba742123e4922702737065c973a7b5f00099951

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:54 GMT
Content-Encoding: gzip
Last-Modified: Sun, 25 Sep 2022 08:13:48 GMT
Server: Streamer 22.10
Etag: aa279fdb35d7296f02e3b0216350e603d5f0c8d2
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 120958

GET
H/1.1 200
OK main.b52cd07e8ae9526c861a.js Show response
111.90.158.152/flu/player/ Frame 7E82 538 KB
148 KB 1039ms
191ms Script
application/javascript 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/flu/player/main.b52cd07e8ae9526c861a.js
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: b33af96afa6fdad71f651f1168fa09ffd8406518d9b64eda37c08905c32c967f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:54 GMT
Content-Encoding: gzip
Last-Modified: Sun, 25 Sep 2022 08:13:48 GMT
Server: Streamer 22.10
Etag: 65bfbb7ebdaa884ab12b81cbddb8fb7ddce46651
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 151213

GET
H/1.1 200
OK main.b52cd07e8ae9526c861a.css
111.90.158.152/flu/player/ Frame C648 6 KB
6 KB 289ms
164ms Stylesheet
text/css 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/flu/player/main.b52cd07e8ae9526c861a.css
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/mlaliga/embed.html
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: 9477b0eabcf7c7f172e669724aabb59ab4560a0c38b3285bef9565375e5b0340

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mlaliga/embed.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:54 GMT
Last-Modified: Sun, 25 Sep 2022 08:13:48 GMT
Server: Streamer 22.10
Etag: 379e5bd2fc45559235269c31dba4271dc3a41a64
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 5648

GET
H/1.1 200
OK core-js.b52cd07e8ae9526c861a.js Show response
111.90.158.152/flu/player/ Frame C648 71 KB
25 KB 1014ms
175ms Script
application/javascript 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/flu/player/core-js.b52cd07e8ae9526c861a.js
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/mlaliga/embed.html
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: a4bde84b13036b0ad7990f9c01c125afb0739602543fd297be1bc1fd93c5e42b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mlaliga/embed.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:54 GMT
Content-Encoding: gzip
Last-Modified: Sun, 25 Sep 2022 08:13:48 GMT
Server: Streamer 22.10
Etag: 5a7dfdb5e2509ae8f30d43ac4ca6f88801d0d679
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 24901

GET
H/1.1 200
OK sentry.b52cd07e8ae9526c861a.js Show response
111.90.158.152/flu/player/ Frame C648 77 KB
23 KB 1127ms
167ms Script
application/javascript 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/flu/player/sentry.b52cd07e8ae9526c861a.js
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/mlaliga/embed.html
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: 954feaac3e4d250adaa4bff3627232864e0adbbd335a3acb429f52d08d5a4c66

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mlaliga/embed.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:54 GMT
Content-Encoding: gzip
Last-Modified: Sun, 25 Sep 2022 08:13:48 GMT
Server: Streamer 22.10
Etag: bf2ee16b7a48a31f16f748c9b67d3073c9178912
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 23068

GET
H/1.1 200
OK panzoom.b52cd07e8ae9526c861a.js Show response
111.90.158.152/flu/player/ Frame C648 11 KB
5 KB 1186ms
172ms Script
application/javascript 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/flu/player/panzoom.b52cd07e8ae9526c861a.js
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/mlaliga/embed.html
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: 8675f1eb8a8978acc4c76b7ff445871ed2ef295f2461827ac61a9d448d02772f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mlaliga/embed.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:54 GMT
Content-Encoding: gzip
Last-Modified: Sun, 25 Sep 2022 08:13:48 GMT
Server: Streamer 22.10
Etag: 50f9af6077c08ffb8a69e4adeae224d189e850de
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 4490

GET
H/1.1 200
OK clappr.b52cd07e8ae9526c861a.js Show response
111.90.158.152/flu/player/ Frame C648 611 KB
164 KB 1290ms
187ms Script
application/javascript 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/flu/player/clappr.b52cd07e8ae9526c861a.js
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/mlaliga/embed.html
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: 39fec21f2b95d865e125ffeeb13a6cdd2a061737c9fac5e165ee2f5f5d77becd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mlaliga/embed.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:55 GMT
Content-Encoding: gzip
Last-Modified: Sun, 25 Sep 2022 08:13:48 GMT
Server: Streamer 22.10
Etag: 4d290f75ee840c0377ee73b03bd011b841b52e79
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 167737

GET
H/1.1 200
OK flussonic.b52cd07e8ae9526c861a.js Show response
111.90.158.152/flu/player/ Frame C648 68 KB
20 KB 1303ms
195ms Script
application/javascript 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/flu/player/flussonic.b52cd07e8ae9526c861a.js
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/mlaliga/embed.html
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: 3e37dde1511f709d545a811b6deafab9f231592a3f98d2a9d2eee94e3f8214e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mlaliga/embed.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:55 GMT
Content-Encoding: gzip
Last-Modified: Sun, 25 Sep 2022 08:13:48 GMT
Server: Streamer 22.10
Etag: 14ca6fa805b28e355b44c54888f183d00cb63fff
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 19578

GET
H/1.1 200
OK shaka-player.b52cd07e8ae9526c861a.js Show response
111.90.158.152/flu/player/ Frame C648 367 KB
119 KB 1306ms
179ms Script
application/javascript 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/flu/player/shaka-player.b52cd07e8ae9526c861a.js
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/mlaliga/embed.html
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: 2ad4fac75b3a44d5f39df03e2ba742123e4922702737065c973a7b5f00099951

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mlaliga/embed.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:55 GMT
Content-Encoding: gzip
Last-Modified: Sun, 25 Sep 2022 08:13:48 GMT
Server: Streamer 22.10
Etag: aa279fdb35d7296f02e3b0216350e603d5f0c8d2
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 120958

GET
H/1.1 200
OK main.b52cd07e8ae9526c861a.js Show response
111.90.158.152/flu/player/ Frame C648 538 KB
148 KB 1378ms
192ms Script
application/javascript 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/flu/player/main.b52cd07e8ae9526c861a.js
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/mlaliga/embed.html
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: b33af96afa6fdad71f651f1168fa09ffd8406518d9b64eda37c08905c32c967f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mlaliga/embed.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:55 GMT
Content-Encoding: gzip
Last-Modified: Sun, 25 Sep 2022 08:13:48 GMT
Server: Streamer 22.10
Etag: 65bfbb7ebdaa884ab12b81cbddb8fb7ddce46651
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 151213

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 25ms
24ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=v1.liveisl.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.liveisl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 22ms
22ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=v1.liveisl.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.liveisl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3E29 89 KB
32 KB 400ms
392ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=280&slotname=6901856940&adk=337926735&adf=4219446632&pi=t.ma~as.6901856940&w=1200&fwrn=4&fwrnh=100&lmt=1666115423&rafmt=1&format=1200x280&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1666117642068&bpp=1&bdt=564&idt=283&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D15f31edc2a33f86c-22fc8a0b4ace00d9%3AT%3D1666117642%3ART%3D1666117642%3AS%3DALNI_MZfqHSQJ58OqsnJ4ejm0I5AGpDzyw&gpic=UID%3D00000b74cd3c6003%3AT%3D1666117642%3ART%3D1666117642%3AS%3DALNI_MZvS0hdo7qNRUbT-yyvxHt5KZPLTA&prev_fmts=0x0%2C1070x280%2C300x600%2C300x600%2C300x250&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=991&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=6&uci=a!6&fsb=1&xpc=Zml3vKDMAg&p=http%3A//v1.liveisl.com&dtd=287

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6885698d05ebbbb26ceb0e40d8f53c550a299af88adf472eb6f92163bc70a6a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://v1.liveisl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 32283
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 18:27:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK main.68f6824339b990e2d52f.css
e1.play-flussonic.cloud/flu/player/ Frame 2E4D 6 KB
6 KB 44ms
43ms Stylesheet
text/css 89.104.117.213
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://e1.play-flussonic.cloud/flu/player/main.68f6824339b990e2d52f.css
Requested by: Host: e1.play-flussonic.cloud
URL: https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.104.117.213 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software: Streamer 22.08.1 /
Resource Hash: 9477b0eabcf7c7f172e669724aabb59ab4560a0c38b3285bef9565375e5b0340

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:27:21 GMT
Last-Modified: Thu, 11 Aug 2022 07:04:12 GMT
Server: Streamer 22.08.1
Etag: 379e5bd2fc45559235269c31dba4271dc3a41a64
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 5648

GET
H/1.1 200
OK core-js.68f6824339b990e2d52f.js Show response
e1.play-flussonic.cloud/flu/player/ Frame 2E4D 71 KB
25 KB 93ms
91ms Script
application/javascript 89.104.117.213
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://e1.play-flussonic.cloud/flu/player/core-js.68f6824339b990e2d52f.js
Requested by: Host: e1.play-flussonic.cloud
URL: https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.104.117.213 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software: Streamer 22.08.1 /
Resource Hash: 6a0dbd54a68bfb0aaa038d1dbae393209d0103a5ea18648ad10537feff5ea04c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:27:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 11 Aug 2022 07:04:12 GMT
Server: Streamer 22.08.1
Etag: b967444aa70014f7d427d3f74d3e74232e38e040
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 24867

GET
H/1.1 200
OK sentry.68f6824339b990e2d52f.js Show response
e1.play-flussonic.cloud/flu/player/ Frame 2E4D 77 KB
23 KB 136ms
92ms Script
application/javascript 89.104.117.213
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://e1.play-flussonic.cloud/flu/player/sentry.68f6824339b990e2d52f.js
Requested by: Host: e1.play-flussonic.cloud
URL: https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.104.117.213 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software: Streamer 22.08.1 /
Resource Hash: dbc8918f61ba21d8ef838a3f2ef4015aa51a0b423f4b951105e6a570114320b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:27:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 11 Aug 2022 07:04:12 GMT
Server: Streamer 22.08.1
Etag: 09156e9b6c6b84791593bfbf89e2f07678b2aa7e
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 23047

GET
H/1.1 200
OK panzoom.68f6824339b990e2d52f.js Show response
e1.play-flussonic.cloud/flu/player/ Frame 2E4D 11 KB
5 KB 137ms
44ms Script
application/javascript 89.104.117.213
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://e1.play-flussonic.cloud/flu/player/panzoom.68f6824339b990e2d52f.js
Requested by: Host: e1.play-flussonic.cloud
URL: https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.104.117.213 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software: Streamer 22.08.1 /
Resource Hash: e5bff5542d70285b876724144877e77ab6107741f249f45c8526bdc946aaf438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:27:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 11 Aug 2022 07:04:12 GMT
Server: Streamer 22.08.1
Etag: 18617605a02182583bd5a8b71641ecec1f5a3dcb
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 4488

GET
H/1.1 200
OK clappr.68f6824339b990e2d52f.js Show response
e1.play-flussonic.cloud/flu/player/ Frame 2E4D 611 KB
164 KB 233ms
96ms Script
application/javascript 89.104.117.213
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://e1.play-flussonic.cloud/flu/player/clappr.68f6824339b990e2d52f.js
Requested by: Host: e1.play-flussonic.cloud
URL: https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.104.117.213 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software: Streamer 22.08.1 /
Resource Hash: d2bb5691ce2ad2dbd57eb4536f7a9bbd25a30087f9155e5cdabec008ac1bf63f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:27:22 GMT
Content-Encoding: gzip
Last-Modified: Thu, 11 Aug 2022 07:04:12 GMT
Server: Streamer 22.08.1
Etag: ff449ac3a4e8ccfdd212c0c103d2a329437ae03f
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 167737

GET
H/1.1 200
OK flussonic.68f6824339b990e2d52f.js Show response
e1.play-flussonic.cloud/flu/player/ Frame 2E4D 68 KB
20 KB 185ms
47ms Script
application/javascript 89.104.117.213
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://e1.play-flussonic.cloud/flu/player/flussonic.68f6824339b990e2d52f.js
Requested by: Host: e1.play-flussonic.cloud
URL: https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.104.117.213 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software: Streamer 22.08.1 /
Resource Hash: a78c3b18286d9ca14ef932c356a0d639e14d4feca770f166fac39c961d2d672a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:27:22 GMT
Content-Encoding: gzip
Last-Modified: Thu, 11 Aug 2022 07:04:12 GMT
Server: Streamer 22.08.1
Etag: 1b841153ce8f6164ef1d697dd4a579f57a56a322
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 19577

GET
H/1.1 200
OK shaka-player.68f6824339b990e2d52f.js Show response
e1.play-flussonic.cloud/flu/player/ Frame 2E4D 367 KB
119 KB 269ms
129ms Script
application/javascript 89.104.117.213
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://e1.play-flussonic.cloud/flu/player/shaka-player.68f6824339b990e2d52f.js
Requested by: Host: e1.play-flussonic.cloud
URL: https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.104.117.213 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software: Streamer 22.08.1 /
Resource Hash: 082a6ffc8a1ec8231cf3aafc1b270993a478b16aef6f150a78e25340ef1af029

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:27:22 GMT
Content-Encoding: gzip
Last-Modified: Thu, 11 Aug 2022 07:04:12 GMT
Server: Streamer 22.08.1
Etag: 65b9c52c8016039e68c95f9f5438e246dd026039
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 120958

GET
H/1.1 200
OK main.68f6824339b990e2d52f.js Show response
e1.play-flussonic.cloud/flu/player/ Frame 2E4D 553 KB
146 KB 291ms
149ms Script
application/javascript 89.104.117.213
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://e1.play-flussonic.cloud/flu/player/main.68f6824339b990e2d52f.js
Requested by: Host: e1.play-flussonic.cloud
URL: https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.104.117.213 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software: Streamer 22.08.1 /
Resource Hash: 2a3f7c14f930533f35166bb8eb860fb49825cc2c2489d2bab7ebb873afe5d183

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:27:22 GMT
Content-Encoding: gzip
Last-Modified: Thu, 11 Aug 2022 07:04:12 GMT
Server: Streamer 22.08.1
Etag: a9c07b1278b850c0cb199db23f7239ffec1b43c0
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 149176

GET
H/1.1 200
OK main.b52cd07e8ae9526c861a.css
111.90.158.152/flu/player/ Frame C265 6 KB
6 KB 236ms
182ms Stylesheet
text/css 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/flu/player/main.b52cd07e8ae9526c861a.css
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/mlaliga/embed.html
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: 9477b0eabcf7c7f172e669724aabb59ab4560a0c38b3285bef9565375e5b0340

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mlaliga/embed.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:54 GMT
Last-Modified: Sun, 25 Sep 2022 08:13:48 GMT
Server: Streamer 22.10
Etag: 379e5bd2fc45559235269c31dba4271dc3a41a64
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 5648

GET
H/1.1 200
OK core-js.b52cd07e8ae9526c861a.js Show response
111.90.158.152/flu/player/ Frame C265 71 KB
25 KB 1281ms
174ms Script
application/javascript 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/flu/player/core-js.b52cd07e8ae9526c861a.js
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/mlaliga/embed.html
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: a4bde84b13036b0ad7990f9c01c125afb0739602543fd297be1bc1fd93c5e42b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mlaliga/embed.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:55 GMT
Content-Encoding: gzip
Last-Modified: Sun, 25 Sep 2022 08:13:48 GMT
Server: Streamer 22.10
Etag: 5a7dfdb5e2509ae8f30d43ac4ca6f88801d0d679
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 24901

GET
H/1.1 200
OK sentry.b52cd07e8ae9526c861a.js Show response
111.90.158.152/flu/player/ Frame C265 77 KB
23 KB 1353ms
185ms Script
application/javascript 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/flu/player/sentry.b52cd07e8ae9526c861a.js
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/mlaliga/embed.html
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: 954feaac3e4d250adaa4bff3627232864e0adbbd335a3acb429f52d08d5a4c66

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mlaliga/embed.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:55 GMT
Content-Encoding: gzip
Last-Modified: Sun, 25 Sep 2022 08:13:48 GMT
Server: Streamer 22.10
Etag: bf2ee16b7a48a31f16f748c9b67d3073c9178912
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 23068

GET
H/1.1 200
OK panzoom.b52cd07e8ae9526c861a.js Show response
111.90.158.152/flu/player/ Frame C265 11 KB
5 KB 1372ms
166ms Script
application/javascript 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/flu/player/panzoom.b52cd07e8ae9526c861a.js
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/mlaliga/embed.html
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: 8675f1eb8a8978acc4c76b7ff445871ed2ef295f2461827ac61a9d448d02772f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mlaliga/embed.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:55 GMT
Content-Encoding: gzip
Last-Modified: Sun, 25 Sep 2022 08:13:48 GMT
Server: Streamer 22.10
Etag: 50f9af6077c08ffb8a69e4adeae224d189e850de
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 4490

GET
H/1.1 200
OK clappr.b52cd07e8ae9526c861a.js Show response
111.90.158.152/flu/player/ Frame C265 611 KB
164 KB 1424ms
209ms Script
application/javascript 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/flu/player/clappr.b52cd07e8ae9526c861a.js
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/mlaliga/embed.html
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: 39fec21f2b95d865e125ffeeb13a6cdd2a061737c9fac5e165ee2f5f5d77becd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mlaliga/embed.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:55 GMT
Content-Encoding: gzip
Last-Modified: Sun, 25 Sep 2022 08:13:48 GMT
Server: Streamer 22.10
Etag: 4d290f75ee840c0377ee73b03bd011b841b52e79
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 167737

GET
H/1.1 200
OK flussonic.b52cd07e8ae9526c861a.js Show response
111.90.158.152/flu/player/ Frame C265 68 KB
20 KB 1388ms
166ms Script
application/javascript 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/flu/player/flussonic.b52cd07e8ae9526c861a.js
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/mlaliga/embed.html
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: 3e37dde1511f709d545a811b6deafab9f231592a3f98d2a9d2eee94e3f8214e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mlaliga/embed.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:55 GMT
Content-Encoding: gzip
Last-Modified: Sun, 25 Sep 2022 08:13:48 GMT
Server: Streamer 22.10
Etag: 14ca6fa805b28e355b44c54888f183d00cb63fff
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 19578

GET
H/1.1 200
OK shaka-player.b52cd07e8ae9526c861a.js Show response
111.90.158.152/flu/player/ Frame C265 367 KB
119 KB 1470ms
187ms Script
application/javascript 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/flu/player/shaka-player.b52cd07e8ae9526c861a.js
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/mlaliga/embed.html
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: 2ad4fac75b3a44d5f39df03e2ba742123e4922702737065c973a7b5f00099951

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mlaliga/embed.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:55 GMT
Content-Encoding: gzip
Last-Modified: Sun, 25 Sep 2022 08:13:48 GMT
Server: Streamer 22.10
Etag: aa279fdb35d7296f02e3b0216350e603d5f0c8d2
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 120958

GET
H/1.1 200
OK main.b52cd07e8ae9526c861a.js Show response
111.90.158.152/flu/player/ Frame C265 538 KB
148 KB 1489ms
189ms Script
application/javascript 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/flu/player/main.b52cd07e8ae9526c861a.js
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/mlaliga/embed.html
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: b33af96afa6fdad71f651f1168fa09ffd8406518d9b64eda37c08905c32c967f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mlaliga/embed.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:55 GMT
Content-Encoding: gzip
Last-Modified: Sun, 25 Sep 2022 08:13:48 GMT
Server: Streamer 22.10
Etag: 65bfbb7ebdaa884ab12b81cbddb8fb7ddce46651
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 151213

GET
H3 200 css
fonts.googleapis.com/ Frame 0255 8 KB
895 B 25ms
25ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=600&slotname=4361688005&adk=1347955886&adf=1655106637&pi=t.ma~as.4361688005&w=300&lmt=1666115423&format=300x600&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1666117641984&bpp=1&bdt=479&idt=281&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1070x280%2C300x600&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenpoEr%7C&abl=CS&pfx=0&cms=1&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&xpc=YPPXtNXYME&p=http%3A//v1.liveisl.com&dtd=285

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Oct 2022 18:27:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 16:27:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Oct 2022 18:27:22 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame 0255 2 KB
913 B 15ms
15ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=600&slotname=4361688005&adk=1347955886&adf=1655106637&pi=t.ma~as.4361688005&w=300&lmt=1666115423&format=300x600&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1666117641984&bpp=1&bdt=479&idt=281&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1070x280%2C300x600&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenpoEr%7C&abl=CS&pfx=0&cms=1&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&xpc=YPPXtNXYME&p=http%3A//v1.liveisl.com&dtd=285

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 21:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74817
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 21:40:25 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/ Frame 0255 23 KB
9 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=600&slotname=4361688005&adk=1347955886&adf=1655106637&pi=t.ma~as.4361688005&w=300&lmt=1666115423&format=300x600&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1666117641984&bpp=1&bdt=479&idt=281&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1070x280%2C300x600&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenpoEr%7C&abl=CS&pfx=0&cms=1&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&xpc=YPPXtNXYME&p=http%3A//v1.liveisl.com&dtd=285

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 21:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74817
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9571
x-xss-protection: 0
server: cafe
etag: 15799940544776262544
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 21:40:25 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame 0255 3 KB
1 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=600&slotname=4361688005&adk=1347955886&adf=1655106637&pi=t.ma~as.4361688005&w=300&lmt=1666115423&format=300x600&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1666117641984&bpp=1&bdt=479&idt=281&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1070x280%2C300x600&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenpoEr%7C&abl=CS&pfx=0&cms=1&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&xpc=YPPXtNXYME&p=http%3A//v1.liveisl.com&dtd=285

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 17:53:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2038
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 17:53:24 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame 0255 17 KB
7 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=600&slotname=4361688005&adk=1347955886&adf=1655106637&pi=t.ma~as.4361688005&w=300&lmt=1666115423&format=300x600&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1666117641984&bpp=1&bdt=479&idt=281&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1070x280%2C300x600&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenpoEr%7C&abl=CS&pfx=0&cms=1&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&xpc=YPPXtNXYME&p=http%3A//v1.liveisl.com&dtd=285

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 21:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74817
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 21:40:25 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0255 0
0 28ms
25ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTENY1r4lrQppEO41iypENGoA4BrA_l9rQsJp68KxzGLPZfJSvPy3UscFWV0mizQcBYXWhh
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=600&slotname=4361688005&adk=1347955886&adf=1655106637&pi=t.ma~as.4361688005&w=300&lmt=1666115423&format=300x600&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1666117641984&bpp=1&bdt=479&idt=281&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1070x280%2C300x600&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenpoEr%7C&abl=CS&pfx=0&cms=1&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&xpc=YPPXtNXYME&p=http%3A//v1.liveisl.com&dtd=285
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0255 152 KB
46 KB 34ms
31ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=600&slotname=4361688005&adk=1347955886&adf=1655106637&pi=t.ma~as.4361688005&w=300&lmt=1666115423&format=300x600&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1666117641984&bpp=1&bdt=479&idt=281&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1070x280%2C300x600&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenpoEr%7C&abl=CS&pfx=0&cms=1&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&xpc=YPPXtNXYME&p=http%3A//v1.liveisl.com&dtd=285

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Oct 2022 18:27:22 GMT

GET
H3 200 1d54d8cacad5994e062108e03542c880.js Show response
www.gstatic.com/mysidia/ Frame 0255 33 KB
13 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1d54d8cacad5994e062108e03542c880.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=600&slotname=4361688005&adk=1347955886&adf=1655106637&pi=t.ma~as.4361688005&w=300&lmt=1666115423&format=300x600&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1666117641984&bpp=1&bdt=479&idt=281&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1070x280%2C300x600&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenpoEr%7C&abl=CS&pfx=0&cms=1&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&xpc=YPPXtNXYME&p=http%3A//v1.liveisl.com&dtd=285

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 06:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 389137
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Mon, 10 Oct 2022 20:37:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Jan 2023 06:21:45 GMT

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012210071758000/ Frame 3C13 221 KB
60 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210071758000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=600&slotname=2717681267&adk=1225042227&adf=786590329&pi=t.ma~as.2717681267&w=300&lmt=1666115423&format=300x600&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1666117641981&bpp=2&bdt=477&idt=249&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1070x280&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenpoEr%7C&abl=CS&pfx=0&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Lbm8MIT28l&p=http%3A//v1.liveisl.com&dtd=278

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf0aa24d09af1cf519a71ab5810beada6d9519e92e9203719edae4f47c793630

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 17 Oct 2022 17:09:22 GMT
age: 91080
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61557
x-xss-protection: 0
server: sffe
etag: "6f919b986f193e5c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 17 Oct 2023 17:09:22 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012210071758000/v0/ Frame 3C13 14 KB
5 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210071758000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=600&slotname=2717681267&adk=1225042227&adf=786590329&pi=t.ma~as.2717681267&w=300&lmt=1666115423&format=300x600&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1666117641981&bpp=2&bdt=477&idt=249&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1070x280&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenpoEr%7C&abl=CS&pfx=0&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Lbm8MIT28l&p=http%3A//v1.liveisl.com&dtd=278

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce909c4473953c4cb77c836309b8a3c7bcd8c5c75cacd504804e230017c1d8ec

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 17 Oct 2022 17:09:22 GMT
age: 91080
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5208
x-xss-protection: 0
server: sffe
etag: "79c6a9d24c248711"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 17 Oct 2023 17:09:22 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012210071758000/v0/ Frame 3C13 94 KB
28 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210071758000/v0/amp-analytics-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=600&slotname=2717681267&adk=1225042227&adf=786590329&pi=t.ma~as.2717681267&w=300&lmt=1666115423&format=300x600&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1666117641981&bpp=2&bdt=477&idt=249&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1070x280&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenpoEr%7C&abl=CS&pfx=0&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Lbm8MIT28l&p=http%3A//v1.liveisl.com&dtd=278

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9149b5f9e35be0572e7809bbe20cdaca83abaa455747390c2a0a2432736df52

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 17 Oct 2022 17:09:22 GMT
age: 91080
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28805
x-xss-protection: 0
server: sffe
etag: "61ef65d2d2d03d2c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 17 Oct 2023 17:09:22 GMT

GET
H3 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012210071758000/v0/ Frame 3C13 72 KB
16 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210071758000/v0/amp-animation-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=600&slotname=2717681267&adk=1225042227&adf=786590329&pi=t.ma~as.2717681267&w=300&lmt=1666115423&format=300x600&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1666117641981&bpp=2&bdt=477&idt=249&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1070x280&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenpoEr%7C&abl=CS&pfx=0&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Lbm8MIT28l&p=http%3A//v1.liveisl.com&dtd=278

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8d155725fe88d694620d079e6e05f63984d946ce379b51e4479b484e3081059

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 17 Oct 2022 17:09:25 GMT
age: 91077
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16673
x-xss-protection: 0
server: sffe
etag: "ff7b504924452205"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 17 Oct 2023 17:09:25 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012210071758000/v0/ Frame 3C13 5 KB
2 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210071758000/v0/amp-fit-text-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=600&slotname=2717681267&adk=1225042227&adf=786590329&pi=t.ma~as.2717681267&w=300&lmt=1666115423&format=300x600&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1666117641981&bpp=2&bdt=477&idt=249&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1070x280&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenpoEr%7C&abl=CS&pfx=0&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Lbm8MIT28l&p=http%3A//v1.liveisl.com&dtd=278

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0be6f22877adc569a912e863f73a544a719254fb769e5fae863a68a3226a77d7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 17 Oct 2022 17:09:22 GMT
age: 91080
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1904
x-xss-protection: 0
server: sffe
etag: "cd31ad97eaf70e3d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 17 Oct 2023 17:09:22 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012210071758000/v0/ Frame 3C13 40 KB
13 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210071758000/v0/amp-form-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=600&slotname=2717681267&adk=1225042227&adf=786590329&pi=t.ma~as.2717681267&w=300&lmt=1666115423&format=300x600&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1666117641981&bpp=2&bdt=477&idt=249&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1070x280&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenpoEr%7C&abl=CS&pfx=0&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Lbm8MIT28l&p=http%3A//v1.liveisl.com&dtd=278

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63a6662d57c222f2ddd2a524dad8141679764784629d3c19a4ce438bd180a4fe

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 17 Oct 2022 17:09:22 GMT
age: 91080
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12962
x-xss-protection: 0
server: sffe
etag: "81bd7ae64421add4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 17 Oct 2023 17:09:22 GMT

GET
H3 200 es.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3C13 3 KB
3 KB 16ms
15ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/es.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=600&slotname=2717681267&adk=1225042227&adf=786590329&pi=t.ma~as.2717681267&w=300&lmt=1666115423&format=300x600&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1666117641981&bpp=2&bdt=477&idt=249&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1070x280&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenpoEr%7C&abl=CS&pfx=0&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Lbm8MIT28l&p=http%3A//v1.liveisl.com&dtd=278

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 01:00:33 GMT
x-content-type-options: nosniff
server: cafe
age: 62809
etag: 15820072736840818134
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2687
x-xss-protection: 0
expires: Wed, 19 Oct 2022 01:00:33 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3C13 295 B
325 B 21ms
20ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=600&slotname=2717681267&adk=1225042227&adf=786590329&pi=t.ma~as.2717681267&w=300&lmt=1666115423&format=300x600&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1666117641981&bpp=2&bdt=477&idt=249&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1070x280&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenpoEr%7C&abl=CS&pfx=0&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Lbm8MIT28l&p=http%3A//v1.liveisl.com&dtd=278

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 09:39:44 GMT
x-content-type-options: nosniff
server: cafe
age: 31658
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Wed, 19 Oct 2022 09:39:44 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3C13 0
17 B 62ms
61ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CXp0QCvBOY_XLEpCuYvnuiUi6k8HKaLzl49v2Dtfw9P0IEAEg56LCS2CVwqaCsAegAfGoxs4DyAEJqQIHK1nUeXywPqgDAcgDCKoE3wFP0B9EFuBhfOERqFri4l6gO4hynPSbqVOE2cEc5dXqQ2VUfAsF0QHmPXGJbJfnZbCddEaaRBrd-mwd7m4qXJOTZId1wLBIa2gYi6lf1vP9xd1PrNxm7nj3yVqU2mtwu7yvJpDsAoOcKF4zGse9WrEezoaau0QAgRNWBfdeGgqJFRtuanrHAuf8ttBk3aK3iv_GgCOTYwGaC_gCpptDITt4_N5TNh3uWtyPJIv302HZn5wSGBwftUHdEVaGMyDtuf2kh0g4zMIpQnp5gkKokjfuRnlZR_anH-us3yGtQh84wAS6_9nx8QOSBQQIBBgBkgUECAUYBKAGLoAH99a5MagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEENXEAdIIEQiA4YBwEAEYHzIC6wI6AoBAgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTg2OTU2MTU4MDU4NDM1MTUYAA&sigh=OurcL07ie3g&uach_m=[UACH]&cid=CAQSKQDq26N9CPvUnAhaBcPhskw9ItXRRT8DLmtaTyugsH2-MpP3vvWAxTRZGAEgDg&template_id=419

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=600&slotname=2717681267&adk=1225042227&adf=786590329&pi=t.ma~as.2717681267&w=300&lmt=1666115423&format=300x600&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1666117641981&bpp=2&bdt=477&idt=249&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1070x280&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenpoEr%7C&abl=CS&pfx=0&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Lbm8MIT28l&p=http%3A//v1.liveisl.com&dtd=278

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=600&slotname=2717681267&adk=1225042227&adf=786590329&pi=t.ma~as.2717681267&w=300&lmt=1666115423&format=300x600&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1666117641981&bpp=2&bdt=477&idt=249&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1070x280&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenpoEr%7C&abl=CS&pfx=0&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Lbm8MIT28l&p=http%3A//v1.liveisl.com&dtd=278
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 18 Oct 2022 18:27:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 36E2 6 KB
672 B 23ms
23ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=250&slotname=1735524661&adk=2414387011&adf=2333964761&pi=t.ma~as.1735524661&w=300&lmt=1666115423&format=300x250&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1666117641985&bpp=1&bdt=480&idt=323&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1070x280%2C300x600%2C300x600&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenpoEr%7C&abl=CS&pfx=0&fu=32768&bc=23&ifi=5&uci=a!5&fsb=1&xpc=tXXvPppXDk&p=http%3A//v1.liveisl.com&dtd=326

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Oct 2022 18:27:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 17:04:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Oct 2022 18:27:22 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame 36E2 2 KB
913 B 14ms
14ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 21:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74817
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 21:40:25 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/ Frame 36E2 23 KB
9 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 21:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74817
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9571
x-xss-protection: 0
server: cafe
etag: 15799940544776262544
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 21:40:25 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame 36E2 3 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 17:53:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2038
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 17:53:24 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame 36E2 17 KB
7 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 21:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74817
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 21:40:25 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 36E2 0
0 24ms
23ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTQ2ZJNH09j19D1j0l5-lIaiHKQwdQwL6MJ9AL8kqMNv9UUDjvrGunEl6yrM2MQEBlZNCk5
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=250&slotname=1735524661&adk=2414387011&adf=2333964761&pi=t.ma~as.1735524661&w=300&lmt=1666115423&format=300x250&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1666117641985&bpp=1&bdt=480&idt=323&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1070x280%2C300x600%2C300x600&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenpoEr%7C&abl=CS&pfx=0&fu=32768&bc=23&ifi=5&uci=a!5&fsb=1&xpc=tXXvPppXDk&p=http%3A//v1.liveisl.com&dtd=326
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 36E2 152 KB
46 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Oct 2022 18:27:22 GMT

GET
H3 200 1d54d8cacad5994e062108e03542c880.js Show response
www.gstatic.com/mysidia/ Frame 36E2 33 KB
13 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1d54d8cacad5994e062108e03542c880.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 06:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 389137
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Mon, 10 Oct 2022 20:37:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Jan 2023 06:21:45 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0255 0
0 58ms
56ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cby5rCvBOY8uxE5HHYuiNnMgPwY_U_2yE1MnixA_92urkgBAQASDnosJLYJXCpoKwB6AB56eY3wLIAQmpAgcrWdR5fLA-qAMByAPLBKoE0wFP0JvXFF7EOXMIjQe1ki5rPftMWsL6v3JMPa9r4RGnww2KUvjoka73y8O32S9vacPAWajqwKPFbPrxW1hrjaYz6a5UrJHIbq9ZG-OyZVU_5zA5D7w3epI6_I45lkKLRf7uTEPSF8twJ_GFadaYLQ9WQQ3zSm-l8wc24mQ3l2GoKxDKg6layr_eqAGeKR6wWZiP-dQPZnNHdFQRnbR-LP5_ATbF2A_V-ZLcV51GR18x9PL4x6z4lzvKdOiuNadlbGHIhE7-kHRlCCreDpKicdwcJlgUwATBnebSzwOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHgdjnoAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDnzAHSCBEIgOGAcBABGB8yAusCOgKAQIAKAcgLAdgTDIgUA9AVAZgWAYAXAbIXHAoaCAASFHB1Yi04Njk1NjE1ODA1ODQzNTE1GAA&sigh=t_AlM8azj9E&uach_m=[UACH]&cid=CAQSKQDq26N9O1dRgMDnN1kNkindjQfL5FNI_ugbUCdt7IUWcYIhB5HRfcMcGAEgDg&template_id=5000

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=600&slotname=4361688005&adk=1347955886&adf=1655106637&pi=t.ma~as.4361688005&w=300&lmt=1666115423&format=300x600&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1666117641984&bpp=1&bdt=479&idt=281&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1070x280%2C300x600&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenpoEr%7C&abl=CS&pfx=0&cms=1&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&xpc=YPPXtNXYME&p=http%3A//v1.liveisl.com&dtd=285

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=600&slotname=4361688005&adk=1347955886&adf=1655106637&pi=t.ma~as.4361688005&w=300&lmt=1666115423&format=300x600&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1666117641984&bpp=1&bdt=479&idt=281&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1070x280%2C300x600&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenpoEr%7C&abl=CS&pfx=0&cms=1&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&xpc=YPPXtNXYME&p=http%3A//v1.liveisl.com&dtd=285
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 18 Oct 2022 18:27:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 36E2 0
0 63ms
60ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CGwnMCvBOY87zFcmA7APcvofwD-CfwdNsq526hvkP_drq5IAQEAEg56LCS2CVwqaCsAegAeenmN8CyAEJqQL3KRGRiYiwPqgDAcgDywSqBNMBT9DlYSgeh48sRapX_ONBQ6sNomFe_CO_k5X8rm-uVjZ92cADBPesSTSe1ssp78bAcDpsniCkPAdJCooi85WqJtYGqphjOMx-vyu0IicnLicva3-MiYswMrdtYSnQB-yKGy1PwHrjIKAEJ4IlZzxOum46qq9uqPfC7h_c6zqGL4eETVl-p2gPwFwIxVRR7bPEQe0mvzdfxE0wDfEVoQq94das3XAk3lVdqPQEUpyMXYEgAVrCRnVVSRA5sphfRTMvm9FiV7fAdomaddBJoSlgAOjzNMAExdLh0OMDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB4HY56ABqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ1-4B0ggRCIDhgHAQARgfMgLrAjoCgECACgHICwG4E-QD2BMMiBQC0BUBmBYBgBcBshccChoIABIUcHViLTg2OTU2MTU4MDU4NDM1MTUYAA&sigh=fS63ndN7Ldg&uach_m=[UACH]&cid=CAQSKQDq26N9oI6719G923sUvTplURzoQM_nJ1dl27EIOtO5fdqQCrRB93q9GAEgDg&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=250&slotname=1735524661&adk=2414387011&adf=2333964761&pi=t.ma~as.1735524661&w=300&lmt=1666115423&format=300x250&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1666117641985&bpp=1&bdt=480&idt=323&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1070x280%2C300x600%2C300x600&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenpoEr%7C&abl=CS&pfx=0&fu=32768&bc=23&ifi=5&uci=a!5&fsb=1&xpc=tXXvPppXDk&p=http%3A//v1.liveisl.com&dtd=326
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 18 Oct 2022 18:27:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 3E29 6 KB
672 B 24ms
23ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=280&slotname=6901856940&adk=337926735&adf=4219446632&pi=t.ma~as.6901856940&w=1200&fwrn=4&fwrnh=100&lmt=1666115423&rafmt=1&format=1200x280&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1666117642068&bpp=1&bdt=564&idt=283&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D15f31edc2a33f86c-22fc8a0b4ace00d9%3AT%3D1666117642%3ART%3D1666117642%3AS%3DALNI_MZfqHSQJ58OqsnJ4ejm0I5AGpDzyw&gpic=UID%3D00000b74cd3c6003%3AT%3D1666117642%3ART%3D1666117642%3AS%3DALNI_MZvS0hdo7qNRUbT-yyvxHt5KZPLTA&prev_fmts=0x0%2C1070x280%2C300x600%2C300x600%2C300x250&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=991&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=6&uci=a!6&fsb=1&xpc=Zml3vKDMAg&p=http%3A//v1.liveisl.com&dtd=287

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Oct 2022 18:27:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 18:18:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Oct 2022 18:27:22 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame 3E29 2 KB
913 B 15ms
14ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=280&slotname=6901856940&adk=337926735&adf=4219446632&pi=t.ma~as.6901856940&w=1200&fwrn=4&fwrnh=100&lmt=1666115423&rafmt=1&format=1200x280&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1666117642068&bpp=1&bdt=564&idt=283&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D15f31edc2a33f86c-22fc8a0b4ace00d9%3AT%3D1666117642%3ART%3D1666117642%3AS%3DALNI_MZfqHSQJ58OqsnJ4ejm0I5AGpDzyw&gpic=UID%3D00000b74cd3c6003%3AT%3D1666117642%3ART%3D1666117642%3AS%3DALNI_MZvS0hdo7qNRUbT-yyvxHt5KZPLTA&prev_fmts=0x0%2C1070x280%2C300x600%2C300x600%2C300x250&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=991&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=6&uci=a!6&fsb=1&xpc=Zml3vKDMAg&p=http%3A//v1.liveisl.com&dtd=287

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 21:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74817
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 21:40:25 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/ Frame 3E29 23 KB
9 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=280&slotname=6901856940&adk=337926735&adf=4219446632&pi=t.ma~as.6901856940&w=1200&fwrn=4&fwrnh=100&lmt=1666115423&rafmt=1&format=1200x280&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1666117642068&bpp=1&bdt=564&idt=283&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D15f31edc2a33f86c-22fc8a0b4ace00d9%3AT%3D1666117642%3ART%3D1666117642%3AS%3DALNI_MZfqHSQJ58OqsnJ4ejm0I5AGpDzyw&gpic=UID%3D00000b74cd3c6003%3AT%3D1666117642%3ART%3D1666117642%3AS%3DALNI_MZvS0hdo7qNRUbT-yyvxHt5KZPLTA&prev_fmts=0x0%2C1070x280%2C300x600%2C300x600%2C300x250&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=991&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=6&uci=a!6&fsb=1&xpc=Zml3vKDMAg&p=http%3A//v1.liveisl.com&dtd=287

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 21:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74817
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9571
x-xss-protection: 0
server: cafe
etag: 15799940544776262544
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 21:40:25 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame 3E29 3 KB
1 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=280&slotname=6901856940&adk=337926735&adf=4219446632&pi=t.ma~as.6901856940&w=1200&fwrn=4&fwrnh=100&lmt=1666115423&rafmt=1&format=1200x280&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1666117642068&bpp=1&bdt=564&idt=283&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D15f31edc2a33f86c-22fc8a0b4ace00d9%3AT%3D1666117642%3ART%3D1666117642%3AS%3DALNI_MZfqHSQJ58OqsnJ4ejm0I5AGpDzyw&gpic=UID%3D00000b74cd3c6003%3AT%3D1666117642%3ART%3D1666117642%3AS%3DALNI_MZvS0hdo7qNRUbT-yyvxHt5KZPLTA&prev_fmts=0x0%2C1070x280%2C300x600%2C300x600%2C300x250&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=991&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=6&uci=a!6&fsb=1&xpc=Zml3vKDMAg&p=http%3A//v1.liveisl.com&dtd=287

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 17:53:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2038
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 17:53:24 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame 3E29 17 KB
7 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=280&slotname=6901856940&adk=337926735&adf=4219446632&pi=t.ma~as.6901856940&w=1200&fwrn=4&fwrnh=100&lmt=1666115423&rafmt=1&format=1200x280&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1666117642068&bpp=1&bdt=564&idt=283&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D15f31edc2a33f86c-22fc8a0b4ace00d9%3AT%3D1666117642%3ART%3D1666117642%3AS%3DALNI_MZfqHSQJ58OqsnJ4ejm0I5AGpDzyw&gpic=UID%3D00000b74cd3c6003%3AT%3D1666117642%3ART%3D1666117642%3AS%3DALNI_MZvS0hdo7qNRUbT-yyvxHt5KZPLTA&prev_fmts=0x0%2C1070x280%2C300x600%2C300x600%2C300x250&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=991&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=6&uci=a!6&fsb=1&xpc=Zml3vKDMAg&p=http%3A//v1.liveisl.com&dtd=287

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 21:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74817
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 21:40:25 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3E29 0
0 24ms
23ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRDihu0rAfxP-g_bpOfB2955wtcnTR6XaRRbWWT0qg86Wv3aiYOLtSwYMPEqF5xLxIATxuy
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=280&slotname=6901856940&adk=337926735&adf=4219446632&pi=t.ma~as.6901856940&w=1200&fwrn=4&fwrnh=100&lmt=1666115423&rafmt=1&format=1200x280&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1666117642068&bpp=1&bdt=564&idt=283&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D15f31edc2a33f86c-22fc8a0b4ace00d9%3AT%3D1666117642%3ART%3D1666117642%3AS%3DALNI_MZfqHSQJ58OqsnJ4ejm0I5AGpDzyw&gpic=UID%3D00000b74cd3c6003%3AT%3D1666117642%3ART%3D1666117642%3AS%3DALNI_MZvS0hdo7qNRUbT-yyvxHt5KZPLTA&prev_fmts=0x0%2C1070x280%2C300x600%2C300x600%2C300x250&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=991&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=6&uci=a!6&fsb=1&xpc=Zml3vKDMAg&p=http%3A//v1.liveisl.com&dtd=287
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3E29 152 KB
46 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=280&slotname=6901856940&adk=337926735&adf=4219446632&pi=t.ma~as.6901856940&w=1200&fwrn=4&fwrnh=100&lmt=1666115423&rafmt=1&format=1200x280&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1666117642068&bpp=1&bdt=564&idt=283&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D15f31edc2a33f86c-22fc8a0b4ace00d9%3AT%3D1666117642%3ART%3D1666117642%3AS%3DALNI_MZfqHSQJ58OqsnJ4ejm0I5AGpDzyw&gpic=UID%3D00000b74cd3c6003%3AT%3D1666117642%3ART%3D1666117642%3AS%3DALNI_MZvS0hdo7qNRUbT-yyvxHt5KZPLTA&prev_fmts=0x0%2C1070x280%2C300x600%2C300x600%2C300x250&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=991&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=6&uci=a!6&fsb=1&xpc=Zml3vKDMAg&p=http%3A//v1.liveisl.com&dtd=287

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Oct 2022 18:27:22 GMT

GET
H3 200 1d54d8cacad5994e062108e03542c880.js Show response
www.gstatic.com/mysidia/ Frame 3E29 33 KB
13 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1d54d8cacad5994e062108e03542c880.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=280&slotname=6901856940&adk=337926735&adf=4219446632&pi=t.ma~as.6901856940&w=1200&fwrn=4&fwrnh=100&lmt=1666115423&rafmt=1&format=1200x280&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1666117642068&bpp=1&bdt=564&idt=283&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D15f31edc2a33f86c-22fc8a0b4ace00d9%3AT%3D1666117642%3ART%3D1666117642%3AS%3DALNI_MZfqHSQJ58OqsnJ4ejm0I5AGpDzyw&gpic=UID%3D00000b74cd3c6003%3AT%3D1666117642%3ART%3D1666117642%3AS%3DALNI_MZvS0hdo7qNRUbT-yyvxHt5KZPLTA&prev_fmts=0x0%2C1070x280%2C300x600%2C300x600%2C300x250&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=991&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=6&uci=a!6&fsb=1&xpc=Zml3vKDMAg&p=http%3A//v1.liveisl.com&dtd=287

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 06:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 389137
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Mon, 10 Oct 2022 20:37:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Jan 2023 06:21:45 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3E29 0
0 59ms
58ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CaPh8CvBOY4WGGbWT7AOP_LzQB8GP1P9sjObd_tUPpNTSt98OEAEg56LCS2CVwqaCsAegAeenmN8CyAEJqQIHK1nUeXywPqgDAcgDywSqBNQBT9C_v8nST5XT8nVLPNGwIN0IJhu7C4-zm21R8HqP0yL5vGdq1whpaFdaIpo1xk50PTJCUwrTTQjaZe82EHOFC9rzC22-zkOV1fq47pU74fRh9M-8RoHQiyKmnlx5DoN884nnjII-O8HI8qO4_oBUvF4QFsPmw92dhwICgqYciaSZYbNJaaiRgWbnPZqnJ9iyVHQDhjKMpDNvpafKZ_AH56lbc12b3aw-Qz-OA7cfqHRiD3BnImRb0wPdDwbcCyCFZDfcpbLqlx2AZsWQJ6iLefGyLpbABKCgkK_eA5IFBAgEGAGSBQQIBRgEoAYugAeB2OegAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEImpINIIEQiA4YBwEAEYHzIC6wI6AoBAgAoByAsBuBPkA9gTDIgUAtAVAZgWAYAXAbIXHAoaCAASFHB1Yi04Njk1NjE1ODA1ODQzNTE1GAA&sigh=WEKCelRFXXo&uach_m=[UACH]&cid=CAQSOwDq26N9XG-om3JN4W7KbvdS7HUa8qjWRNoec5SFoSk69BzXxeoBs5nCUlgRge2pKu-XHhgvh2kVCDVJGAEgDg&template_id=484

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=280&slotname=6901856940&adk=337926735&adf=4219446632&pi=t.ma~as.6901856940&w=1200&fwrn=4&fwrnh=100&lmt=1666115423&rafmt=1&format=1200x280&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1666117642068&bpp=1&bdt=564&idt=283&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D15f31edc2a33f86c-22fc8a0b4ace00d9%3AT%3D1666117642%3ART%3D1666117642%3AS%3DALNI_MZfqHSQJ58OqsnJ4ejm0I5AGpDzyw&gpic=UID%3D00000b74cd3c6003%3AT%3D1666117642%3ART%3D1666117642%3AS%3DALNI_MZvS0hdo7qNRUbT-yyvxHt5KZPLTA&prev_fmts=0x0%2C1070x280%2C300x600%2C300x600%2C300x250&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=991&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=6&uci=a!6&fsb=1&xpc=Zml3vKDMAg&p=http%3A//v1.liveisl.com&dtd=287

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=280&slotname=6901856940&adk=337926735&adf=4219446632&pi=t.ma~as.6901856940&w=1200&fwrn=4&fwrnh=100&lmt=1666115423&rafmt=1&format=1200x280&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1666117642068&bpp=1&bdt=564&idt=283&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D15f31edc2a33f86c-22fc8a0b4ace00d9%3AT%3D1666117642%3ART%3D1666117642%3AS%3DALNI_MZfqHSQJ58OqsnJ4ejm0I5AGpDzyw&gpic=UID%3D00000b74cd3c6003%3AT%3D1666117642%3ART%3D1666117642%3AS%3DALNI_MZvS0hdo7qNRUbT-yyvxHt5KZPLTA&prev_fmts=0x0%2C1070x280%2C300x600%2C300x600%2C300x250&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=991&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=6&uci=a!6&fsb=1&xpc=Zml3vKDMAg&p=http%3A//v1.liveisl.com&dtd=287
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 18 Oct 2022 18:27:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/8055868350138554288/ Frame 3E29 9 KB
9 KB 15ms
14ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8055868350138554288/downsize_200k_v1?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=280&slotname=6901856940&adk=337926735&adf=4219446632&pi=t.ma~as.6901856940&w=1200&fwrn=4&fwrnh=100&lmt=1666115423&rafmt=1&format=1200x280&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1666117642068&bpp=1&bdt=564&idt=283&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D15f31edc2a33f86c-22fc8a0b4ace00d9%3AT%3D1666117642%3ART%3D1666117642%3AS%3DALNI_MZfqHSQJ58OqsnJ4ejm0I5AGpDzyw&gpic=UID%3D00000b74cd3c6003%3AT%3D1666117642%3ART%3D1666117642%3AS%3DALNI_MZvS0hdo7qNRUbT-yyvxHt5KZPLTA&prev_fmts=0x0%2C1070x280%2C300x600%2C300x600%2C300x250&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=991&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=6&uci=a!6&fsb=1&xpc=Zml3vKDMAg&p=http%3A//v1.liveisl.com&dtd=287

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8fd8b17d1cca9c81a630a645df8623ba96e19d438a6334717d5344d9da8f36df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 22:46:14 GMT
x-content-type-options: nosniff
age: 589268
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9139
x-xss-protection: 0
last-modified: Wed, 18 May 2022 12:38:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 11 Oct 2023 22:46:14 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/3297832587674907727/ Frame 3E29 1 KB
1 KB 16ms
14ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3297832587674907727/downsize_200k_v1?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=280&slotname=6901856940&adk=337926735&adf=4219446632&pi=t.ma~as.6901856940&w=1200&fwrn=4&fwrnh=100&lmt=1666115423&rafmt=1&format=1200x280&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1666117642068&bpp=1&bdt=564&idt=283&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D15f31edc2a33f86c-22fc8a0b4ace00d9%3AT%3D1666117642%3ART%3D1666117642%3AS%3DALNI_MZfqHSQJ58OqsnJ4ejm0I5AGpDzyw&gpic=UID%3D00000b74cd3c6003%3AT%3D1666117642%3ART%3D1666117642%3AS%3DALNI_MZvS0hdo7qNRUbT-yyvxHt5KZPLTA&prev_fmts=0x0%2C1070x280%2C300x600%2C300x600%2C300x250&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=991&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=6&uci=a!6&fsb=1&xpc=Zml3vKDMAg&p=http%3A//v1.liveisl.com&dtd=287

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8c9a350e7829cfac4319d5f7f8e4684cd936834be4e1f3914e00652c5013a47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 12:38:44 GMT
x-content-type-options: nosniff
age: 539318
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1490
x-xss-protection: 0
last-modified: Wed, 11 May 2022 14:09:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 12 Oct 2023 12:38:44 GMT

GET
H/1.1 200
OK preview.mp4
e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/ Frame 2E4D 31 KB
31 KB 2765ms
2765ms Image
video/mp4 89.104.117.213
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/preview.mp4
Requested by: Host: v1.liveisl.com
URL: http://v1.liveisl.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.104.117.213 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software: Streamer 22.08.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash
Origin: https://e1.play-flussonic.cloud
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:27:25 GMT
X-Thumbnail-Utc: 1666117378
Last-Modified: Tue, 18-Oct-2022 18:22:58 GMT
Server: Streamer 22.08.1
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 209
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 2675563
Content-Type: video/mp4
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 42531
X-Sid: 634ef00a-759e-46a3-8db8-b1f53b8e6a75

GET
H3 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012210071758000/ 23 KB
8 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210071758000/amp4ads-host-v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df10239e9f31b0a8cc0b08685e86e23f36ea9d3be2319b2b9027a34285289d86

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.liveisl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 17 Oct 2022 17:09:26 GMT
age: 91077
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7854
x-xss-protection: 0
server: sffe
etag: "e3e32df4901536ad"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 17 Oct 2023 17:09:26 GMT

GET
H/1.1 206
Partial Content preview.mp4
e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/ Frame 2E4D 42 KB
42 KB 2732ms
2732ms Media
video/mp4 89.104.117.213
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/preview.mp4
Requested by: Host: v1.liveisl.com
URL: http://v1.liveisl.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.104.117.213 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software: Streamer 22.08.1 /
Resource Hash: a9f25c4d5160e7ace112ba14e8e4d454b53676fa2e15d72407e4413344704387

Request headers

Referer: https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Range: bytes=0-

Response headers

Date: Tue, 18 Oct 2022 18:27:25 GMT
X-Thumbnail-Utc: 1666117378
Last-Modified: Tue, 18-Oct-2022 18:22:58 GMT
Server: Streamer 22.08.1
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 339
Access-Control-Allow-Origin: *
Content-Range: bytes 0-42530/42531
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 2642554
Content-Type: video/mp4
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 42531
X-Sid: 634ef00a-759e-46a3-8db8-b1f53b8e6a75

GET
H/1.1 206
Partial Content preview.mp4
e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/ Frame 2E4D 31 KB
0 2730ms
2730ms Media
video/mp4 89.104.117.213
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/preview.mp4
Requested by: Host: v1.liveisl.com
URL: http://v1.liveisl.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.104.117.213 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software: Streamer 22.08.1 /
Resource Hash

Request headers

Referer: https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Range: bytes=0-

Response headers

Date: Tue, 18 Oct 2022 18:27:25 GMT
X-Thumbnail-Utc: 1666117378
Last-Modified: Tue, 18-Oct-2022 18:22:58 GMT
Server: Streamer 22.08.1
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 195
Access-Control-Allow-Origin: *
Content-Range: bytes 0-42530/42531
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 2642896
Content-Type: video/mp4
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 42531
X-Sid: 634ef00a-759e-46a3-8db8-b1f53b8e6a75

GET
DATA 200
OK truncated
/ Frame 3E29 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e680c66e05823f2025b9ae6a1c718d747489d10945cb07dcc6ddc0aa4d79f01

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame D506 6 KB
672 B 24ms
23ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=280&slotname=6901856940&adk=1857815128&adf=1354072737&pi=t.ma~as.6901856940&w=1070&fwrn=4&fwrnh=100&lmt=1666115423&rafmt=1&format=1070x280&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1666117641741&bpp=3&bdt=237&idt=461&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=265&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=v4Z6UraZ3h&p=http%3A//v1.liveisl.com&dtd=472

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Oct 2022 18:27:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 16:40:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Oct 2022 18:27:23 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame D506 2 KB
913 B 15ms
14ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=280&slotname=6901856940&adk=1857815128&adf=1354072737&pi=t.ma~as.6901856940&w=1070&fwrn=4&fwrnh=100&lmt=1666115423&rafmt=1&format=1070x280&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1666117641741&bpp=3&bdt=237&idt=461&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=265&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=v4Z6UraZ3h&p=http%3A//v1.liveisl.com&dtd=472

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 21:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74818
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 21:40:25 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/ Frame D506 23 KB
9 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=280&slotname=6901856940&adk=1857815128&adf=1354072737&pi=t.ma~as.6901856940&w=1070&fwrn=4&fwrnh=100&lmt=1666115423&rafmt=1&format=1070x280&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1666117641741&bpp=3&bdt=237&idt=461&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=265&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=v4Z6UraZ3h&p=http%3A//v1.liveisl.com&dtd=472

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 21:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74818
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9571
x-xss-protection: 0
server: cafe
etag: 15799940544776262544
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 21:40:25 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame D506 3 KB
1 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=280&slotname=6901856940&adk=1857815128&adf=1354072737&pi=t.ma~as.6901856940&w=1070&fwrn=4&fwrnh=100&lmt=1666115423&rafmt=1&format=1070x280&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1666117641741&bpp=3&bdt=237&idt=461&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=265&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=v4Z6UraZ3h&p=http%3A//v1.liveisl.com&dtd=472

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 17:53:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2039
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 17:53:24 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame D506 17 KB
7 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=280&slotname=6901856940&adk=1857815128&adf=1354072737&pi=t.ma~as.6901856940&w=1070&fwrn=4&fwrnh=100&lmt=1666115423&rafmt=1&format=1070x280&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1666117641741&bpp=3&bdt=237&idt=461&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=265&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=v4Z6UraZ3h&p=http%3A//v1.liveisl.com&dtd=472

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 21:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74818
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 21:40:25 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D506 0
0 22ms
22ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQeoyk6RhKcftWZxwfENC3qPpL9BYGWWseIq7AjhtEO4-zJBDO87OP4ek1QpXnxhN9V7V8w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=280&slotname=6901856940&adk=1857815128&adf=1354072737&pi=t.ma~as.6901856940&w=1070&fwrn=4&fwrnh=100&lmt=1666115423&rafmt=1&format=1070x280&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1666117641741&bpp=3&bdt=237&idt=461&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=265&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=v4Z6UraZ3h&p=http%3A//v1.liveisl.com&dtd=472
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D506 152 KB
46 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=280&slotname=6901856940&adk=1857815128&adf=1354072737&pi=t.ma~as.6901856940&w=1070&fwrn=4&fwrnh=100&lmt=1666115423&rafmt=1&format=1070x280&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1666117641741&bpp=3&bdt=237&idt=461&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=265&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=v4Z6UraZ3h&p=http%3A//v1.liveisl.com&dtd=472

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Oct 2022 18:27:23 GMT

GET
H3 200 1d54d8cacad5994e062108e03542c880.js Show response
www.gstatic.com/mysidia/ Frame D506 33 KB
13 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1d54d8cacad5994e062108e03542c880.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=280&slotname=6901856940&adk=1857815128&adf=1354072737&pi=t.ma~as.6901856940&w=1070&fwrn=4&fwrnh=100&lmt=1666115423&rafmt=1&format=1070x280&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1666117641741&bpp=3&bdt=237&idt=461&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=265&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=v4Z6UraZ3h&p=http%3A//v1.liveisl.com&dtd=472

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 06:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 389138
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Mon, 10 Oct 2022 20:37:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Jan 2023 06:21:45 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D506 0
0 58ms
57ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C-bymCvBOY-LbD821YICGopgLwY_U_2yM5t3-1Q-k1NK33w4QASDnosJLYJXCpoKwB6AB56eY3wLIAQmpAgcrWdR5fLA-qAMByAPLBKoE1AFP0AkJSyb-jp1ZbjA-LRofqDfs901AWa2HvMwKQy3V6h3q7A35AxU-skKKdOUukE46bMD9Cf5MMzl-jGuTt9JHbHe5Gu6naYFI6NeC-BDbfZbhh6Kj1Rr5c1_A5rWk3j_2t2qHadOlTF_H6pLjfCyzphjYO6JBuVv8l5iqYI4bQPInq-oJUkrUJUxVxguUdZCc9ClwIgjkG2FCoxaJWUNPRa4nz5xmfJC3LZ1S-go_vE92om49IolF4Wp4VBmVyhz4lj4qvS2vPkTZOsmlP2I8QW5qScAEoKCQr94DkgUECAQYAZIFBAgFGASgBi6AB4HY56ABqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQl8Aa0ggRCIDhgHAQARgfMgLrAjoCgECACgHICwG4E-QD2BMMiBQC0BUBmBYBgBcBshccChoIABIUcHViLTg2OTU2MTU4MDU4NDM1MTUYAA&sigh=yTCXfpp2Du4&uach_m=[UACH]&cid=CAQSKQDq26N98QYKQw2ESltS2Nxoo-g_l_j2CHX8feXSfVlxRSqtWITgnSDbGAEgDg&template_id=484

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=280&slotname=6901856940&adk=1857815128&adf=1354072737&pi=t.ma~as.6901856940&w=1070&fwrn=4&fwrnh=100&lmt=1666115423&rafmt=1&format=1070x280&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1666117641741&bpp=3&bdt=237&idt=461&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=265&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=v4Z6UraZ3h&p=http%3A//v1.liveisl.com&dtd=472

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=280&slotname=6901856940&adk=1857815128&adf=1354072737&pi=t.ma~as.6901856940&w=1070&fwrn=4&fwrnh=100&lmt=1666115423&rafmt=1&format=1070x280&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1666117641741&bpp=3&bdt=237&idt=461&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=265&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=v4Z6UraZ3h&p=http%3A//v1.liveisl.com&dtd=472
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 18 Oct 2022 18:27:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/ 151 KB
54 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23f164c2a32a77520af8e88622bb5f48b24981a238588e84747fbb63ea82857f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.liveisl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55056
x-xss-protection: 0
server: cafe
etag: 15630741719805380934
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 18:27:23 GMT

GET
H3 200 7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 19B5 36 KB
16 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=600&slotname=4361688005&adk=1347955886&adf=1655106637&pi=t.ma~as.4361688005&w=300&lmt=1666115423&format=300x600&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1666117641984&bpp=1&bdt=479&idt=281&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1070x280%2C300x600&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenpoEr%7C&abl=CS&pfx=0&cms=1&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&xpc=YPPXtNXYME&p=http%3A//v1.liveisl.com&dtd=285

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec9114246d6354284832e8623b156ead037da4840b78134aaff6a2673e620b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 06:21:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43576
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15945
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 06:21:07 GMT

GET
H3 200 7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js Show response
pagead2.googlesyndication.com/bg/ Frame CC86 36 KB
16 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec9114246d6354284832e8623b156ead037da4840b78134aaff6a2673e620b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 06:21:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43576
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15945
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 06:21:07 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/14214113277704173546/ Frame D506 9 KB
9 KB 19ms
18ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14214113277704173546/downsize_200k_v1?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=280&slotname=6901856940&adk=1857815128&adf=1354072737&pi=t.ma~as.6901856940&w=1070&fwrn=4&fwrnh=100&lmt=1666115423&rafmt=1&format=1070x280&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1666117641741&bpp=3&bdt=237&idt=461&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=265&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=v4Z6UraZ3h&p=http%3A//v1.liveisl.com&dtd=472

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cecc8b64b82548bbb2be5f8c99b5627651823b80fb19ece83bcd1376750abb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 23:50:59 GMT
x-content-type-options: nosniff
age: 585384
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9320
x-xss-protection: 0
last-modified: Wed, 18 May 2022 12:29:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 11 Oct 2023 23:50:59 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/3297832587674907727/ Frame D506 1 KB
1 KB 15ms
15ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3297832587674907727/downsize_200k_v1?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=280&slotname=6901856940&adk=1857815128&adf=1354072737&pi=t.ma~as.6901856940&w=1070&fwrn=4&fwrnh=100&lmt=1666115423&rafmt=1&format=1070x280&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1666117641741&bpp=3&bdt=237&idt=461&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=265&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=v4Z6UraZ3h&p=http%3A//v1.liveisl.com&dtd=472

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8c9a350e7829cfac4319d5f7f8e4684cd936834be4e1f3914e00652c5013a47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 12:38:44 GMT
x-content-type-options: nosniff
age: 539319
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1490
x-xss-protection: 0
last-modified: Wed, 11 May 2022 14:09:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 12 Oct 2023 12:38:44 GMT

POST
H2 200 e
analytics.shareaholic.com/ 43 B
377 B 101ms
100ms Ping
image/gif 52.200.239.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.shareaholic.com/e

Requested by

Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/d1d50b0d/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.200.239.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-200-239-86.compute-1.amazonaws.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Content-Security-Policy	referrer always

Request headers

Referer: http://v1.liveisl.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:27:23 GMT
content-security-policy: referrer always
vary: Origin
content-type: image/gif
access-control-allow-origin: http://v1.liveisl.com
p3p: CP="OTI DSP COR DEVo ADMa OUR CONo IND COM INT ONL PUR STA OTC"
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
referer-policy: unsafe-url
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 02d6996212902b212b940e191847e049.json Show response
www.shareaholic.net/config/ 4 KB
2 KB 92ms
92ms XHR
application/json 184.73.100.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shareaholic.net/config/02d6996212902b212b940e191847e049.json
Requested by: Host: cdn.shareaholic.net
URL: https://cdn.shareaholic.net/assets/pub/shareaholic.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.73.100.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-73-100-94.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2d5c2007619b47d1d3b15cf117da08444d9de7fc1487d12c9d0524a30631f053

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.liveisl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-client-geo-country: DE,Deutschland
date: Tue, 18 Oct 2022 10:05:20 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0)
x-client-geo-metrocode
content-length: 1348
x-client-geo-region
server: nginx
etag: W/"2d5c2007619b47d1d3b15cf117da0844"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
x-varnish: 616949046 608800456
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Etag, Access-Control-Allow-Origin, x-client-geo-latlong, x-client-geo-country, x-client-geo-city, x-client-geo-zip, x-client-geo-region, x-client-geo-metrocode
cache-control: max-age=3, public, must-revalidate
x-client-geo-city
x-client-geo-zip
access-control-max-age: 2000
accept-ranges: bytes
access-control-allow-headers: *
x-client-geo-latlong: 51.299300,9.491000

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3E29 15 KB
15 KB 16ms
16ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 20:22:20 GMT
x-content-type-options: nosniff
age: 338703
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Oct 2023 20:22:20 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3E29 15 KB
16 KB 15ms
15ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 05:09:29 GMT
x-content-type-options: nosniff
age: 393474
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Oct 2023 05:09:29 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3E29 15 KB
15 KB 16ms
16ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 13:14:53 GMT
x-content-type-options: nosniff
age: 364350
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Oct 2023 13:14:53 GMT

GET
H/1.1 200
OK index.mpd Show response
e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/ Frame 2E4D 2 KB
3 KB 1961ms
1960ms Fetch
application/dash+xml 89.104.117.213
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/index.mpd
Requested by: Host: e1.play-flussonic.cloud
URL: https://e1.play-flussonic.cloud/flu/player/shaka-player.68f6824339b990e2d52f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.104.117.213 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software: Streamer 22.08.1 /
Resource Hash: d069f62d3d09dd5dc5448e657402dcc8564c25db75731c4cb5d84dd866b8b3d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Oct 2022 18:27:24 GMT
Server: Streamer 22.08.1
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 537
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 1916812
Cache-Control: no-cache
Content-Type: application/dash+xml
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 2132
X-Sid: 634ef00b-f697-4f99-ba4c-c3c2c731b9d3

GET
DATA 200
OK truncated
/ Frame D506 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2f3d1568fd399c4a1cf97da7265aa6653306416ecf05ac8a86bfbbedfef6e556

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 23ms
22ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=v1.liveisl.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.liveisl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 24ms
23ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=v1.liveisl.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.liveisl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/ Frame DB88 10 KB
4 KB 14ms
14ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://v1.liveisl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 83951
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 19:08:12 GMT
etag: 9671129459699598864
expires: Mon, 31 Oct 2022 19:08:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/ Frame 8281 10 KB
4 KB 15ms
15ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://v1.liveisl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 83951
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 19:08:12 GMT
etag: 9671129459699598864
expires: Mon, 31 Oct 2022 19:08:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 49ms
48ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8695615805843515&plah=v1.liveisl.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://v1.liveisl.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D506 15 KB
15 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 20:22:20 GMT
x-content-type-options: nosniff
age: 338703
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Oct 2023 20:22:20 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D506 15 KB
16 KB 15ms
15ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 05:09:29 GMT
x-content-type-options: nosniff
age: 393474
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Oct 2023 05:09:29 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D506 15 KB
15 KB 18ms
17ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 13:14:53 GMT
x-content-type-options: nosniff
age: 364350
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Oct 2023 13:14:53 GMT

GET
H2 200 buttons.js Show response
m9m6e2w5.stackpathcdn.com/v2/d1d50b0d/ 179 KB
37 KB 10ms
10ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://m9m6e2w5.stackpathcdn.com/v2/d1d50b0d/buttons.js
Requested by: Host: cdn.shareaholic.net
URL: https://cdn.shareaholic.net/assets/pub/shareaholic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 8123dc2bf66e2ac6977d94fe97c53156eeccde550b99431793c630e765897aee

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.liveisl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:23 GMT
content-encoding: gzip
last-modified: Mon, 03 Oct 2022 22:06:50 GMT
server: nginx
x-amz-request-id: K87KX5DZ3K2JV1FN
etag: "49e3d95d37cfa985c04180587e25647b"
x-hw: 1666117643.cds012.fr8.hn,1666117643.cds004.fr8.c
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-hello-human: Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges: bytes
content-length: 37579
x-amz-id-2: QcId8CFo5Zdm964rH7sV9qNV7j1bLZLu88hMuZQKgH/qbLt+cH7Jlb63uuDidJUKRywCaU+hM6o=

GET
H2 200 partners.js Show response
partner.shareaholic.com/ 0
265 B 106ms
105ms Script
application/javascript 107.20.140.231
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://partner.shareaholic.com/partners.js?location=http%3A%2F%2Fv1.liveisl.com%2F&referrer=http%3A%2F%2Fv3.fullhdmatch.live%2F&id_sync=fd6e6566-b1c0-4e69-ab29-d47e53e90ff2&pvs=1&site=02d6996212902b212b940e191847e049
Requested by: Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/d1d50b0d/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.20.140.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-20-140-231.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.liveisl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:27:23 GMT
vary: Accept-Encoding, User-Agent
p3p: CP='OTI DSP COR DEVo ADMa OUR CONo IND COM INT ONL PUR STA OTC'
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 34D8 36 KB
16 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=280&slotname=6901856940&adk=337926735&adf=4219446632&pi=t.ma~as.6901856940&w=1200&fwrn=4&fwrnh=100&lmt=1666115423&rafmt=1&format=1200x280&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1666117642068&bpp=1&bdt=564&idt=283&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D15f31edc2a33f86c-22fc8a0b4ace00d9%3AT%3D1666117642%3ART%3D1666117642%3AS%3DALNI_MZfqHSQJ58OqsnJ4ejm0I5AGpDzyw&gpic=UID%3D00000b74cd3c6003%3AT%3D1666117642%3ART%3D1666117642%3AS%3DALNI_MZvS0hdo7qNRUbT-yyvxHt5KZPLTA&prev_fmts=0x0%2C1070x280%2C300x600%2C300x600%2C300x250&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=991&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=6&uci=a!6&fsb=1&xpc=Zml3vKDMAg&p=http%3A//v1.liveisl.com&dtd=287

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec9114246d6354284832e8623b156ead037da4840b78134aaff6a2673e620b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 06:21:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43576
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15945
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 06:21:07 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame DB88 4 KB
636 B 22ms
22ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Oct 2022 18:27:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 18:24:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Oct 2022 18:27:23 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame DB88 205 B
229 B 16ms
15ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 17:21:15 GMT
x-content-type-options: nosniff
age: 3968
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 18 Oct 2023 17:21:15 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame DB88 604 B
628 B 17ms
16ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 17:20:18 GMT
x-content-type-options: nosniff
age: 4025
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 18 Oct 2023 17:20:18 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/elements/html/ Frame DB88 19 KB
8 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a091a670b6bf03510fc7a1b3c74a417c4a8c8937f7fb0c9a1517a95bdd7ab18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 00:15:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65509
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8235
x-xss-protection: 0
server: cafe
etag: 7715946797152839796
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 00:15:34 GMT

GET
H3 200 cc2fa6f05f6b7ab36f626f2501931c3a.js Show response
www.gstatic.com/mysidia/ Frame 8281 10 KB
4 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cc2fa6f05f6b7ab36f626f2501931c3a.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5b7440eb01b4db530c8b12650e39b4a3bfb1b49b7518c76b08bb6e8b8434a2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 06:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 389138
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4312
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 23:46:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Jan 2023 06:21:45 GMT

GET
H3 200 9a8178d18d321307744a4c8ce46adea2.js Show response
www.gstatic.com/mysidia/ Frame 8281 10 KB
4 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9a8178d18d321307744a4c8ce46adea2.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

311d6e0a623475d73c35b2a61232ef0621db876a120cf7069721cb04f06ad003

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 07:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 386234
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4293
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 06:02:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Jan 2023 07:10:09 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8281 8 KB
895 B 24ms
23ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Oct 2022 18:27:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 16:30:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Oct 2022 18:27:23 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame 8281 2 KB
913 B 16ms
14ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 21:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74818
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 21:40:25 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/ Frame 8281 23 KB
9 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 21:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74818
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9571
x-xss-protection: 0
server: cafe
etag: 15799940544776262544
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 21:40:25 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame 8281 3 KB
1 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 17:53:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2039
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 17:53:24 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame 8281 17 KB
7 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 21:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74818
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 21:40:25 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8281 0
0 22ms
20ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR8PkUwXTxPnFJLkfmvRlbOhQSmdj_7zdrGv7BgdU08zSRLGS7zcU4L53NTnJP9YqU0NLp-
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8281 152 KB
46 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Oct 2022 18:27:23 GMT

GET
H3 200 1d54d8cacad5994e062108e03542c880.js Show response
www.gstatic.com/mysidia/ Frame 8281 33 KB
13 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1d54d8cacad5994e062108e03542c880.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 06:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 389138
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Mon, 10 Oct 2022 20:37:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Jan 2023 06:21:45 GMT

GET
H3 200 7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js Show response
pagead2.googlesyndication.com/bg/ Frame F83C 36 KB
16 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=280&slotname=6901856940&adk=1857815128&adf=1354072737&pi=t.ma~as.6901856940&w=1070&fwrn=4&fwrnh=100&lmt=1666115423&rafmt=1&format=1070x280&url=http%3A%2F%2Fv1.liveisl.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1666117641741&bpp=3&bdt=237&idt=461&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4620595806669&frm=20&pv=1&ga_vid=474046002.1666117642&ga_sid=1666117642&ga_hid=155027656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=265&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070341%2C31070423%2C31068919&oid=2&pvsid=1438012196567694&tmod=1242647645&uas=0&nvt=1&ref=http%3A%2F%2Fv3.fullhdmatch.live%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=v4Z6UraZ3h&p=http%3A//v1.liveisl.com&dtd=472

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec9114246d6354284832e8623b156ead037da4840b78134aaff6a2673e620b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 06:21:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43576
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15945
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 06:21:07 GMT

GET
H/1.1 200
OK media_info.json Show response
111.90.158.152/mocitsarkalaif/ Frame 407C 618 B
1 KB 272ms
182ms Fetch
application/json 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/mocitsarkalaif/media_info.json
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/flu/player/main.b52cd07e8ae9526c861a.js
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: 39c26a50bfd8e8587b38f7711fbebbedae8105e535d73128adeec2bff8abc272

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:55 GMT
Server: Streamer 22.10
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 149
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 242
Content-Type: application/json
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 618
X-Sid: b76e-4040-8224-dc6425b6f29d

GET
H/1.1 200
OK preview.mp4
111.90.158.152/mocitsarkalaif/ Frame 407C 169 KB
169 KB 245ms
164ms Image
video/mp4 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://111.90.158.152:8080/mocitsarkalaif/preview.mp4
Requested by: Host: v1.liveisl.com
URL: http://v1.liveisl.com/
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
Origin: http://111.90.158.152:8080
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:55 GMT
X-Thumbnail-Utc: 1666116568
Last-Modified: Tue, 18-Oct-2022 18:09:28 GMT
Server: Streamer 22.10
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 110
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 390
Content-Type: video/mp4
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 172879
X-Sid: 634eebdb-5f1a-49a2-a3f0-d0c227322096

GET
H/1.1 206
Partial Content preview.mp4
111.90.158.152/mocitsarkalaif/ Frame 407C 169 KB
170 KB 285ms
172ms Media
video/mp4 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/mocitsarkalaif/preview.mp4
Requested by: Host: v1.liveisl.com
URL: http://v1.liveisl.com/
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: fda343f34aee2d5ef34db727c0f1e549b26aa0ea1f702040aa232019d36059fe

Request headers

Referer: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Range: bytes=0-

Response headers

Date: Tue, 18 Oct 2022 18:31:55 GMT
X-Thumbnail-Utc: 1666116568
Last-Modified: Tue, 18-Oct-2022 18:09:28 GMT
Server: Streamer 22.10
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 125
Access-Control-Allow-Origin: *
Content-Range: bytes 0-172878/172879
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 157
Content-Type: video/mp4
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 172879
X-Sid: 634eebdb-5f1a-49a2-a3f0-d0c227322096

GET
H/1.1 206
Partial Content preview.mp4
111.90.158.152/mocitsarkalaif/ Frame 407C 169 KB
170 KB 305ms
173ms Media
video/mp4 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/mocitsarkalaif/preview.mp4
Requested by: Host: v1.liveisl.com
URL: http://v1.liveisl.com/
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: fda343f34aee2d5ef34db727c0f1e549b26aa0ea1f702040aa232019d36059fe

Request headers

Referer: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Range: bytes=0-

Response headers

Date: Tue, 18 Oct 2022 18:31:55 GMT
X-Thumbnail-Utc: 1666116568
Last-Modified: Tue, 18-Oct-2022 18:09:28 GMT
Server: Streamer 22.10
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 113
Access-Control-Allow-Origin: *
Content-Range: bytes 0-172878/172879
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 171
Content-Type: video/mp4
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 172879
X-Sid: 634eebdb-5f1a-49a2-a3f0-d0c227322096

GET
H/1.1 200
OK media_info.json Show response
111.90.158.152/mocitsarkalaif/ Frame 7E82 618 B
1 KB 171ms
167ms Fetch
application/json 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/mocitsarkalaif/media_info.json
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/flu/player/main.b52cd07e8ae9526c861a.js
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: 39c26a50bfd8e8587b38f7711fbebbedae8105e535d73128adeec2bff8abc272

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:55 GMT
Server: Streamer 22.10
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 284
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 72
Content-Type: application/json
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 618
X-Sid: b76e-4040-8224-dc6425b6f29d

GET
H/1.1 200
OK preview.mp4
111.90.158.152/mocitsarkalaif/ Frame 7E82 147 KB
147 KB 329ms
182ms Image
video/mp4 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://111.90.158.152:8080/mocitsarkalaif/preview.mp4
Requested by: Host: v1.liveisl.com
URL: http://v1.liveisl.com/
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
Origin: http://111.90.158.152:8080
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:55 GMT
X-Thumbnail-Utc: 1666116568
Last-Modified: Tue, 18-Oct-2022 18:09:28 GMT
Server: Streamer 22.10
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 117
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 146
Content-Type: video/mp4
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 172879
X-Sid: 634eebdb-5f1a-49a2-a3f0-d0c227322096

GET
H3 200 css
fonts.googleapis.com/ Frame 7658 8 KB
895 B 24ms
23ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Oct 2022 18:27:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 18:18:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Oct 2022 18:27:23 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame 7658 2 KB
913 B 14ms
14ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 21:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74818
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 21:40:25 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/ Frame 7658 23 KB
9 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 21:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74818
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9571
x-xss-protection: 0
server: cafe
etag: 15799940544776262544
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 21:40:25 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame 7658 3 KB
1 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 17:53:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2039
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 17:53:24 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame 7658 17 KB
7 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 21:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74818
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 21:40:25 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7658 0
0 22ms
21ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRybqcOgwXLgDxURkqVUl4Fshshnu1uGqaAqrjPHPiRD4p5WMmP3QtiLSEFQLV346xlNiQ3
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7658 152 KB
46 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Oct 2022 18:27:23 GMT

GET
H3 200 1d54d8cacad5994e062108e03542c880.js Show response
www.gstatic.com/mysidia/ Frame 7658 33 KB
13 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1d54d8cacad5994e062108e03542c880.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 06:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 389138
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Mon, 10 Oct 2022 20:37:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Jan 2023 06:21:45 GMT

GET
H/1.1 206
Partial Content preview.mp4
111.90.158.152/mocitsarkalaif/ Frame 7E82 169 KB
170 KB 180ms
168ms Media
video/mp4 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/mocitsarkalaif/preview.mp4
Requested by: Host: v1.liveisl.com
URL: http://v1.liveisl.com/
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: fda343f34aee2d5ef34db727c0f1e549b26aa0ea1f702040aa232019d36059fe

Request headers

Referer: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Range: bytes=0-

Response headers

Date: Tue, 18 Oct 2022 18:31:55 GMT
X-Thumbnail-Utc: 1666116568
Last-Modified: Tue, 18-Oct-2022 18:09:28 GMT
Server: Streamer 22.10
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 113
Access-Control-Allow-Origin: *
Content-Range: bytes 0-172878/172879
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 141
Content-Type: video/mp4
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 172879
X-Sid: 634eebdb-5f1a-49a2-a3f0-d0c227322096

GET
H/1.1 206
Partial Content preview.mp4
111.90.158.152/mocitsarkalaif/ Frame 7E82 169 KB
170 KB 194ms
166ms Media
video/mp4 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/mocitsarkalaif/preview.mp4
Requested by: Host: v1.liveisl.com
URL: http://v1.liveisl.com/
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: fda343f34aee2d5ef34db727c0f1e549b26aa0ea1f702040aa232019d36059fe

Request headers

Referer: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Range: bytes=0-

Response headers

Date: Tue, 18 Oct 2022 18:31:55 GMT
X-Thumbnail-Utc: 1666116568
Last-Modified: Tue, 18-Oct-2022 18:09:28 GMT
Server: Streamer 22.10
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 100
Access-Control-Allow-Origin: *
Content-Range: bytes 0-172878/172879
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 138
Content-Type: video/mp4
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 172879
X-Sid: 634eebdb-5f1a-49a2-a3f0-d0c227322096

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8281 0
0 60ms
60ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CSkm-CvBOY9_DDtbsYtanjsAD4J_B02yrnbqG-Q_92urkgBAQASDnosJLYJXCpoKwB6AB56eY3wLIAQGpAgcrWdR5fLA-qAMByAPLBKoE1AFP0LUupFpTn71V9eGVYU7EBkUd2luzeqvip2rz0jxV3sVbPJvTQ-qoTlwgnDdzJVi21-DI69aVYRAbMsWskJ8bQLSjdYb0h3xmh0aiZ2x_4oUD_3w1CGWHg3nvTJSF3ULktjIhR_QGYGejNWhJk4B-W0VY2IJe8IxTWEnB4NNasOSKYVGhSnYKpwsvpkAwlhQHCgHPj0T29Pm44JcUpn0v-0FHgsST2I95_JAARPnH8HX0gB_sYFO-fEXd-C50bShsriy8GKMmMteAOmaFaIk2Y6LEzsAExdLh0OMDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGAB4HY56ABqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQov8M0ggRCIDhgHAQARgfMgLrAjoCgECACgHICwHYEwyIFALQFQGYFgGAFwGyFxwKGggAEhRwdWItODY5NTYxNTgwNTg0MzUxNRgA&sigh=v3Aq_-8NTvc&uach_m=[UACH]&cid=CAQSKQDq26N9pZYoj0aG0Kh5Egy62pzyc617oKC3lmEH9FFVw3ufOhzKCijqGAEgDg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 18 Oct 2022 18:27:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8281 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99755ba65ab6685d4f906616e458708b1f4f520b04246a90cb4771298dcc5cf1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 492 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4299f2aaa46eea61cff7da0f945e26cf0ace8a35ea912182e7df2a9958db8e10

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.liveisl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK media_info.json Show response
111.90.158.152/mlaliga/ Frame C648 597 B
1 KB 173ms
173ms Fetch
application/json 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/mlaliga/media_info.json
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/flu/player/main.b52cd07e8ae9526c861a.js
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: c5e3627b8257b3e793e1b9da27fa3cf1b6bf7e0d1b345688cdabb3464cddda7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mlaliga/embed.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:55 GMT
Server: Streamer 22.10
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 154
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 271
Content-Type: application/json
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 597
X-Sid: b3a2-4295-9ba5-1000be0859ea

GET
H/1.1 200
OK preview.mp4
111.90.158.152/mlaliga/ Frame C648 51 KB
51 KB 173ms
172ms Image
video/mp4 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://111.90.158.152:8080/mlaliga/preview.mp4
Requested by: Host: v1.liveisl.com
URL: http://v1.liveisl.com/
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://111.90.158.152:8080/mlaliga/embed.html
Origin: http://111.90.158.152:8080
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:55 GMT
X-Thumbnail-Utc: 1666116620
Last-Modified: Tue, 18-Oct-2022 18:10:20 GMT
Server: Streamer 22.10
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 128
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 389
Content-Type: video/mp4
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 51791
X-Sid: 634eebdb-f6f2-406e-8a4a-52ea828aa374

GET
H/1.1 206
Partial Content preview.mp4
111.90.158.152/mlaliga/ Frame C648 51 KB
51 KB 171ms
170ms Media
video/mp4 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/mlaliga/preview.mp4
Requested by: Host: v1.liveisl.com
URL: http://v1.liveisl.com/
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: 40fdb9732d43d1c5e47ae0a15252023188566d65e4e431e2fbc69ef5c585eaf5

Request headers

Referer: http://111.90.158.152:8080/mlaliga/embed.html
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Range: bytes=0-

Response headers

Date: Tue, 18 Oct 2022 18:31:55 GMT
X-Thumbnail-Utc: 1666116620
Last-Modified: Tue, 18-Oct-2022 18:10:20 GMT
Server: Streamer 22.10
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 113
Access-Control-Allow-Origin: *
Content-Range: bytes 0-51790/51791
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 124
Content-Type: video/mp4
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 51791
X-Sid: 634eebdb-f6f2-406e-8a4a-52ea828aa374

GET
H/1.1 206
Partial Content preview.mp4
111.90.158.152/mlaliga/ Frame C648 51 KB
51 KB 171ms
171ms Media
video/mp4 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/mlaliga/preview.mp4
Requested by: Host: v1.liveisl.com
URL: http://v1.liveisl.com/
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: 40fdb9732d43d1c5e47ae0a15252023188566d65e4e431e2fbc69ef5c585eaf5

Request headers

Referer: http://111.90.158.152:8080/mlaliga/embed.html
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Range: bytes=0-

Response headers

Date: Tue, 18 Oct 2022 18:31:55 GMT
X-Thumbnail-Utc: 1666116620
Last-Modified: Tue, 18-Oct-2022 18:10:20 GMT
Server: Streamer 22.10
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 116
Access-Control-Allow-Origin: *
Content-Range: bytes 0-51790/51791
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 149
Content-Type: video/mp4
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 51791
X-Sid: 634eebdb-f6f2-406e-8a4a-52ea828aa374

GET
H3 200 7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 78C5 36 KB
16 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec9114246d6354284832e8623b156ead037da4840b78134aaff6a2673e620b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 06:21:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15945
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 06:21:07 GMT

GET
H/1.1 200
OK media_info.json Show response
111.90.158.152/mlaliga/ Frame C265 597 B
1 KB 172ms
172ms Fetch
application/json 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/mlaliga/media_info.json
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/flu/player/main.b52cd07e8ae9526c861a.js
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: c5e3627b8257b3e793e1b9da27fa3cf1b6bf7e0d1b345688cdabb3464cddda7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mlaliga/embed.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:55 GMT
Server: Streamer 22.10
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 198
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 69
Content-Type: application/json
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 597
X-Sid: b3a2-4295-9ba5-1000be0859ea

GET
H/1.1 200
OK preview.mp4
111.90.158.152/mlaliga/ Frame C265 51 KB
51 KB 173ms
173ms Image
video/mp4 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://111.90.158.152:8080/mlaliga/preview.mp4
Requested by: Host: v1.liveisl.com
URL: http://v1.liveisl.com/
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://111.90.158.152:8080/mlaliga/embed.html
Origin: http://111.90.158.152:8080
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:55 GMT
X-Thumbnail-Utc: 1666116620
Last-Modified: Tue, 18-Oct-2022 18:10:20 GMT
Server: Streamer 22.10
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 156
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 92
Content-Type: video/mp4
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 51791
X-Sid: 634eebdb-f6f2-406e-8a4a-52ea828aa374

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 32ms
32ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221013&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e216162ae022f1469057ee90df869ac8fa481a66e14053444b2382755ce915b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.liveisl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11133
x-xss-protection: 0

GET
H/1.1 200
OK index.mpd Show response
111.90.158.152/mocitsarkalaif/ Frame 407C 2 KB
3 KB 190ms
190ms Fetch
application/dash+xml 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/mocitsarkalaif/index.mpd
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/flu/player/shaka-player.b52cd07e8ae9526c861a.js
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: 92a3da7e023faa5efdb821376847fc63adcf870f6a266382c5a047cb391d140b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Oct 2022 18:31:55 GMT
Server: Streamer 22.10
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 118
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 614
Cache-Control: no-cache
Content-Type: application/dash+xml
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 2182
X-Sid: 634eebdb-d034-44a8-bcfb-b8b236c47fb6

GET
H/1.1 200
OK index.m3u8 Show response
111.90.158.152/mlaliga/ Frame C648 182 B
876 B 169ms
166ms XHR
application/vnd.apple.mpegurl 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/mlaliga/index.m3u8
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/flu/player/main.b52cd07e8ae9526c861a.js
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: 84629f054c51c83949720ba6d3a6c2b96a2fbed56cc1998f6d6a4d0217fd70b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mlaliga/embed.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:55 GMT
Content-Encoding: gzip
X-Run-Time: 109
X-Prepare-Time: 98
Connection: keep-alive
Content-Length: 176
X-Sid: 634eebd9-a4fd-4b21-bc0a-8e6c15a1c728
Pragma: no-cache
X-Media-Info-Time: 9
Server: Streamer 22.10
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 89
Cache-Control: no-cache
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid

GET
H/1.1 206
Partial Content preview.mp4
111.90.158.152/mlaliga/ Frame C265 51 KB
51 KB 334ms
167ms Media
video/mp4 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/mlaliga/preview.mp4
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: 40fdb9732d43d1c5e47ae0a15252023188566d65e4e431e2fbc69ef5c585eaf5

Request headers

Referer: http://111.90.158.152:8080/mlaliga/embed.html
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Range: bytes=0-

Response headers

Date: Tue, 18 Oct 2022 18:31:56 GMT
X-Thumbnail-Utc: 1666116620
Last-Modified: Tue, 18-Oct-2022 18:10:20 GMT
Server: Streamer 22.10
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 136
Access-Control-Allow-Origin: *
Content-Range: bytes 0-51790/51791
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 139
Content-Type: video/mp4
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 51791
X-Sid: 634eebdb-f6f2-406e-8a4a-52ea828aa374

GET
H/1.1 206
Partial Content preview.mp4
111.90.158.152/mlaliga/ Frame C265 12 KB
0 363ms
186ms Media
video/mp4 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/mlaliga/preview.mp4
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash

Request headers

Referer: http://111.90.158.152:8080/mlaliga/embed.html
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Range: bytes=0-

Response headers

Date: Tue, 18 Oct 2022 18:31:56 GMT
X-Thumbnail-Utc: 1666116620
Last-Modified: Tue, 18-Oct-2022 18:10:20 GMT
Server: Streamer 22.10
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 198
Access-Control-Allow-Origin: *
Content-Range: bytes 0-51790/51791
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 302
Content-Type: video/mp4
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 51791
X-Sid: 634eebdb-f6f2-406e-8a4a-52ea828aa374

GET
H/1.1 200
OK index.mpd Show response
111.90.158.152/mocitsarkalaif/ Frame 7E82 2 KB
3 KB 279ms
172ms Fetch
application/dash+xml 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/mocitsarkalaif/index.mpd
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/flu/player/shaka-player.b52cd07e8ae9526c861a.js
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: 92a3da7e023faa5efdb821376847fc63adcf870f6a266382c5a047cb391d140b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Oct 2022 18:31:56 GMT
Server: Streamer 22.10
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 135
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 121
Cache-Control: no-cache
Content-Type: application/dash+xml
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 2182
X-Sid: 634eebdb-d034-44a8-bcfb-b8b236c47fb6

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.liveisl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Oct 2022 18:27:24 GMT

GET
H/1.1 200
OK index.m3u8 Show response
111.90.158.152/mlaliga/ Frame C265 182 B
877 B 235ms
173ms XHR
application/vnd.apple.mpegurl 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/mlaliga/index.m3u8
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/flu/player/main.b52cd07e8ae9526c861a.js
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: 84629f054c51c83949720ba6d3a6c2b96a2fbed56cc1998f6d6a4d0217fd70b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mlaliga/embed.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:56 GMT
Content-Encoding: gzip
X-Run-Time: 53
X-Prepare-Time: 39
Connection: keep-alive
Content-Length: 176
X-Sid: 634eebd9-a4fd-4b21-bc0a-8e6c15a1c728
Pragma: no-cache
X-Media-Info-Time: 11
Server: Streamer 22.10
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 127
Cache-Control: no-cache
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3E29 42 B
64 B 50ms
50ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssOj8F2c6eF5gcDq-a7PEDVB1tLD4PHO4G1OC82StfESzNZwxdr7M3lyYzL80iY7dbxGXDXNDMP-0MZhe5v_6I_pvrTAhx3OGrNnYW-ZXYSwgkGg_j8gC_nkNcrcU8a-OCOBWaAUg&sai=AMfl-YQLSPt4tLeqQBQQ0Nk0wqP364lR94TDMv9FexTEUQzYFNPhncoCDt1AMAulHy7udkv6CLIGPQ2qZrKtPkgkLCZHIvrZXW6DK38B7hdw7FJ04th66NW9k4Cy1bpBbw&sig=Cg0ArKJSzFnHYR47FKRfEAE&cid=CAQSOwDq26N9XG-om3JN4W7KbvdS7HUa8qjWRNoec5SFoSk69BzXxeoBs5nCUlgRge2pKu-XHhgvh2kVCDVJGAEgDg&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20221012&bin=7&avms=nio&bs=0,0&mc=0.75&if=1&vu=1&app=0&itpl=22&adk=337926735&rs=2&la=1&cr=0&vs=4&r=v&rst=1666117642357&rpt=1097&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:27:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F143 13 KB
5 KB 16ms
15ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://v1.liveisl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 525
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 18:18:39 GMT
expires: Wed, 18 Oct 2023 18:18:39 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FC54 783 B
534 B 24ms
24ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d61e4df77c6afcd42d14f58baf04f4791ef8831e064063b29b831045402755b4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yeVh4wDhC68Ihcvek_NkHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://v1.liveisl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-yeVh4wDhC68Ihcvek_NkHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 18:27:24 GMT
expires: Tue, 18 Oct 2022 18:27:24 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK mono.m3u8 Show response
111.90.158.152/mlaliga/tracks-v1a1/ Frame C648 303 B
831 B 188ms
188ms XHR
application/vnd.apple.mpegurl 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/mlaliga/tracks-v1a1/mono.m3u8
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/flu/player/main.b52cd07e8ae9526c861a.js
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: ec418832f81757f2dabdeb42c3a92003efa4a7cdfc82bc075c024f54c45314e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mlaliga/embed.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:56 GMT
Content-Encoding: gzip
X-Run-Time: 28
Connection: keep-alive
Content-Length: 158
X-Cached: yes
X-Sid: 634eebd9-a4fd-4b21-bc0a-8e6c15a1c728
Pragma: no-cache
Server: Streamer 22.10
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 199
Cache-Control: no-cache
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FC54 0
0 48ms
47ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221013&jk=1438012196567694&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js Show response
pagead2.googlesyndication.com/bg/ Frame F143 36 KB
16 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec9114246d6354284832e8623b156ead037da4840b78134aaff6a2673e620b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 06:21:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15945
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 06:21:07 GMT

GET
H/1.1 200
OK init.m4v Show response
111.90.158.152/mocitsarkalaif/tracks-a1/ Frame 407C 649 B
1 KB 250ms
171ms Fetch
audio/mp4 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/mocitsarkalaif/tracks-a1/init.m4v
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/flu/player/shaka-player.b52cd07e8ae9526c861a.js
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: 3e6a2e34d8912d3fdf01daac1b8023938758575571ce91611f09ff8aefc55a90

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:56 GMT
Server: Streamer 22.10
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 38
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 146
Content-Type: audio/mp4
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 649
X-Sid: 634eebdb-d034-44a8-bcfb-b8b236c47fb6

GET
H/1.1 200
OK init.m4v Show response
111.90.158.152/mocitsarkalaif/tracks-v1/ Frame 407C 763 B
1 KB 277ms
164ms Fetch
video/mp4 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/mocitsarkalaif/tracks-v1/init.m4v
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/flu/player/shaka-player.b52cd07e8ae9526c861a.js
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: efb765a1617179ffe3d4edd370b9bb59a9258000dfe9cf2ff5b45be8da31ee75

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:56 GMT
Server: Streamer 22.10
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 53
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 120
Content-Type: video/mp4
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 763
X-Sid: 634eebdb-d034-44a8-bcfb-b8b236c47fb6

GET
H/1.1 200
OK init.m4v Show response
111.90.158.152/mocitsarkalaif/tracks-a1/ Frame 7E82 649 B
1 KB 204ms
172ms Fetch
audio/mp4 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/mocitsarkalaif/tracks-a1/init.m4v
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/flu/player/shaka-player.b52cd07e8ae9526c861a.js
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: 3e6a2e34d8912d3fdf01daac1b8023938758575571ce91611f09ff8aefc55a90

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:56 GMT
Server: Streamer 22.10
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 41
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 116
Content-Type: audio/mp4
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 649
X-Sid: 634eebdb-d034-44a8-bcfb-b8b236c47fb6

GET
H/1.1 200
OK init.m4v Show response
111.90.158.152/mocitsarkalaif/tracks-v1/ Frame 7E82 763 B
1 KB 263ms
188ms Fetch
video/mp4 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/mocitsarkalaif/tracks-v1/init.m4v
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/flu/player/shaka-player.b52cd07e8ae9526c861a.js
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: efb765a1617179ffe3d4edd370b9bb59a9258000dfe9cf2ff5b45be8da31ee75

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:56 GMT
Server: Streamer 22.10
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 79
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 149
Content-Type: video/mp4
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 763
X-Sid: 634eebdb-d034-44a8-bcfb-b8b236c47fb6

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F143 0
12 B 14ms
14ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?DBsWtw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:27:24 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1 200
OK mono.m3u8 Show response
111.90.158.152/mlaliga/tracks-v1a1/ Frame C265 303 B
831 B 282ms
171ms XHR
application/vnd.apple.mpegurl 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/mlaliga/tracks-v1a1/mono.m3u8
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/flu/player/main.b52cd07e8ae9526c861a.js
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: ec418832f81757f2dabdeb42c3a92003efa4a7cdfc82bc075c024f54c45314e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mlaliga/embed.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:56 GMT
Content-Encoding: gzip
X-Run-Time: 49
Connection: keep-alive
Content-Length: 158
X-Cached: yes
X-Sid: 634eebd9-a4fd-4b21-bc0a-8e6c15a1c728
Pragma: no-cache
Server: Streamer 22.10
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 278
Cache-Control: no-cache
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D506 42 B
64 B 50ms
49ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvlXD5e6CTVqtQpeVjwgyx11VPkyOim1obV3LuS2vJjF1OUyn3oZHBLisr0RulGPUR4SucNPwPMEhElRpMNFYU1z1R0htyxxYB1O5hyLMaUPWhbjfY1lilEVJ5S2ze1hPTBxuY1FA&sai=AMfl-YQqc_EnIEAGCgi1EEknlYiEwTfafN4zlps8AlMA-8lXaFDBCUrtVt7l-5xmgNUOQNbsdszyK6pUO9p1YmfykGF3KT8ssAV19ipHsw&sig=Cg0ArKJSzGiqVyHXA2hLEAE&cid=CAQSKQDq26N98QYKQw2ESltS2Nxoo-g_l_j2CHX8feXSfVlxRSqtWITgnSDbGAEgDg&id=lidar2&mcvt=1021&p=0,0,280,1070&mtos=1021,1021,1021,1021,1021&tos=1021,0,0,0,0&v=20221012&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1857815128&rs=2&la=1&cr=0&vs=4&r=v&rst=1666117642215&rpt=1336&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:27:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 10-05000.ts Show response
111.90.158.152/mlaliga/tracks-v1a1/2022/10/18/18/10/ Frame C648 1019 KB
1020 KB 272ms
165ms XHR
video/mp2t 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/mlaliga/tracks-v1a1/2022/10/18/18/10/10-05000.ts
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/flu/player/main.b52cd07e8ae9526c861a.js
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: 8362ddb41ad6c8de8d57428d543f7c8e275359a8bd65aa03eb281e7ee78b1682

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mlaliga/embed.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:56 GMT
Server: Streamer 22.10
X-Memory: yes
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 119
Access-Control-Allow-Origin: *
X-Just-Generated: false
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 203
Content-Type: video/MP2T
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 1043776
X-Sid: 634eebd9-a4fd-4b21-bc0a-8e6c15a1c728

GET
H/1.1 200
OK seg-1666113984-20398.m4v Show response
111.90.158.152/mocitsarkalaif/tracks-a1/ Frame 407C 94 KB
95 KB 215ms
175ms Fetch
audio/mp4 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/mocitsarkalaif/tracks-a1/seg-1666113984-20398.m4v?t=2566038
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/flu/player/shaka-player.b52cd07e8ae9526c861a.js
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: 9ae547d873d0757ff807c4550057922a97896b048829deac4a75bb867714d245

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:56 GMT
Server: Streamer 22.10
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 1861
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 264
Content-Type: audio/mp4
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 96723
X-Sid: 634eebdb-d034-44a8-bcfb-b8b236c47fb6

GET
H/1.1 200
OK seg-1666113984-20398.m4v
111.90.158.152/mocitsarkalaif/tracks-v1/ Frame 407C 1 MB
0 261ms
190ms Fetch
video/mp4 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/mocitsarkalaif/tracks-v1/seg-1666113984-20398.m4v?t=2566038
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/flu/player/shaka-player.b52cd07e8ae9526c861a.js
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:56 GMT
Server: Streamer 22.10
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 2020
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 154
Content-Type: video/mp4
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 2624262
X-Sid: 634eebdb-d034-44a8-bcfb-b8b236c47fb6

GET
H/1.1 200
OK seg-1666113984-20398.m4v Show response
111.90.158.152/mocitsarkalaif/tracks-a1/ Frame 7E82 94 KB
95 KB 250ms
191ms Fetch
audio/mp4 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/mocitsarkalaif/tracks-a1/seg-1666113984-20398.m4v?t=2566038
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/flu/player/shaka-player.b52cd07e8ae9526c861a.js
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: 9ae547d873d0757ff807c4550057922a97896b048829deac4a75bb867714d245

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:56 GMT
Server: Streamer 22.10
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 2183
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 240
Content-Type: audio/mp4
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 96723
X-Sid: 634eebdb-d034-44a8-bcfb-b8b236c47fb6

GET
H/1.1 200
OK seg-1666113984-20398.m4v Show response
111.90.158.152/mocitsarkalaif/tracks-v1/ Frame 7E82 3 MB
3 MB 239ms
175ms Fetch
video/mp4 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/mocitsarkalaif/tracks-v1/seg-1666113984-20398.m4v?t=2566038
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/flu/player/shaka-player.b52cd07e8ae9526c861a.js
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: b5288a94e5c345b0e965023a09197f7b20c79c18bb8f310419acd30bc6cd1f3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:56 GMT
Server: Streamer 22.10
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 1885
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 114
Content-Type: video/mp4
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 2624262
X-Sid: 634eebdb-d034-44a8-bcfb-b8b236c47fb6

GET
H/1.1 200
OK 10-05000.ts Show response
111.90.158.152/mlaliga/tracks-v1a1/2022/10/18/18/10/ Frame C265 1019 KB
1020 KB 220ms
173ms XHR
video/mp2t 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/mlaliga/tracks-v1a1/2022/10/18/18/10/10-05000.ts
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/flu/player/main.b52cd07e8ae9526c861a.js
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: 8362ddb41ad6c8de8d57428d543f7c8e275359a8bd65aa03eb281e7ee78b1682

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mlaliga/embed.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:56 GMT
Server: Streamer 22.10
X-Memory: yes
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 227
Access-Control-Allow-Origin: *
X-Just-Generated: false
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 101
Content-Type: video/MP2T
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 1043776
X-Sid: 634eebd9-a4fd-4b21-bc0a-8e6c15a1c728

GET
H/1.1 200
OK seg-1666113984-20399.m4v Show response
111.90.158.152/mocitsarkalaif/tracks-a1/ Frame 407C 94 KB
95 KB 268ms
189ms Fetch
audio/mp4 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/mocitsarkalaif/tracks-a1/seg-1666113984-20399.m4v?t=2572038
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/flu/player/shaka-player.b52cd07e8ae9526c861a.js
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: 870edf443f59221efe805992e7cabeaa4a3fdcfc04c4107b52811da7db594444

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:56 GMT
Server: Streamer 22.10
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 887
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 250
Content-Type: audio/mp4
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 96421
X-Sid: 634eebdb-d034-44a8-bcfb-b8b236c47fb6

GET
H/1.1 200
OK seg-1666113984-20399.m4v Show response
111.90.158.152/mocitsarkalaif/tracks-a1/ Frame 7E82 94 KB
95 KB 285ms
170ms Fetch
audio/mp4 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/mocitsarkalaif/tracks-a1/seg-1666113984-20399.m4v?t=2572038
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/flu/player/shaka-player.b52cd07e8ae9526c861a.js
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: 870edf443f59221efe805992e7cabeaa4a3fdcfc04c4107b52811da7db594444

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:56 GMT
Server: Streamer 22.10
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 772
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 162
Content-Type: audio/mp4
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 96421
X-Sid: 634eebdb-d034-44a8-bcfb-b8b236c47fb6

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8281 42 B
64 B 50ms
49ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsulaNOV4R8QshbBVQreXDrwn6arxusiIPiiA-YjzG1t7vBS65fjVWal6XbDpXPDTgwX4PRuANjTr4QyWbrA8S1TAKcM9F8l8blEQNnAFMdak1Sd7BvaSVJBBzo27ItClQMHg13e3w&sai=AMfl-YTc_Av6S7r76OxDwljh37qxP0anADazJDLxnwq-Z3E2jZITGdVQW0sUVJx_LBjeCCD6CFMil0UKukOWHlIS3Dvzb4-i8wTRtNoUKw&sig=Cg0ArKJSzDwMxE4GTAqBEAE&cid=CAQSKQDq26N9pZYoj0aG0Kh5Egy62pzyc617oKC3lmEH9FFVw3ufOhzKCijqGAEgDg&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=502,1000,1000,1000,1000&tos=502,498,0,0,0&v=20221012&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1666117643416&rpt=797&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:27:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 51ms
51ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221013&jk=1438012196567694&bg=!MDOlM3fNAAYeOJy_Pjg7ACkAdvg8Wn0-ctoZK6YFrWwrFN6Qdr_-8Kg4OdRUjLKA7UCSlVvGMU8gYQIAAACDUgAAAAJoAQcKACPXeawC7zApOHfm4YYkfJhddq-ydDXGpfDumHuQY8I1k7GNppkCnrTrSu6HccR2vl0duedsvGJfVRZABcIwkzqJgx7a34wsBUJ64VVfWVdPUIYo-AdRUwkPQ7-PigLp7N1eZZNDv-q7CF-2_-Z6S28PcHrHfMjo3Xty-bW4FuvHDZPyS0Lt3glFYf0BDTlu4Hmhc0UnyraUXczobvJXcDq9gC1RfoTN6HlwB-CkFrYo7wCK2_isP0fvo5-EabqxYRVfvodljBtu4jFY05nXw1F0DW4a1-47dEynEp_n_BulQkzeOrbdk7vs7jo6B43Yah8b2ob-yWgH5BNtc_GRoeb_SYKXO1ZBOf9zsdRz9dcIBePNPQG3wsmSypKzY4Hp2WMV4qIFdk5l7EF-EcCf5tO2S5xvUBn1Jlo3ccltYsWFHz9laKEzJaRxua-CTPl8htMaXXf2KCfESmdhYgCIVZvvXOcozfbzX9VLaEGoQT6XLW-iWPNPINl-GNBgKRlpQvi1C0xxJAQom2LKoNxXqea7QN4xANybwDyAgctSs_HOF46h8neBatuWEL7krehEBIt5Hn9qEXNsFvWSfwm672L84gkpVgse_uByjK70JsMUKx4G9J15NrzGE7bddFCc0Ss3z5NlDk_VOfAZI2Oz50gHgEXcPOiWhTuPzuGrOS6saCXgD1cSf6d_NJjs9H3QwOKPtDBHmZT_Zr9Ae39FuZDSmjz8_gB3YfnvBJ6dgu2i64RNgKa8p6i5BRq3xHGMlEaNTKGfR63pHLfw1_0UsgHjQAlGkVM2NPt3mlusLqBtXeLlmSrYCQDAE-t1OPP8aNfYVfmOQNXOeP8OqdCipnNBM8vytlEmvnXbXfL2sAAKF3nCVmcJAukAdEjZKVputgVrs0UvcuRVipUd0Ox21UAyFrp4nEW-MH0N5J_4WRADZJoc3yk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.liveisl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H/1.1 200
OK init.m4v Show response
e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/tracks-a1/ Frame 2E4D 649 B
1 KB 45ms
45ms Fetch
audio/mp4 89.104.117.213
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/tracks-a1/init.m4v
Requested by: Host: e1.play-flussonic.cloud
URL: https://e1.play-flussonic.cloud/flu/player/shaka-player.68f6824339b990e2d52f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.104.117.213 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software: Streamer 22.08.1 /
Resource Hash: 7ffa1e245e1050c5b2f786df681570610aa49ba99026ea88eeeae83768e7c577

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:27:24 GMT
Server: Streamer 22.08.1
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 100
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 185
Content-Type: audio/mp4
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 649
X-Sid: 634ef00b-f697-4f99-ba4c-c3c2c731b9d3

GET
H/1.1 200
OK init.m4v Show response
e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/tracks-v1/ Frame 2E4D 763 B
1 KB 47ms
46ms Fetch
video/mp4 89.104.117.213
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/tracks-v1/init.m4v
Requested by: Host: e1.play-flussonic.cloud
URL: https://e1.play-flussonic.cloud/flu/player/shaka-player.68f6824339b990e2d52f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.104.117.213 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software: Streamer 22.08.1 /
Resource Hash: 3b5e6fec22c21922dfd2154738bd147b1fdb6a9a6b88cb4afdd7284a366ad177

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:27:24 GMT
Server: Streamer 22.08.1
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 63
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 248
Content-Type: video/mp4
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 763
X-Sid: 634ef00b-f697-4f99-ba4c-c3c2c731b9d3

GET
H/1.1 200
OK seg-1666117026-21706.m4v Show response
e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/tracks-a1/ Frame 2E4D 90 KB
91 KB 101ms
101ms Fetch
audio/mp4 89.104.117.213
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/tracks-a1/seg-1666117026-21706.m4v?t=340504
Requested by: Host: e1.play-flussonic.cloud
URL: https://e1.play-flussonic.cloud/flu/player/shaka-player.68f6824339b990e2d52f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.104.117.213 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software: Streamer 22.08.1 /
Resource Hash: 293706913a4e472e4e452a1db825126764514d923c697b1801b6981d644a360f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:27:24 GMT
Server: Streamer 22.08.1
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 7208
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 1107
Content-Type: audio/mp4
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 92495
X-Sid: 634ef00b-f697-4f99-ba4c-c3c2c731b9d3

GET
H/1.1 200
OK seg-1666113984-20400.m4v Show response
111.90.158.152/mocitsarkalaif/tracks-a1/ Frame 407C 94 KB
95 KB 199ms
199ms Fetch
audio/mp4 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/mocitsarkalaif/tracks-a1/seg-1666113984-20400.m4v?t=2578038
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/flu/player/shaka-player.b52cd07e8ae9526c861a.js
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: 283b2299499c0e6cecc8d6f97785787987d06368e5513b646bdeefc0f7d6bd11

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:56 GMT
Server: Streamer 22.10
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 867
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 242
Content-Type: audio/mp4
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 96339
X-Sid: 634eebdb-d034-44a8-bcfb-b8b236c47fb6

GET
H/1.1 200
OK seg-1666117026-21706.m4v Show response
e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/tracks-v1/ Frame 2E4D 1 MB
1 MB 101ms
101ms Fetch
video/mp4 89.104.117.213
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/tracks-v1/seg-1666117026-21706.m4v?t=340504
Requested by: Host: e1.play-flussonic.cloud
URL: https://e1.play-flussonic.cloud/flu/player/shaka-player.68f6824339b990e2d52f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.104.117.213 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software: Streamer 22.08.1 /
Resource Hash: c7b65c03d60db7c5aad8a05654c8ab584b87bb9bfb230d094d7073a453a4ab5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:27:24 GMT
Server: Streamer 22.08.1
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 5946
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 2802
Content-Type: video/mp4
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 1078609
X-Sid: 634ef00b-f697-4f99-ba4c-c3c2c731b9d3

GET
H/1.1 200
OK seg-1666113984-20400.m4v Show response
111.90.158.152/mocitsarkalaif/tracks-a1/ Frame 7E82 94 KB
95 KB 169ms
169ms Fetch
audio/mp4 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/mocitsarkalaif/tracks-a1/seg-1666113984-20400.m4v?t=2578038
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/flu/player/shaka-player.b52cd07e8ae9526c861a.js
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: 283b2299499c0e6cecc8d6f97785787987d06368e5513b646bdeefc0f7d6bd11

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:57 GMT
Server: Streamer 22.10
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 771
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 104
Content-Type: audio/mp4
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 96339
X-Sid: 634eebdb-d034-44a8-bcfb-b8b236c47fb6

GET
H/1.1 200
OK seg-1666117026-21707.m4v Show response
e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/tracks-a1/ Frame 2E4D 90 KB
91 KB 299ms
298ms Fetch
audio/mp4 89.104.117.213
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/tracks-a1/seg-1666117026-21707.m4v?t=346264
Requested by: Host: e1.play-flussonic.cloud
URL: https://e1.play-flussonic.cloud/flu/player/shaka-player.68f6824339b990e2d52f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.104.117.213 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software: Streamer 22.08.1 /
Resource Hash: 860f6849405ded0f1a3355ee55e903d33574b5bb5344535f6000d780ffd6eadc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:27:25 GMT
Server: Streamer 22.08.1
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 1598
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 667
Content-Type: audio/mp4
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 92654
X-Sid: 634ef00b-f697-4f99-ba4c-c3c2c731b9d3

GET
BLOB 200
OK b14101cb-9811-4046-a1bb-6e6955d6e1a2
http://111.90.158.152:8080/ Frame C265 87 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://111.90.158.152:8080/b14101cb-9811-4046-a1bb-6e6955d6e1a2
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a5f793203c48c6859d6ebddcac6b82af63b602decbb17d18f3bb58f3e5c71a18

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mlaliga/embed.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length: 89145
Content-Type: text/javascript

GET
H/1.1 200
OK 15-05000.ts Show response
111.90.158.152/mlaliga/tracks-v1a1/2022/10/18/18/10/ Frame C265 1 MB
1 MB 173ms
173ms XHR
video/mp2t 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/mlaliga/tracks-v1a1/2022/10/18/18/10/15-05000.ts
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/flu/player/main.b52cd07e8ae9526c861a.js
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: ad15da7b2254e02ef6735e5ab28b8acf6f11c916eb164cdc9c0803c643e6a20f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mlaliga/embed.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:57 GMT
Server: Streamer 22.10
X-Memory: yes
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 97
Access-Control-Allow-Origin: *
X-Just-Generated: false
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 262
Content-Type: video/MP2T
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 1067840
X-Sid: 634eebd9-a4fd-4b21-bc0a-8e6c15a1c728

GET
H/1.1 200
OK seg-1666117026-21707.m4v Show response
e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/tracks-v1/ Frame 2E4D 1 MB
1 MB 48ms
48ms Fetch
video/mp4 89.104.117.213
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/tracks-v1/seg-1666117026-21707.m4v?t=346264
Requested by: Host: e1.play-flussonic.cloud
URL: https://e1.play-flussonic.cloud/flu/player/shaka-player.68f6824339b990e2d52f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.104.117.213 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software: Streamer 22.08.1 /
Resource Hash: f85b4a17dbb3ad29c77ffdce7c5604d4888acfc880ecf6d51e488b378223fbff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:27:25 GMT
Server: Streamer 22.08.1
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 2052
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 353
Content-Type: video/mp4
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 1098528
X-Sid: 634ef00b-f697-4f99-ba4c-c3c2c731b9d3

GET
H/1.1 200
OK seg-1666113984-20399.m4v Show response
111.90.158.152/mocitsarkalaif/tracks-v1/ Frame 7E82 2 MB
2 MB 174ms
173ms Fetch
video/mp4 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/mocitsarkalaif/tracks-v1/seg-1666113984-20399.m4v?t=2572038
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/flu/player/shaka-player.b52cd07e8ae9526c861a.js
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: 5c103acd82c9d3dfb4d914f471822e0e8c132e0a7d4eff1ab1905ae0cb593756

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:57 GMT
Server: Streamer 22.10
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 1292
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 174
Content-Type: video/mp4
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 2614133
X-Sid: 634eebdb-d034-44a8-bcfb-b8b236c47fb6

GET
H/1.1 200
OK seg-1666117026-21708.m4v Show response
e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/tracks-v1/ Frame 2E4D 1 MB
1 MB 48ms
47ms Fetch
video/mp4 89.104.117.213
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/tracks-v1/seg-1666117026-21708.m4v?t=352024
Requested by: Host: e1.play-flussonic.cloud
URL: https://e1.play-flussonic.cloud/flu/player/shaka-player.68f6824339b990e2d52f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.104.117.213 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software: Streamer 22.08.1 /
Resource Hash: c5b39b79333187d9e4c63bd67c5cde42dfe4e9fa1b239d2ae38ae051e1a78192

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:27:25 GMT
Server: Streamer 22.08.1
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 1805
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 256
Content-Type: video/mp4
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 1067144
X-Sid: 634ef00b-f697-4f99-ba4c-c3c2c731b9d3

GET
H/1.1 200
OK seg-1666117026-21708.m4v Show response
e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/tracks-a1/ Frame 2E4D 90 KB
91 KB 46ms
46ms Fetch
audio/mp4 89.104.117.213
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/tracks-a1/seg-1666117026-21708.m4v?t=352024
Requested by: Host: e1.play-flussonic.cloud
URL: https://e1.play-flussonic.cloud/flu/player/shaka-player.68f6824339b990e2d52f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.104.117.213 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software: Streamer 22.08.1 /
Resource Hash: 789d44466608e5d2de16f5caf6aad55f0afc446952f8810b069d7d01a3066878

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:27:26 GMT
Server: Streamer 22.08.1
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 1420
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 300
Content-Type: audio/mp4
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 92636
X-Sid: 634ef00b-f697-4f99-ba4c-c3c2c731b9d3

GET
H/1.1 200
OK seg-1666113984-20400.m4v Show response
111.90.158.152/mocitsarkalaif/tracks-v1/ Frame 7E82 3 MB
3 MB 174ms
174ms Fetch
video/mp4 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/mocitsarkalaif/tracks-v1/seg-1666113984-20400.m4v?t=2578038
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/flu/player/shaka-player.b52cd07e8ae9526c861a.js
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: 927550b942ae6c680462d1661a5dbf8b35b8ae0c0244c35ba83ba59342f8b77f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:58 GMT
Server: Streamer 22.10
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 1664
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 193
Content-Type: video/mp4
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 2624569
X-Sid: 634eebdb-d034-44a8-bcfb-b8b236c47fb6

GET
BLOB 200
OK 6d4a8dd2-a2fe-4362-be98-5c6d5a160826
http://111.90.158.152:8080/ Frame C648 87 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://111.90.158.152:8080/6d4a8dd2-a2fe-4362-be98-5c6d5a160826
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a5f793203c48c6859d6ebddcac6b82af63b602decbb17d18f3bb58f3e5c71a18

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mlaliga/embed.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length: 89145
Content-Type: text/javascript

GET
H/1.1 200
OK 15-05000.ts
111.90.158.152/mlaliga/tracks-v1a1/2022/10/18/18/10/ Frame C648 445 KB
0 165ms
164ms XHR
video/mp2t 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/mlaliga/tracks-v1a1/2022/10/18/18/10/15-05000.ts
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/flu/player/main.b52cd07e8ae9526c861a.js
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mlaliga/embed.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:59 GMT
Server: Streamer 22.10
X-Memory: yes
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 47
Access-Control-Allow-Origin: *
X-Just-Generated: false
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 217
Content-Type: video/MP2T
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 1067840
X-Sid: 634eebd9-a4fd-4b21-bc0a-8e6c15a1c728

GET
H/1.1 200
OK seg-1666113984-20401.m4v Show response
111.90.158.152/mocitsarkalaif/tracks-a1/ Frame 7E82 97 KB
98 KB 191ms
190ms Fetch
audio/mp4 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/mocitsarkalaif/tracks-a1/seg-1666113984-20401.m4v?t=2584038
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/flu/player/shaka-player.b52cd07e8ae9526c861a.js
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: 1cc16d14ad5b55f1bb1e8eb538bc58e4e07b19105899b3f521aed0c7936c8c65

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:31:59 GMT
Server: Streamer 22.10
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 1140
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 311
Content-Type: audio/mp4
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 99479
X-Sid: 634eebdb-d034-44a8-bcfb-b8b236c47fb6

GET
H/1.1 200
OK index.mpd Show response
e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/ Frame 2E4D 2 KB
3 KB 46ms
45ms Fetch
application/dash+xml 89.104.117.213
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/index.mpd
Requested by: Host: e1.play-flussonic.cloud
URL: https://e1.play-flussonic.cloud/flu/player/shaka-player.68f6824339b990e2d52f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.104.117.213 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software: Streamer 22.08.1 /
Resource Hash: 305d9987821a1fe61a86a686f9b65385b0c65a78c32961af2a7b24eee7cc7741

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Oct 2022 18:27:27 GMT
Server: Streamer 22.08.1
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 129
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 195
Cache-Control: no-cache
Content-Type: application/dash+xml
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 2132
X-Sid: 634ef00b-f697-4f99-ba4c-c3c2c731b9d3

GET
H/1.1 200
OK seg-1666117026-21709.m4v Show response
e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/tracks-a1/ Frame 2E4D 90 KB
91 KB 89ms
88ms Fetch
audio/mp4 89.104.117.213
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/tracks-a1/seg-1666117026-21709.m4v?t=357784
Requested by: Host: e1.play-flussonic.cloud
URL: https://e1.play-flussonic.cloud/flu/player/shaka-player.68f6824339b990e2d52f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.104.117.213 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software: Streamer 22.08.1 /
Resource Hash: 2fba08697736a89ee1658ac9dafb2bcb80aec821cc42d42c99c88577b804e379

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:27:27 GMT
Server: Streamer 22.08.1
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 1394
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 766
Content-Type: audio/mp4
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 92592
X-Sid: 634ef00b-f697-4f99-ba4c-c3c2c731b9d3

GET
H/1.1 200
OK seg-1666117026-21709.m4v
e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/tracks-v1/ Frame 2E4D 1 MB
1 MB 96ms
96ms Fetch
video/mp4 89.104.117.213
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/tracks-v1/seg-1666117026-21709.m4v?t=357784
Requested by: Host: e1.play-flussonic.cloud
URL: https://e1.play-flussonic.cloud/flu/player/shaka-player.68f6824339b990e2d52f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.104.117.213 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software: Streamer 22.08.1 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:27:27 GMT
Server: Streamer 22.08.1
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 2261
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 293
Content-Type: video/mp4
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 1132008
X-Sid: 634ef00b-f697-4f99-ba4c-c3c2c731b9d3

GET
H/1.1 200
OK index.mpd Show response
111.90.158.152/mocitsarkalaif/ Frame 407C 2 KB
3 KB 188ms
188ms Fetch
application/dash+xml 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/mocitsarkalaif/index.mpd
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/flu/player/shaka-player.b52cd07e8ae9526c861a.js
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: a806b4c04bc4cfc3560f0378abde0d9206a1dfe45a9e0026a46c96c0ea457e59

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Oct 2022 18:32:00 GMT
Server: Streamer 22.10
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 89
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 101
Cache-Control: no-cache
Content-Type: application/dash+xml
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 2216
X-Sid: 634eebdb-d034-44a8-bcfb-b8b236c47fb6

GET
H/1.1 200
OK index.mpd Show response
111.90.158.152/mocitsarkalaif/ Frame 7E82 2 KB
3 KB 172ms
172ms Fetch
application/dash+xml 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/mocitsarkalaif/index.mpd
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/flu/player/shaka-player.b52cd07e8ae9526c861a.js
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash: a806b4c04bc4cfc3560f0378abde0d9206a1dfe45a9e0026a46c96c0ea457e59

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Oct 2022 18:32:00 GMT
Server: Streamer 22.10
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 78
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 83
Cache-Control: no-cache
Content-Type: application/dash+xml
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 2216
X-Sid: 634eebdb-d034-44a8-bcfb-b8b236c47fb6

GET
H/1.1 200
OK seg-1666113984-20401.m4v
111.90.158.152/mocitsarkalaif/tracks-v1/ Frame 7E82 75 KB
0 180ms
180ms Fetch
video/mp4 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/mocitsarkalaif/tracks-v1/seg-1666113984-20401.m4v?t=2584038
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/flu/player/shaka-player.b52cd07e8ae9526c861a.js
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:32:00 GMT
Server: Streamer 22.10
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 2434
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 113
Content-Type: video/mp4
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 2741784
X-Sid: 634eebdb-d034-44a8-bcfb-b8b236c47fb6

GET
H/1.1 200
OK 20-05000.ts
111.90.158.152/mlaliga/tracks-v1a1/2022/10/18/18/10/ Frame C265 30 KB
0 166ms
166ms XHR
video/mp2t 111.90.158.152
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://111.90.158.152:8080/mlaliga/tracks-v1a1/2022/10/18/18/10/20-05000.ts
Requested by: Host: 111.90.158.152
URL: http://111.90.158.152:8080/flu/player/main.b52cd07e8ae9526c861a.js
Protocol: HTTP/1.1
Server: 111.90.158.152 Kajang, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: Streamer 22.10 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://111.90.158.152:8080/mlaliga/embed.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 18:32:00 GMT
Server: Streamer 22.10
X-Memory: yes
Access-Control-Allow-Methods: GET, PUT, DELETE, OPTIONS
X-Run-Time: 55
Access-Control-Allow-Origin: *
X-Just-Generated: false
Access-Control-Expose-Headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
X-Route-Time: 140
Content-Type: video/MP2T
Connection: keep-alive
Access-Control-Allow-Headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
Content-Length: 968576
X-Sid: 634eebd9-a4fd-4b21-bc0a-8e6c15a1c728

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s4.histats.com
URL: https://s4.histats.com/stats/0.php?4705513&@f16&@g1&@h1&@i1&@j1666117639222&@k0&@l1&@mFullHDMatch.Live%20%7C%20Watch%20Live%20Football%20Match%20%3B%20Highlights%20%7C%20Watch%20Full%20Football%20Matches&@n0&@o1000&@q0&@r0&@s511&@ten-US&@u1600&@b1:9586861&@b3:1666117639&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fv3.fullhdmatch.live%2F&@w

Domain: c.bing.com
URL: https://c.bing.com/c.gif?CtsSyncId=AEF80FFACDDE446890497A94D9D85FA8&RedC=c.clarity.ms&MXFR=2ED97E9C20A1683F29636CDD24A16690

Domain: www.google.com
URL: https://www.google.com/recaptcha/api2/aframe

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-TE2HPRNHSJ&gtm=2oeah0&_p=1359530120&cid=879531801.1666117639&ul=en-us&sr=1600x1200&_s=2&sid=1666117639&sct=1&seg=0&dl=http%3A%2F%2Fv3.fullhdmatch.live%2F&dt=FullHDMatch.Live%20%7C%20Watch%20Live%20Football%20Match%20%3B%20Highlights%20%7C%20Watch%20Full%20Football%20Matches&en=user_engagement&_et=2223

Domain: i.clarity.ms
URL: https://i.clarity.ms/collect

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssPMX213vPTv-HHSGf6EpffeJhPog59yx-GE_cRZ_BVGDxjtR7Yinfb6qytuy5JJaN5uBVrg-c2gcKknPRBY2bPrAxvf2mmqeDHxIsYQPVSzkNkdQThHybGMOfzV1Ot7SWc8WtvEQ&sai=AMfl-YQzWAWk45-k9-toVhEla5HMPKXMOjA6o9WDSfmwP3pvMNVKL4c25QO3XhLOJaNZ1Qfw1olMUhi5YfuYAKc&sig=Cg0ArKJSzL2AQm1ps7GxEAE&cid=CAQSGwDq26N9-J0p0dV10AYx_-OKY9UIPysn5nCpHRgBIA4&id=lidartos&mcvt=729&p=0,0,280,1058&mtos=729,729,729,729,729&tos=729,0,0,0,0&v=20221012&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2242244602&rs=2&la=1&cr=0&vs=3&r=b&rst=1666117639475&rpt=1248&ec=0&met=mue&wmsd=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsujPOzI0mErngYhpxVaYycMGHqz3E2KyVbU61tXSmXsMnzDWCKh6ch1Nm9upTiW9avVDmXNOPUa56wA5GIoT8fSeteQw5av6WGdykRKEp2PTvbbBxrGPt9FYTC9tC2kWNB1SexTug&sai=AMfl-YSD5OktfAD0YAH5D3yirI3k7wrGCCsd-V5BcLSXrOEX-5k3tS-0dJvMu_FOoLkXqj1mTCOpcivAlogSjJA&sig=Cg0ArKJSzGegSa6QFPGFEAE&cid=CAQSGwDq26N9WMzaPIODJ_X0eMPIFAfLAXdmPt2l0BgBIA4&id=ampeos&o=1029,649&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=616&mtos=0,0,616,616,616&tos=0,0,616,0,0&tfs=1367&tls=1983&g=91.8333351612091&h=91.8333351612091&pt=1202&tt=1983&rpt=1202&rst=1666117639502&r=de&isd=inside&msd=inside&avms=ampa

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvPim-hMdET61x4EEde8rOPXQDdJ_apMw05Qf9Ip7DBdhgm9TKZhqdj7R2k9NPPDKWEf39n0RXhYboyyA4j40sZwwT_wZTavBAc1qPfWvAPW_rT45qS-aCriQU8_R7xlk-1kM8DKct7bSHV1_HkMW1Ay4B7pKENwDVXZvVVadNdNPpLbGuoDRccJUYiv7ly3gr8Rv8rb7g8L6BSxtf5_lMCLBdBSsTBjM_SqUMl81Dq73oYizU_hr_qSjpIbk5h2yi53x_P9Cz8qCXGtWk-wlcxmNIdG4aAxc3NPXnB9bDwOQVKfU89juTTG2KLgND-rILIJEI7K_VeprMVpySU79I_4ki8tdfRIHNTMMTXsDOOif6lfqJYLdyPby0JisNMzUfdJD0N20hhXffGeHU5eSP4I7ehgWGA-6QnD4TPbI3t6RErkxJBmor5VKjpftpgSP-wjdcbcXoLanQxQ-uFsKmrveqqWAk2S8C0W3D2MpcLRiUeY3efxvBmb3I9lUkibNnp7HWaHmO7JNLKpbk7otLbtgzYrpOOgxHXixiWj3SGgH3qdoi527SUZxQ3n66bgY8k6Stmx8uefH7d6UDEf4w7q4SYSk9VdZ1dQQA4USb2w3Pa-9VH-5p9PvlHEeuN6dQgvCxpoq5d9NpwCysnq-is-NOG1aOApqaBicxGZGaTdyxY32Jl1c6jOvJqEJ8M2h-BH0IFkZtYdgzwEjbayeWvtCXchfXPb1MbAzTB0-JyDcRFHYL4auNe8xCAe2_FHXJbQQC0F-Ww_-xI0gjQoVNOpyJRCFfmRolmfPFriwDZ4DwVT0Mmy44rJ0C7-cKtGNEcJDxWDqoU2CzJOaUcmvVPrYeXH2b-f3A_WH-qb_uxW6Ib0-0rEal4p_aaS6sbLBwk8x8cW404-XrfpoIhgIKTY3ZPgxgyVdGgCwQsMdH6hnVoBYlfRGGNfvVlu8zs32sJs5CiL8DTIKFap6bAEvWoUKjFMzmmbg_TKLQU7nh9BAEJoBVrgJiIvVsDtJ3BVEzTAe-DVMArUp7KwtaN-xR1Hai7Zu0AFkuSXrrXg-U-AQ&sai=AMfl-YTmMVtzLpAEPkH4BPGOoq0T8jN1JUzHkf45GdLxmwsA_Qq4NPxu5J_mC6JPsGtTszZ6JtaYtFoUAhRQ6phE4v-AUeGoPt2a0H9l&sig=Cg0ArKJSzJ3EZB8J5dV0EAE&cid=CAQSGwDq26N99TBc0x4V1mEZUhBBlLpCGkK3Ee0fGRgBIA4&id=lidartos&mcvt=626&p=0,0,124,1005&mtos=0,626,626,626,626&tos=0,626,0,0,0&v=20221012&bin=7&avms=nio&bs=0,0&mc=0.75&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&vs=3&r=b&rst=1666117640218&rpt=627&ec=0&met=mue&wmsd=0

Domain: 111.90.158.152
URL: http://111.90.158.152:8080/mocitsarkalaif/embed.html?proto=dash

Domain: 111.90.158.152
URL: http://111.90.158.152:8080/mlaliga/embed.html

Domain: 111.90.158.152
URL: http://111.90.158.152:8080/mlaliga/embed.html

Domain: e1.play-flussonic.cloud
URL: https://e1.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash

Domain: e2.play-flussonic.cloud
URL: https://e2.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash

Domain: e2.play-flussonic.cloud
URL: https://e2.play-flussonic.cloud/sasv6DGQdk8-qRe122IQdk8/embed.html?proto=dash

Verdicts & Comments Add Verdict or Comment

131 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
v3.fullhdmatch.live/	1970-01-20 15:34:13	Name: HstCfa4705513 Value: 1666117639222
v3.fullhdmatch.live/	1970-01-20 15:34:13	Name: HstCla4705513 Value: 1666117639222
v3.fullhdmatch.live/	1970-01-20 15:34:13	Name: HstCmu4705513 Value: 1666117639222
v3.fullhdmatch.live/	1970-01-20 15:34:13	Name: HstPn4705513 Value: 1
v3.fullhdmatch.live/	1970-01-20 15:34:13	Name: HstPt4705513 Value: 1
v3.fullhdmatch.live/	1970-01-20 15:34:13	Name: HstCnv4705513 Value: 1
v3.fullhdmatch.live/	1970-01-20 15:34:13	Name: HstCns4705513 Value: 1
.fullhdmatch.live/	1970-01-20 16:24:37	Name: _ga Value: GA1.2.879531801.1666117639
.fullhdmatch.live/	1970-01-20 06:50:04	Name: _gid Value: GA1.2.1864351887.1666117639
.fullhdmatch.live/	1970-01-20 06:48:37	Name: _gat_gtag_UA_128386009_12 Value: 1
.fullhdmatch.live/	1970-01-20 06:48:37	Name: _gat_blogger Value: 1
www.clarity.ms/	1970-01-20 15:34:13	Name: CLID Value: f687bf3b5d7447f18d5cad199987b286.20221018.20231018
.fullhdmatch.live/	1970-01-20 16:10:13	Name: __gads Value: ID=5313a85c40166017-22635d704ace00f7:T=1666117639:RT=1666117639:S=ALNI_Majc7HfFF4aQUY-1rUOoNQyWMi72Q
.fullhdmatch.live/	1970-01-20 16:10:13	Name: __gpi Value: UID=00000b74cc85ed9f:T=1666117639:RT=1666117639:S=ALNI_MazADhtQhUpIC-S0qklRDwqW7DkIg
.fullhdmatch.live/	1970-01-20 15:34:13	Name: _clck Value: 1o5lkz0\|1\|f5t\|0
.fullhdmatch.live/	1970-01-20 06:50:04	Name: _clsk Value: 13neybp\|1666117640328\|1\|1\|i.clarity.ms/collect
.doubleclick.net/	1970-01-20 16:10:13	Name: IDE Value: AHWqTUmCivi7FeiNrVQX7PMWzEmbv_opWiaEtmf59VI9N6l7zMj2bt3nVeRjbxpPvD4
.doubleclick.net/	1970-01-20 06:48:41	Name: DSID Value: NO_DATA
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: T
.clarity.ms/	1970-01-20 16:10:13	Name: MUID Value: 2ED97E9C20A1683F29636CDD24A16690
.fullhdmatch.live/	1970-01-20 16:24:37	Name: _ga_TE2HPRNHSJ Value: GS1.1.1666117639.1.0.1666117641.0.0.0
.liveisl.com/	1970-01-20 16:24:37	Name: _ga Value: GA1.2.474046002.1666117642
.liveisl.com/	1970-01-20 06:50:04	Name: _gid Value: GA1.2.1902646774.1666117642
.liveisl.com/	1970-01-20 06:48:37	Name: _gat_gtag_UA_128386009_14 Value: 1
.liveisl.com/	1970-01-20 16:10:13	Name: __gads Value: ID=15f31edc2a33f86c-22fc8a0b4ace00d9:T=1666117642:RT=1666117642:S=ALNI_MZfqHSQJ58OqsnJ4ejm0I5AGpDzyw
.liveisl.com/	1970-01-20 16:10:13	Name: __gpi Value: UID=00000b74cd3c6003:T=1666117642:RT=1666117642:S=ALNI_MZvS0hdo7qNRUbT-yyvxHt5KZPLTA

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://s4.histats.com/stats/0.php?4705513&@f16&@g1&@h1&@i1&@j1666117639222&@k0&@l1&@mFullHDMatch.Live%20%7C%20Watch%20Live%20Football%20Match%20%3B%20Highlights%20%7C%20Watch%20Full%20Football%20Matches&@n0&@o1000&@q0&@r0&@s511&@ten-US&@u1600&@b1:9586861&@b3:1666117639&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fv3.fullhdmatch.live%2F&@w Message: Failed to load resource: net::ERR_CONNECTION_RESET
other	warning	URL: https://cdn.ampproject.org/rtv/012210071758000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
security	error	URL: http://v1.liveisl.com/(Line 1482) Message: Refused to execute script from 'https://oaphoace.net/401/5452820' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
network	error	URL: http://111.90.158.152/smarg/embed.html?proto=dash Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://111.90.158.152/smarg/embed.html?proto=dash Message: Failed to load resource: the server responded with a status of 404 (Not Found)
other	warning	URL: https://cdn.ampproject.org/rtv/012210071758000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-8695615805843515&fa=1&ifi=8&uci=a!8&btvi=1&xpc=2vm1sWGZzV&p=http%3A//v1.liveisl.com Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0wsr11478c3h1.play-flussonic.cloud
111.90.158.152
adservice.google.com
adservice.google.de
ajax.googleapis.com
analytics.shareaholic.com
blogger.googleusercontent.com
c.bing.com
cdn.ampproject.org
cdn.shareaholic.net
cdnjs.cloudflare.com
connect.facebook.net
e1.play-flussonic.cloud
e2.play-flussonic.cloud
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.clarity.ms
ipapi.co
laligaexpert.com
ljii.github.io
m9m6e2w5.stackpathcdn.com
maxcdn.bootstrapcdn.com
mrfixitstips.co.uk
oaphoace.net
p.typekit.net
pagead2.googlesyndication.com
partner.googleadservices.com
partner.shareaholic.com
pro.fontawesome.com
region1.google-analytics.com
s.secure.espncdn.com
s10.histats.com
s4.histats.com
static.shaftscore.com
tpc.googlesyndication.com
use.typekit.net
v1.liveisl.com
v3.fullhdmatch.live
www.blogger.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.shareaholic.net
111.90.158.152
c.bing.com
e1.play-flussonic.cloud
e2.play-flussonic.cloud
i.clarity.ms
pagead2.googlesyndication.com
region1.google-analytics.com
s4.histats.com
www.google.com
107.20.140.231
111.90.158.152
139.45.197.239
151.139.128.11
159.89.213.228
184.73.100.94
193.33.186.13
2001:4860:4802:34::36
2600:9000:2250:4800:0:a8f6:f880:93a1
2606:4700:20::ac43:45e2
2606:4700::6811:180e
2606:4700::6812:1634
2606:4700::6812:acf
2606:50c0:8001::153
2620:1ec:46::45
2a00:1450:4001:801::2002
2a00:1450:4001:802::2001
2a00:1450:4001:802::2002
2a00:1450:4001:806::2001
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:827::2003
2a00:1450:4001:827::2013
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2004
2a00:1450:4001:831::2009
2a02:26f0:3500:16::215:148d
2a02:26f0:3500:16::215:14a0
2a02:26f0:480:f::213:7ee1
2a03:2880:f01c:216:face:b00c:0:3
3.66.136.156
46.105.201.240
52.167.85.21
52.200.239.86
89.104.117.213
00c5b1e788c31532c637e8ba691112a4e40d0d4c7d657eb7e4428f9fca53a70f
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0419e69120a1482daf1f15c02e3f33243fdb086d90cbb69d3bab8aa4de064056
056c49d5e33c04e80cc64e849f28b2d64398c56a86650788fe73207fa4c6823c
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
082a6ffc8a1ec8231cf3aafc1b270993a478b16aef6f150a78e25340ef1af029
08c03c0c23991313191d271c06e0b7a4ec091b72e08fefc9b438dc4e052ef236
0be6f22877adc569a912e863f73a544a719254fb769e5fae863a68a3226a77d7
11cd2251996b8968ef201f62407e3cbac497c7fda5735a436c2370d3a1d15d71
14037f9fdb099dcf3199b1b2e18683ccb33182bea08fded83e346c923b25bf92
14eba6d81888442a920651520a43bad2247f6baef2d9c6e8a6bc46971178083a
1501c2356ed979a478b1724cb8609d6e791a9ab3f69ea1f7d43d9998cd9fca96
165ec2e19d2faa9e3562a32cd4e82e03ab835c7ebd6e7a66b589d6687b5fb3d7
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
197fc21fc05fe1d5a71a73a4ed44906c7846b77eaf22f7592b9901268123eb91
19a0f9d58966dfd0f7f58de135c7d4f3463f8fd3f083f17b524e464a56c8b228
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1cc16d14ad5b55f1bb1e8eb538bc58e4e07b19105899b3f521aed0c7936c8c65
2210d7f2fdcb4c59037b12206d575f736bcc20aae48f3a6936231594c93a3302
23b2fd21777b1f79dcd57f38ec1254fde451e11aa5ebc24938b1079a7b4e8a6c
23f164c2a32a77520af8e88622bb5f48b24981a238588e84747fbb63ea82857f
24990b0f369ea0118c5422ecd9f8e32c7396494bd79534d3b94994776c1f7fb2
27ee33b267f9acbac4dc3a15b204ba8801cbc35a62c1df140f75fd0822660a68
283b2299499c0e6cecc8d6f97785787987d06368e5513b646bdeefc0f7d6bd11
288536942edd2d9002fff4b7d9085f331ff73ea9cd24653e78e6a17ea09c5a0d
293706913a4e472e4e452a1db825126764514d923c697b1801b6981d644a360f
2a3f7c14f930533f35166bb8eb860fb49825cc2c2489d2bab7ebb873afe5d183
2ad4fac75b3a44d5f39df03e2ba742123e4922702737065c973a7b5f00099951
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d5c2007619b47d1d3b15cf117da08444d9de7fc1487d12c9d0524a30631f053
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2f0ea5e4453ad31d9753ee5ccda2d774d8ef5c886fe1997d01ea8564d0278d19
2f3d1568fd399c4a1cf97da7265aa6653306416ecf05ac8a86bfbbedfef6e556
2fba08697736a89ee1658ac9dafb2bcb80aec821cc42d42c99c88577b804e379
305d9987821a1fe61a86a686f9b65385b0c65a78c32961af2a7b24eee7cc7741
311d6e0a623475d73c35b2a61232ef0621db876a120cf7069721cb04f06ad003
37512059e7516519ceed7ba00ca5d7523cc5d15ca922435b692ac3678bad5496
3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45
39c26a50bfd8e8587b38f7711fbebbedae8105e535d73128adeec2bff8abc272
39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101
39fec21f2b95d865e125ffeeb13a6cdd2a061737c9fac5e165ee2f5f5d77becd
3b5e6fec22c21922dfd2154738bd147b1fdb6a9a6b88cb4afdd7284a366ad177
3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f
3db460c0f0d9a415a5d2bbd7f2894e985a7bcc2afd8b00eb6496cc1b713cb962
3e37dde1511f709d545a811b6deafab9f231592a3f98d2a9d2eee94e3f8214e8
3e6a2e34d8912d3fdf01daac1b8023938758575571ce91611f09ff8aefc55a90
40fdb9732d43d1c5e47ae0a15252023188566d65e4e431e2fbc69ef5c585eaf5
4299f2aaa46eea61cff7da0f945e26cf0ace8a35ea912182e7df2a9958db8e10
43e534e9a4fd1ab9e8086724b8e2e8113490d35d82bdeb8403a936c6ceed1f21
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4884fec2c73aa52a2461073c1b87d1ceb80f400520391b43f97ca7d3c39eeb24
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4beedc60b96b54bcb461514a9ef3cf3aac4a650cc5b5ae7dacb56086c713160c
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4de49631fe60b17010f7cda29a6236ca6ad6102ea204e5c31d2c1e79ee276938
521efd7ea11bd79c8e1dcb42df087e04c88a4325e18e968b6a464f1b4c48bcc1
5385c72811d04d2e59aa671d5448ee6162dd86098fbff00ea20ea37e93396339
538c0d41a54726248f1eebd7fc1da771675f5635ba14c6f4d1e3f745d327e433
53c311faa86a6220eedcc8ca4329e87c2b28f84a47f0b41f9c04937790ae93ae
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b9a3ca1e0816b7a7784e64450326bfe04a45e79adb9f929aeff3614d772b72e
5be9a295048310ed5e10a49d3dc52124193100bfbc1e9954590483e7703df913
5c103acd82c9d3dfb4d914f471822e0e8c132e0a7d4eff1ab1905ae0cb593756
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e216162ae022f1469057ee90df869ac8fa481a66e14053444b2382755ce915b
5ef56de4bc30f0d947aae0e49ab0d007b8f693da48810d86a481750a9e7c1c3c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6301c3dabe488c9e57eedc4771863805e246b0c0e5d5850e80bd897694f9e61b
63a6662d57c222f2ddd2a524dad8141679764784629d3c19a4ce438bd180a4fe
6437289baad6bb04808039cf10f373d013011467b6904fcd3937ce9c981d6f01
64ee894d9ca27339849c299d8da9f2fd77008e69ae62f64385ffb49ea8311bc2
6885698d05ebbbb26ceb0e40d8f53c550a299af88adf472eb6f92163bc70a6a1
6a0dbd54a68bfb0aaa038d1dbae393209d0103a5ea18648ad10537feff5ea04c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c0f64d0c20bad379c90653e2a863e6cbeb355b2d0230d8e37a60ff06f30eacf
6df1976c55f3a24537a5154471fae69a728a41592b621336e4f41c0f6298c1a7
732168df53bbc5637515dc63fc4a27bb169089e8825ae99e4c01448fc3d9ff7c
733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a
73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c
7520a8d8815d763f4cdd78661b5daa06f0cc2d631e33313b2e8362cb8bdb993b
788b4b39048d65197e129cde12a0318b15613d13cbaf3b6dd35b5fd91e8be6c9
789d44466608e5d2de16f5caf6aad55f0afc446952f8810b069d7d01a3066878
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7afdaea61634105c70e981c756567fc04351851dc3d6838bdde06e2c49981d65
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7ffa1e245e1050c5b2f786df681570610aa49ba99026ea88eeeae83768e7c577
80db4ccdca106d37b920206331fcfe3e9e50a9e763d89b54ce3ad5ac8cf30f03
8123dc2bf66e2ac6977d94fe97c53156eeccde550b99431793c630e765897aee
8362ddb41ad6c8de8d57428d543f7c8e275359a8bd65aa03eb281e7ee78b1682
839ce8e32e994f4fb4af526183b8f41ba67e47c7025746cc94e7e6a53d3d3453
844829ead970ef4bc2d2bbf57fdb51755fc2a9794feeb52068563fcce6786f2a
84629f054c51c83949720ba6d3a6c2b96a2fbed56cc1998f6d6a4d0217fd70b8
860f6849405ded0f1a3355ee55e903d33574b5bb5344535f6000d780ffd6eadc
8675f1eb8a8978acc4c76b7ff445871ed2ef295f2461827ac61a9d448d02772f
870edf443f59221efe805992e7cabeaa4a3fdcfc04c4107b52811da7db594444
8a091a670b6bf03510fc7a1b3c74a417c4a8c8937f7fb0c9a1517a95bdd7ab18
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
8cecc8b64b82548bbb2be5f8c99b5627651823b80fb19ece83bcd1376750abb0
8fd8b17d1cca9c81a630a645df8623ba96e19d438a6334717d5344d9da8f36df
910383f79555d6f0da5769a690b82e7d6b04de4cf323c7c3094c9c4c686869b6
914ed31c7f957f4e8dbf859a17327018ece2bdbe265221081f9883209315b61a
925a568589e442d18b799561988bfdf08dbe884bfd69e39897e5c4ddcb0607f6
927550b942ae6c680462d1661a5dbf8b35b8ae0c0244c35ba83ba59342f8b77f
92a3da7e023faa5efdb821376847fc63adcf870f6a266382c5a047cb391d140b
93105cd34643124ed3c75950288c7a349d91f46ff7f2022c04c3fc3d0163fed1
9477b0eabcf7c7f172e669724aabb59ab4560a0c38b3285bef9565375e5b0340
954feaac3e4d250adaa4bff3627232864e0adbbd335a3acb429f52d08d5a4c66
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
99755ba65ab6685d4f906616e458708b1f4f520b04246a90cb4771298dcc5cf1
9ae547d873d0757ff807c4550057922a97896b048829deac4a75bb867714d245
9b5670c5f23a28f85b4e0db49aa2258084e7ca0a0f2634cbfcea0709dede7d17
9c4885210d309a9a034d612e9ab2c94165b0c6f1bf5e528005b985ae04c9e65b
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57
9e680c66e05823f2025b9ae6a1c718d747489d10945cb07dcc6ddc0aa4d79f01
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4bde84b13036b0ad7990f9c01c125afb0739602543fd297be1bc1fd93c5e42b
a5f793203c48c6859d6ebddcac6b82af63b602decbb17d18f3bb58f3e5c71a18
a78c3b18286d9ca14ef932c356a0d639e14d4feca770f166fac39c961d2d672a
a7b77ae7942b4f4f954aae414f69551d6ffbb256552f0cc6169f26acea9352cd
a806b4c04bc4cfc3560f0378abde0d9206a1dfe45a9e0026a46c96c0ea457e59
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a90eaae6e8b4647b24381977d7a0328faf314a1a270d1b50fef7bd108c9b9b23
a9f25c4d5160e7ace112ba14e8e4d454b53676fa2e15d72407e4413344704387
ad15da7b2254e02ef6735e5ab28b8acf6f11c916eb164cdc9c0803c643e6a20f
b0f4d5c2876c80d64a5a08bb895553b12aa17ce4638a83b00728cb005ea93da5
b33af96afa6fdad71f651f1168fa09ffd8406518d9b64eda37c08905c32c967f
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b5288a94e5c345b0e965023a09197f7b20c79c18bb8f310419acd30bc6cd1f3a
b5b7440eb01b4db530c8b12650e39b4a3bfb1b49b7518c76b08bb6e8b8434a2f
b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12
b8d155725fe88d694620d079e6e05f63984d946ce379b51e4479b484e3081059
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
bf0aa24d09af1cf519a71ab5810beada6d9519e92e9203719edae4f47c793630
c1eb9b73f36bea013f05892268b4a32f864fe34e82da110e1e2eaa0609daae4e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c2b47320adc1e427a1234366a38883d8de08b950cb428b06f21ef2d040bb3311
c5b39b79333187d9e4c63bd67c5cde42dfe4e9fa1b239d2ae38ae051e1a78192
c5e3627b8257b3e793e1b9da27fa3cf1b6bf7e0d1b345688cdabb3464cddda7a
c7b65c03d60db7c5aad8a05654c8ab584b87bb9bfb230d094d7073a453a4ab5c
c8c9a350e7829cfac4319d5f7f8e4684cd936834be4e1f3914e00652c5013a47
cccabc8727cb6288e07cb25db11c24112e286a49866da3f54007c35a7639f87f
ccd269eaad41f7da4278132de69c6f5006b1b25370e9dc4d6f38b9e9ef90e6ea
ce909c4473953c4cb77c836309b8a3c7bcd8c5c75cacd504804e230017c1d8ec
d069f62d3d09dd5dc5448e657402dcc8564c25db75731c4cb5d84dd866b8b3d8
d0fd985047ffa195756e1bd689a684c2df83baac1022ac7be2fd8fa037515cb7
d1abe31a63ea69ba668691d6bf5853ad2b3dc5c6ebfb44d4c79c2ab53146d572
d2bb5691ce2ad2dbd57eb4536f7a9bbd25a30087f9155e5cdabec008ac1bf63f
d61e4df77c6afcd42d14f58baf04f4791ef8831e064063b29b831045402755b4
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d8a3b4d5e6a0344f91c660574728fefe05d0f49d6cbd9dfb03a4d696b484cca5
d9149b5f9e35be0572e7809bbe20cdaca83abaa455747390c2a0a2432736df52
d954556a9ec67e4ce63d993d026abf4b6cab1fdd80d3df2d55a76f8c8aaef415
d97ca913935c9897ac4e255d17e14c8a3f0d8513681fe5b6736c4921fc5dd078
dbc8918f61ba21d8ef838a3f2ef4015aa51a0b423f4b951105e6a570114320b9
df10239e9f31b0a8cc0b08685e86e23f36ea9d3be2319b2b9027a34285289d86
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e0c0df92b5a53316fd9a0fd3798e0baf4bf144686012112844a1e63cfde47d87
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b61957a7f81c371fcb736ae466bb791a3bb7f4b04f7dbc314d5311c268b18e
e5bff5542d70285b876724144877e77ab6107741f249f45c8526bdc946aaf438
e6d91eb2f38a9f08227d73aa307bffdcbf5a0623366e513f9652691f4185f54c
e74daeb59e33900c5b0368788e4abfac629450748db66c9fa3043fe0e5370744
ea18c3a5e32aa1c7d32dfbcb23ca8bda53abdc5725f493722eef442be359dd21
ec418832f81757f2dabdeb42c3a92003efa4a7cdfc82bc075c024f54c45314e4
ec9114246d6354284832e8623b156ead037da4840b78134aaff6a2673e620b96
ecc6e8968ddd4b60324624cbec0c6109dafa5d300c2a1110b4585cda76c45139
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2116475431e0880e17c8e61c46f01a112ce8c57f55ead481d3183e7e0d3c9f
efb765a1617179ffe3d4edd370b9bb59a9258000dfe9cf2ff5b45be8da31ee75
f1e1dbea60536b45ce0a89366505945bb7dc4d38afdb97f34230de0869025771
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f64ee7777b9e05b8ae362ec6cc59591c7c173601ca863918c98e5bad116d35f6
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f711182c4381f0b702671ce864c0e634d6233ebb4698633aa42171e82f702338
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f85b4a17dbb3ad29c77ffdce7c5604d4888acfc880ecf6d51e488b378223fbff
f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549
f939f3939e6b712078490af7ea310a7323c7c6071d9d40d87dd64b9c2142c559
fafe94fc03a1a9cc6a9f7a77b978a143719cdfd9f410f47e7135e0bf3260c76f
fda343f34aee2d5ef34db727c0f1e549b26aa0ea1f702040aa232019d36059fe

v1.liveisl.com Open in urlscan Pro 2a00:1450:4001:827::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

386 Requests

68 %HTTPS

71 %IPv6

35 Domains

47 Subdomains

41 IPs

7 Countries

24568 kBTransfer

39110 kBSize

26 Cookies

7 Outgoing links

Page URL History

Redirected requests

386 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

v1.liveisl.com Open in urlscan Pro
2a00:1450:4001:827::2013 Public Scan

Screenshot
Live screenshot

Full Image

386
Requests

68 %
HTTPS

71 %
IPv6

35
Domains

47
Subdomains

41
IPs

7
Countries

24568 kB
Transfer

39110 kB
Size

26
Cookies

386 HTTP transactions
13 data transactions